[ New messages · Members · Forum rules · Search · RSS ]
  • Page 1 of 3
  • 1
  • 2
  • 3
  • »
Forum moderator: Sefica, mallaMaja  
Forum » Pomoc i podrska » Razni tutorijali » Virus i spuware (EN) (Tutorijal je na engleskom)
Virus i spuware (EN)
Sefica Date: Cetvrtak, 2012-10-18, 2:01 PM | Message # 1
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
ThreatFire Provides Protection Against Malware and Zero-Day Attacks

A necessary security practice is having Antivirus and other Malware protection utilities installed on your Windows computer, but they need constant updating to be effective against the newest threats. Today we take a look at ThreatFire from PCTools which runs along side your current Antivirus utility to add protection against Zero-day attacks.
About ThreatFire
ThreatFire is unique in the way that it works. When you use your computer, programs run in the background telling your computer what to do. When ThreatFire detects malicious or suspicious activity, it immediately terminates the activity, isolates the offending program and notifies you with an alert. This is a completely free utility that will run alongside your existing Anti-Malware utilities without causing any conflicts and protects where traditional signature Antivirus applications don’t.
A “Zero-Day” attack is when unwanted malicious code exploits security holes in operating systems and/or other program applications. The security exploits are usually not known about by the vendor and haven’t been patched yet. The attack continues until a patch is created or until Antivirus signatures are updated so they can detect and eliminate the threat. ThreatFire employs ActiveDefense technology which uses behavior analysis that will protect your computer from threats before your Antivirus has updated the signature database.
Using ThreatFire
The installation is straight forward and easy to do. It doesn’t conflict with any other antivirus or antimalware applications so there is no need to worry about disabling other protections.

After installation you will be protected against threats immediately. The first thing you will see is the World Wide Detection Map that shows some of the most recent threats ThreatFire has detected within the community.

When a threat is found you will get an alert screen where you will get additional information about the threat and decide what actions to take against it. Each type of threat is color coded for different types of threats. The Gray Alert is for potentially unwanted software.

The Yellow Alert show potentially malicious software.

The Red Alert shows that a malicious application has been disabled and quarantined.

Another cool feature is finding out more about the threat. Your default web browser opens and goes to the ThreatExpert page which contains a lot more detailed information regarding the threat that was disabled.

It includes plenty of different settings you can configure to your liking like the sensitivity level, updates, default actions…etc.

In Advanced Tools you can change Rule Settings and access a System Activity Monitor which is a handy utility to see what services and applications are running and get detailed information about them.

You don’t need to run any scans for ThreatFire to do its job (monitoring in real-time for active threats) but it does come with a Rootkit Scanner. A rootkit may contain several pieces and the Rootkit Scanner dives deeper into your system seeking out any hidden files, registry keys or other objects that may be part of one. You can schedule rootkit scans to occur on a regular basis.

It is very light on system resources while running in the background.

Conclusion
If you want to get extra protection for your PC you definitely want to try out ThreatFire. It runs virtually silently in the background until a threat is detected. We installed it on a fresh installation of Windows 7 and proceeded to attempt to infect the computer similarly to Asian Angel’s infected system in a previous article. We didn’t get very far because ThreatFire identified all of the malicious software before we were able to install it. Not everything came up as a Red Alert but it is nice to have ThreatFire identify Crapware like “my web search” and display a message so you can at least get more info on it before installing. This is a definite level of protection you should add to the Anti-Malware arsenal, and the coolest part is that it’s completely free for home users.




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:01 PM | Message # 2
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
Ask the Readers: Share Your Tips for Defeating Viruses and Malware

We’ve shared some of our best tips for dealing with malware over the years, and now it’s your turn! Share your favorite tips for protecting against, or getting rid of viruses and other types of malicious software.

Unfortunately, if you’re a PC user it’s a given that you have to play defense against various forms of Malware. We’ve written several articles showing how to get rid of viruses and other forms of malware over the years using various strategies.
We have some excellent articles explaining how to get rid of Advanced Virus Remover, Antivirus Live, Internet Security 2010, and Security Tool – all of which disguise themselves as legit antivirus apps.
Now we turn it over to you to share your favorite tips and tricks for defending against malicious infections. If your computer has been infected, what steps did you take to get rid of it and clean up your machine?




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:02 PM | Message # 3
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
Enjoy Safer Web Browsing with WOT

Need a quick and easy way to tell if a website is bad news for you to visit? With a quick installation, WOT (Web of Trust) provides security and peace of mind while browsing the Internet.
Note: At the moment, the fully functional version of WOT is only available for Mozilla Firefox and Internet Explorer. There is a limited function bookmarklet version available for Opera and Safari (link provided at bottom of article).
Bonus: See the result below for adding WOT to Google Chrome (version 3.0.190.4)!!
Setup in Firefox
The extension for Firefox installs in the same method as other extensions and once you have restarted your browser, you will see the following window asking you to accept the “WOT End-User Software License Agreement”. Click “Accept” to activate the WOT extension.

Once you have accepted the license agreement and Firefox has started, the WOT button will be located at the left side of the address bar (default location). As with other aspects of the Firefox interface, you can easily move the WOT button to a new location that best suits your needs.
The first thing that you will see in your browser window is the option to choose the level of protection that you desire. For our example, we have gone with the Basic (recommended) level. Click “Next”.

After choosing the level of protection that you desire, you will be given the option to create a WOT account. Not only will this give you access to all features, it will also give you the opportunity to rate websites that you browse or run across in your searches on the internet.
Note: You may click on the Red X to close the second window and WOT will still work without problems, but you will not have access to all available features.

For our Firefox example, here is the rating shown when visiting the How-To Geek website. All green and definitely all good!

For a more comprehensive look at how a website has been rated, click on the WOT button to show the WOT ratings window.

Setup in Internet Explorer
The setup process for Internet Explorer is similar to Firefox and uses an msi file. Before you can begin installation, you will have to accept the “End-User License Agreement”. The install process is then very quick and easy to finish up

As with Firefox above, Internet Explorer will start and you will be asked to choose the level of protection that you desire. Click “Next”. The location of the WOT button can be moved around the same as other toolbars on the Internet Explorer interface. For our example, it has been located on the right side below the address bar.

As above, you will have the opportunity to create a WOT account.
Note: You may click on the Red X to close the second window and WOT will still work without problems, but you will not have access to all available features.

Instead of visiting a singular website after installing WOT in Internet Explorer, we used Bing to conduct a web search for “anti spyware” in our example. As you can see, WOT is displaying a rating for each link shown in the search window (extremely nice!). This can certainly save you from getting an ugly surprise with a less than reputable website.
Here you can see the whole range of colors displaying with the links (green for the 1st, white for the 2nd, red for the 3rd & 5th, and yellow for the 4th).
Note: WOT also works nicely with other search engines as well (i.e. Google)!

A look at the WOT ratings window for Bing.

Setup in Opera and Safari
To add WOT to Opera and Safari, visit the link provided below and drag the bookmarklet into your browser’s Bookmarks Toolbar. In our example, the bookmarklet was added to Opera’s regular Bookmarks Menu and to the Bookmarks Toolbar in Safari.
To use the WOT bookmarklet, you will need to click on the WOT Bookmark to activate the WOT ratings window and then click on the WOT Bookmark again to deactivate it. Simple as that!
Note: The WOT bookmarklet worked very well whether it was located in the Bookmarks Toolbar or in the regular bookmarks in our example.
Here is a quick look at the bookmarklet version of WOT in Opera…

And in Safari…

An Experiment in Google Chrome
Out of curiosity, we decided to see if we could get the WOT bookmarklet to work in Google Chrome. The result? Success!
To get the bookmarklet to work in Chrome, right click on the Bookmarks Toolbar and select “Add page…”. You will see the following window open up. Name the new bookmark “WOT”, copy the link address for the Opera/Safari bookmarklet, and paste it into the URL area. Click “OK”.

Here is our new WOT bookmarklet working very nicely in Chrome! The bookmarklet works on the same “click to activate and click to deactivate” principle as in Opera and Safari.
Note: This works equally well in the newest release of Iron Browser (version 3.0.189.0)!

Different Levels of Warnings
As you visit different websites, you will run across different color ratings for those sites. What can you expect to see when the website in question causes the WOT button to display a different color than green? Here is a quick color reference guide…

If you see a Yellow color for a website, the page will display normally as shown below. You can continue to browse the website in question or close that particular tab or window. It will be a matter of your personal comfort levels with the website in question.

A quick look at the WOT ratings window for the website shown above.

If you happen to visit a website that displays a Red color, the entire browser window will look like the one below. This is a lot like the User Account Control window shading in Windows Vista and Windows 7.
Here you can see a display of the individual category ratings and the options to “Rate the site as safe” or “Ignore the and continue”. The best thing to do is close that particular tab or window and stay away from the website.

A quick look at the WOT ratings window for the problem website shown above. Ouch! Not good at all!

Here you can see a website that displays the White/Unknown color rating. Expanding the WOT ratings window shows that some categories have already been rated, but not enough ratings data has been collected on the website yet to give it a full color rating on the WOT button itself.

Conclusion
WOT is an extremely easy to use and valuable addition to any browser that only takes a few minutes to set up. Your peace of mind is definitely worth it. Relax and enjoy safer browsing!
Links




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:02 PM | Message # 4
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
Exterminate Malware Efficiently with Spybot Search & Destroy

First we showed you how easily your computer can become infected with spyware, crapware, and other unwanted software—and today we’ll show you how to clean your system with Spybot Search & Destroy.
Important Parts of the Installation
As you are installing Spybot Search & Destroy, there are two windows that you should pay special attention to.
Here you can see the Components Selection Window. It is recommended to make certain that “Download updates immediately” and “Security Center integration” are selected.
Note: After installation, there may still be a few minor updates that can be downloaded.

In the Additional Tasks Window, it is definitely recommended to make certain that “Use Internet Explorer protection (SDHelper)” and “Use system settings protection (Tea Timer)” are both selected. This will help give you extra protection for your system.

Scanning for Malware
Once you have finished installing Spybot Search & Destroy and start it for the first time, you will be asked if you would like to make a “Registry Backup” before scanning with the software. It is recommended to make the backup…after all, backups are always a good thing.
As you can see in the following screenshot, Spybot Search & Destroy was already hard at work catching malware while still in the initial setup process right after startup (very wonderful!). Knowing that both of these were malware, we chose to have both processes shut down and deleted.

Once the initial setup process is complete, you will see the main Home Window. From here you can choose which action you would like to perform. For our example, we decided to “Search for Updates” just in case anything else was available (recommended).

As you can see, there were extra updates available for the Immunization database, the Tea Timer service selected during the install process, and an English language descriptions file. Once you have finished downloading any available updates, click on “Exit” to close the Updates Window.

Once the Updates Window has closed, you will be returned to the main Home Window. Now is a good time to go ahead and Immunize your system. Here you can see the amount of Immunization that is available to be applied (Unprotected versus Protected). Click on the “Green Plus Sign Immunize Button” to apply the Immunization. This not only helps your installed browsers, but also boosts your Hosts File as well.

After the Immunization is complete, you can see the shift in numbers from “Unprotected” to “Protected”. Now it is time to start scanning for malware. Click on the “Search & Destroy Button” on the left side of the window.

To start scanning, click on the “Check for problems Button”.

Once scanning has started, you will be able to easily track the progress using the color bar and numerical counter at the very bottom of the window. You will also be able to see which type of malware Spybot Search & Destroy is searching for at any given moment beside the numerical counter.
While scanning our example system, you can see that Spybot Search & Destroy was building a list of the malware (amount and type) that it had already found.
Note: Spybot Search & Destroy will take a while to complete the scan, so be patient. The wait is well worth it!

Once Scanning is Complete
After Spybot Search & Destroy has finished scanning for malware, it will list the number of problems found in the lower left corner of the window. In the main part of the window, you can see the compiled list of what has been found.

Clicking on the “Plus Sign” beside each entry will allow you to see information about each item found (i.e. Registry value, File, Location). The great thing about the compiled list is that you can go through to check for false positives (if any) and deselect those particular entries. You can be very specific in what is or is not removed (very nice!).

Removing the Malware
Once you have checked over the compiled list, click on “Fix selected problems”. You will then see a confirmation window asking if you want to continue. Select “Yes” to start removing the malware.

There will be a large green checkmark beside the entry for each item of malware on the compiled list that was successfully removed. If some of the malware discovered is in active use at the moment, you can choose to have those items removed when you restart your computer. Select “Yes” to activate this option.

Once you have clicked through the confirmation window shown above, you will see the following message window providing details about the number of problems fixed. If there are problems that will be fixed during a reboot, those will be shown as well and you will be asked to restart your computer. Select “OK” to restart.

Malware Removal During a Reboot
If you have malware that is being removed during a reboot, Spybot Search & Destroy will also conduct a whole new scan as well during the process in case any malware tries to reestablish itself during restart. Your system will not finish restarting completely until the scan is complete, so you can expect to see a black screen.
Note: This scan will likely take longer than the regular scan to complete, so if you have something else to work on or a book to read while waiting, feel free to do so. Spybot Search & Destroy will let you know when it is finished.

As you can see from our example, part of the malware did try to reestablish itself during the restart but was easily caught by Spybot Search & Destroy. To remove any malware problems found, select “Fix selected problems”. Once you have clicked “Fix selected problems”, your system will then finish restarting.
On our example system, the processes caught trying to reestablish themselves had startup entries that created repeating momentary popup windows with messages showing that they were failing to load. So it is recommended to go ahead and do another restart at that point. Once your system has restarted, sit back and enjoy how clean your system has just become!

Conclusion
While Spybot Search & Destroy is not the fastest anti-malware software, it is very meticulous and efficient in eliminating malware from a computer system. So this is definitely a recommended anti-malware app to have around.




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:04 PM | Message # 5
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
How Does Spyware, Malware or Crapware Get on My Computer?

Have you ever wondered how malware, spyware, scareware, crapware, or other undesirable software might get on a computer? First we’ll illustrate how easily your system can be infected, and then we’ll show you how to clean it up.
Our example system, running Windows 7, was set up from a worst case scenario point of view: Someone who was only interested in quickly getting to all the “fun stuff” on the internet with absolutely no concern for personal or computer security.
Freshly Installed – Pre Malware
Here you can see the number of processes (and type) that were running on our freshly installed Windows 7 system. The install was so fresh that the only protection that this system had was the Windows Firewall and Windows Defender to keep the malware and virus hordes at bay.

How Some Malware Gets On Your Computer
Malware, spyware, and other junk software makes it onto your computer for a number of reasons:

You installed something you really shouldn’t have, from an untrustworthy source. Often these include screensavers, toolbars, or torrents that you didn’t scan for viruses.
You didn’t pay attention when installing a “reputable” application that bundles “optional” crapware.
You’ve already managed to get yourself infected, and the malware installs even more malware.
You aren’t using a quality Anti-Virus or Anti-Spyware application.

Watch Out for Insidious Bundled Crapware
Editor’s Note: One of the biggest problems recently is that the makers of popular software keep selling out, and including “optional” crapware that nobody needs or wants. This way they profit off the unsuspecting users that aren’t tech-savvy enough to know any better. They should be ashamed.
On our example system we installed Digsby Messenger, a very popular “reputable” application. This was the regular install version and as you can see in the following screenshots, there are attempts to get you to install undesirable software or make “not so good” changes on your computer. If a person is not careful, then their system becomes infected.
Here you can see the attempt to add the “My.Freeze.com Toolbar” to your browser(s)…definitely not good! Notice that while it does state that the software may be removed later, some people may 1.) Not notice it (lack of attention), 2.) Be in too much of a hurry to install the software to notice, or 3.) Not be familiar or comfortable with removing the software after it is already installed on their system.
The real trick with Digsby (and other software that is set up with the same installation style) is that clicking on “Decline” still allows the installation of Digsby itself to proceed. But can you imagine how things can end up for those people who may think or believe that the only way to get Digsby or similar software installed is to click on “Accept”? It has a really deceptive style!
Note: For more, read our article on avoiding crapware when installing Digsby.

A very obvious attempt to make “My.Freeze.com” the new homepage for your browser(s). Once again the “Decline” versus “Accept” dilemma combined with a checkmark selection choice…

If you have many programs that attempt to install “value-added” software like this on your system, you will quickly find that the majority (or all) of your operating system’s resources are being used up by malware (i.e. background processes). You are also likely to find that you will have unstable or very sluggish browser response, and are likely to have your personal and computer’s security compromised.
Just How Quickly Can a System Become Infected?
It only took 2.5 hours to reach the level described in our article…simply surfing wherever for “whatever looked interesting or different”, downloading things like screensavers, file-sharing applications, and installing questionable software from advertisements.
The possibilities for becoming infected with viruses or malware were rather high with little to no protection or forethought given concerning what was installed or for the websites visited. Searches for various “less than desirable” pictures, screensavers, clicking on ads, etc. made it very easy to find trouble…perhaps the better way to phrase that is that it was very easy for trouble to find our example system.
Here you can see a screenshot of the desktop of our example system. Notice that there are icons for file sharing programs, fake anti-malware programs, icons for various screensavers, less than nice websites (possible additional infection vectors), and a virtual dancing woman. Nothing good here!

Here is a look at the Start Menu…notice that some of the malware has obvious shortcuts in the Startup Folder, but there were plenty on our example system that were not shown in this folder.

A quick look at an over abundance of toolbars plaguing Internet Explorer 8…by this point the browser was already having some problems starting properly (very slow), some episodes of crashing, and some browser hijacking had occurred.

Taking a peek at the Program Uninstall Window shows a variety of malware and undesirable software types that were on our example system.
Note: These are the ones that actually bothered with listing an entry in the Uninstall Registry.

A Good Look at Scareware
What is scareware? It is software that once installed on your system will try to trick you into believing that you have a highly infected system with some very high “numbers of infections” found. These programs will constantly bother you to register and purchase the software in order to clean up your computer system.
Here you can see two examples of well known scareware. SpywareStop and AntiSpyware 2009. Do not be surprised if you notice that these two “separate” softwares seem to be extremely alike in looks, style, and operation. They are exactly alike…the same wolf just different sheep skins. This is a common practice to stay ahead of legitimate anti-malware and anti-virus software and not be deleted before hopefully being purchased by unsuspecting computer users.
A good look at the two screens that appeared every time we started our example system…absolutely no hesitation to “remind us” how infected our computer was and that we should register the software now. Disgusting!!
Note: The SpywareStop website was presented to us courtesy of a browser hijacking…and of course we were encouraged to install it.

The main window for SpywareStop…oh so quick to try and encourage you to remove the infections.

The System Tray pop up window for SpywareStop…

What do things look like if someone went to register the software and purchase it? The registration starts with a request for basic information including an e-mail address. Chances are the addresses harvested in this manner will be sold to spammers…the potential for a little extra income will definitely have an appeal.

Notice that additional services and software are readily available! Nothing like an opportunity to make even more easy money once they have someone this far in…and of course you can use your credit card. How convenient for them…

The ever wonderful cousin to SpywareStop…the infamous AntiSpyware 2009 (also very well known with the 2008 designation).

And the wonderful System Tray pop up window for AntiSpyware 2009…the fun never stops!

What about registration for this one? Take a good look at these two screenshots and compare them with the two shown above. There is so little difference…yet another sign that these are identical scareware programs with altered user interfaces and alternate websites.

How nice! More additional software available for you to buy and the ability to use that credit card and PayPal!

Some Other Things That Come with Malware
Here is another irritating feature of some malware. Nice pop up windows harassing you to take surveys or do other things. This was an additional “gift” from one of the programs installed on our example system.

A Look at the Processes Running After Infection
Compare the screenshot of running processes shown at the beginning of the article and then the running processes shown here. You can already see a significant increase. Not good for you or your computer!

Conclusion
While nothing super horrible got onto our example system within those 2.5 hours, it is still easy to see just how quickly a system can start to become a mess. Imagine a system that has been exposed for a much longer period of time and is heavily infected! The best approach is to avoid trouble from the beginning. But if you find yourself or someone you know with an infected system then take a look at our upcoming series on removing malware from an infected computer.
Note: By the time the short “infestation period” was finished on our example system, the Windows Firewall, Windows Defender, and the Security Settings for Internet Explorer had all been either 1.) Turned off or 2.) Set to the lowest possible settings. In addition, no legitimate anti-virus or anti-malware software was installed. This system was totally unprotected in exchange for so-called “speed and convenience”.




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:04 PM | Message # 6
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
How To Get Rid of the wmpscfgs.exe Virus, a Reader Contributed Guide

How-To Geek reader Kan wrote in with a full guide to getting rid of the nasty wmpscfgs.exe virus, and we figured we should just share it with everybody, just in case anybody else comes across the same problem in the future.
Note that this is a specific guide to getting rid of a specific virus, and was tested by a specific reader. We’ve not tested these steps personally.
Symptoms of the wmpscfgs.exe Virus

If you have Malwarebytes or Superantispyware software, these guys will detect it on every scan and will try to remove this virus. But the virus will just come back after a reboot. Even a safe mode boot (with or without network) will not work.
A about IE not being your default browser will always popup without even clicking or opening up IE. I would not advise to click either yes or no on it. Just move the window in one of your monitor corners and see solution below.
Windows UAC will misbehave and will keep on prompting whether you want to execute a previously executed startup program. This is gave the virus away for me hence i start scanning and investigating. If you try to allow one, UAC will be disabled. Strangely enough, if you enabled it, windows doesn’t prompt you to reboot which is also a giveaway that something is wrong! As changing the UAC settings will definitely ask for a reboot.
Microsoft Security Essentials will detect that your startup programs (virus software, anti spyware/malware software, etc are viruses) and flag it as a virus. Another giveaway that something is awfully wrong!

If you have the above symptoms, you pretty much have the virus I had yesterday. Here is what you can do to get rid of it. Don’t bother about scanning as scanners cant fully fix your problem and will end up corrupting your applications.

Boot in safe mode. The reason for this is that in safe mode there is not much processes running. You need this setup in step 9 below as this virus is a nasty one.
Open up windows explorer and go to Tools -> Folder options .
a. Make sure the following are TICKED -> Show hidden files and folders
b. Make sure the following are UNticked -> Hide Extensions for known file types
Go to the following directories (this is for vista home premium):
C:\Program Files\Internet Explorer
C:\Users\user\AppData\Local\Temp
And you will see there a file called wmpscfgs.exe. Delete them.
Open up your task manager, make sure the ’show all processes’ is ticked and look for the same process. If it is running. Kill it.

Starting this part, steps needs more technical experience. If you are not comfortable in doing the below steps, look for someone that can help you.

Open up regedit and go to: HKLM->Software -> Microsoft -> Windows -> CurrentVersion –> Run
Look for Adobe_reader entry with data: “%ProgramFiles%\Internet Explorer\wmpscfgs.exe“. Delete it. For me from this point almost all of the things written in the NET currently don’t have the steps below. And its the reason why this virus keeps coming back.
Hopefully you dont have much applications under “HKLM->Software -> Microsoft -> Windows -> CurrentVersion -> Run”. Because you have to visit each one of them literally because this virus hijacks almost every application in the RUN list above.
Basically it renames the old exe file from say “mcagent.exe” to “mcagent .exe”. With a space between the filename and the “.exe” or extension. It will then create a copy of itself with the same filename as your executable file so that when someone executes your file, the virus will be executed first then your file. It will do this for every apps you have in your Run list. Thus if you go to the location of say of McAfee mcagent.exe application you will see two to three files with almost the same filename:
mcagent.exe -> which is a 39 KB file, and very recently created and which is the virus that keeps adding back that wmpscfgs.exe file.
mcagent .exe -> the original mcagent file, renamed.
mcagent.exe.delme -> delete this one as well. I don’t see this occurring every time, but i have seen some apps with this file in them and very recently created.
You first need to kill the corresponding process of the infected file if they are running in task manager, manually remove the existing .exe file which is around 39KB only and rename back your old executable file to its former filename. Repeat this for every application you have in your Run list above. The only thing that i saw this virus didn’t infect was the windows defender application. The rest in my Run list were screwed. Uninstalling and reinstalling them doesn’t help as well as the former Trojan exe file will be retained in the application directory. This is the reason why Microsoft Security Essentials was complaining that your startup executable files are viruses.
Once you have verified that each application in your run list has been restored. To be fully sure that you don’t have any such files lingering in your system, do a drive search for any file that has 39KB size and has just been recently created and examine each one carefully if they are just copies of your original executable file. Follow step 7 for each occurrence of it. So far, i only saw this virus attach itself into executable files.
If you want to be 100% sure, next thing you need to do is double check every process running in your task manager if they are legit. Some process specially those started by system wont be able to take you to its process file, its ok, but most of them if you do a right click in them, you should see an option there called “Open File Location”. Then follow steps 7 above.
Reboot and that’s it!




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:04 PM | Message # 7
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
How To Install the New Digsby Without Getting Crapware

Once again, there’s a major new version of Digsby, the multi-protocol instant messenger client that works pretty well… if you can deal with some of their unethical past. Last year, we told you to be careful not to install junk software when installing Digsby, then we figured out that Digsby had joined the dark side, and started using your PC to make money without giving you a real choice in the matter.
They partially repented of their ways, making things a bit more transparent—and we’re happy to have pushed them towards the light… but their installer still leaves crapware checked by default, so users that don’t know any better are installing worthless toolbars and allowing Digsby to use their PC for research projects.
First, during the install there’s a screen where you’ll need to uncheck BOTH boxes to keep from installing the absolutely pointless Ask Toolbar. (Seriously, who would want that?)

Then, on the very last screen, make absolutely certain that you UNCHECK the two boxes at the bottom, which are checked by default. These settings let Digsby use your PC to make money with research projects, and give them your revenue from ad clicks.

I’m sick and tired of opt-out installations that bury this stuff in the installer—to take advantage of those who are less tech-savvy. It’s a pathetic business model, and everyone who does it should be ashamed.
Download Digs… oh never mind. No link deserved. Personally I’m sticking with Pidgin.




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:05 PM | Message # 8
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
How To Remove Advanced Virus Remover and Other Rogue/Fake Antivirus Malware

If you have a PC infected with Advanced Virus Remover, you’ll probably find that this is a tough one to get rid of. Thankfully we’ve got the instructions to help you defeat this terrible virus.
Advanced Virus Remover is one of many fake antivirus applications like Antivirus Live or Internet Security 2010, which are really just rogue viruses that hold your computer hostage until you pay the ransom money. They tell you that your PC is infected with loads of viruses, even though it’s the only virus on your computer. The biggest problem with these things is that they block you from doing almost everything—you can’t use task manager, Safe Mode, or even install a real malware removal tool.
Advanced Virus Remover is Terrible!
This thing just covers your PC with messages about viruses that they claim you have…

There are popups, messages, and just dozens of windows that open…

Their goal, of course, is to get you to pay them.

Advanced Virus Remover is tricky… if you open an application more than once, it’ll block you from opening it again, preventing you from installing any anti-malware tools (I tried both SUPERAntiSpyware installed edition and MalwareBytes, no luck) Note that it also changes your wallpaper.

Advanced Virus Remover also prohibits you from heading into Safe Mode, where you at least might have a better chance of getting rid of it.
Removing Rogue Fake Antivirus Infections (General Guide)
There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:

Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
If that doesn’t work, reboot your PC into safe mode with networking (use F8 right before Windows starts to load)
Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
Reboot your PC and go back into safe mode with networking.
If that doesn’t work, and safe mode is blocked, try running ComboFix. Note that I’ve not yet had to resort to this, but some of our readers have.
Install MalwareBytes and run it, doing a full system scan. (see our previous article on how to use it).
Reboot your PC again, and run a full scan using your normal Antivirus application (we recommend Microsoft Security Essentials).
At this point your PC is usually clean.

Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).
So, Let’s Remove Advanced Virus Remover!
Turns out that the answer to getting rid of this virus is really simple—you’ll just need to grab the free, Portable edition of SUPERAntiSpyware, which we’ve featured as our favorite must-have spyware removal tool, and put it on a flash drive (from another computer).
Then open it up on the PC, making sure to run the scan immediately. Don’t close it and re-open it, or Advanced Virus Remover will figure out what you’re doing and block you!

Once it’s all done, it’ll get rid of the bad stuff.

Then you’ll be prompted to reboot, which you should probably do.
If Advanced Virus Remover Blocks SUPERAntiSpyware
If you have an issue running SUPERAntiSpyware, you can try and use the following technique. Open up the Windows Run box with the Win+R shortcut key, or through the start menu. Then type in the following commands, hitting enter after each one.
Kod:
Code

     taskkill /f /im winupdate86.exe
      taskkill /f /im winlogon86.exe


Note that this may or may not help… the goal is to try and shut down the processes that are blocking you, and malware changes filenames all the time. You can also open up Windows Explorer, head into the Windows\System32 folder, and try and locate the bad processes there (hit the properties screen on some recent, odd-looking files), then use the taskkill command to get rid of them. This technique is how I usually figure out what the virus is hiding under, so I can easily kill it with just a few keystrokes.
Cleanup the Leftovers!
Since I never like to fully trust a single anti-malware tool, I usually run multiple passes from multiple malware removal tools. I highly recommend running a second pass with the free edition of Malwarebytes Anti-Malware. (see our previous article on how to use it).

You might notice some more messages popping up from the virus—in this case, my SUPERAntiSpyware definitions were out of date (because I wrote this article before the official portable version came out, so I was using my own hack to create a portable edition).
Just ignore any messages, and continue with the scan, letting Malwarebytes remove everything else.

At this point you’ll want to reboot your system, and then install Microsoft Security Essentials and run another full scan. Can’t hurt to be too cautious! We also highly recommend Microsoft Security Essentials for real-time protection against these types of things.
Note: If you used a thumb drive at any point during this process, you should make sure and scan that as well—I’ve had viruses hop over to the thumb drive, ready to infect the next machine.




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:06 PM | Message # 9
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
How To Remove Antivirus Live and Other Rogue/Fake Antivirus Malware

If you’ve got a PC infected by the Antivirus Live virus, you’ve got a tough job ahead of you to remove it. And we’ve got the instructions to help.
Antivirus Live is one of many fake antivirus applications like Advanced Virus Remover and Internet Security 2010, that are really rogue viruses that take your computer hostage—then they tell you that your computer is infected by viruses, and you have to pay them to get rid of the fake viruses that aren’t really there. It’s a huge problem, and they are not easy to remove, because they block virtually everything you try and run, including real anti-malware tools

Removing Rogue Fake Antivirus Infections (General Guide)
There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:

Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
If that doesn’t work, reboot your PC into safe mode with networking (use F8 right before Windows starts to load)
Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
Reboot your PC and go back into safe mode with networking.
If that doesn’t work, and safe mode is blocked, try running ComboFix. Note that I’ve not yet had to resort to this, but some of our readers have.
Install MalwareBytes and run it, doing a full system scan. (see our previous article on how to use it).
Reboot your PC again, and run a full scan using your normal Antivirus application (we recommend Microsoft Security Essentials).
At this point your PC is usually clean.

Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).

Let’s Remove Antivirus Live
The first thing you’ll want to do is reboot your computer, and hit the F8 key right before Windows starts loading (you can hit it a bunch of times). Then select the Safe Mode with Networking option.

Before you do anything else, you’re going to need to fix the internet connection to work, because Antivirus Live changes IE to use a fake proxy server that prevents you from getting to anything else—and will also prevent you from installing and updating a real anti-malware software.

Now you’ll want to install SuperAntiSpyware (linked above), which you have hopefully downloaded via another computer already, but safe mode with networking should allow you to download and install it.
Once you load it up, it’s going to do some analysis…

Then you’ll see the full application screen, where you’ll want to use the Check for Updates button to make sure you have the latest definitions. Once you’ve done that, click the Scan your Computer button.

Select your primary drive at least, though you should pick all the drives, and then click the Perform Complete Scan button.

It’ll run for a long time, detect a bunch of stuff, and then you can proceed through the wizard to actually removing it all…

Once it’s all done, you can reboot the PC again (just make sure to go back into Safe Mode again).

Next you’ll want to install Malwarebytes, make sure to check the Update tab for the latest definitions, and then perform a full scan of your system.

Malwarebytes will find even more malware that SuperAntiSpyware missed (seems like you always need more than one util to get it all). Just be sure to click the Remove Selected button to get rid of the rest.

At this point you’ll want to reboot your system, and then install Microsoft Security Essentials and run another full scan. Can’t hurt to be too cautious!
Note: If you used a thumb drive at any point during this process, you should make sure and scan that as well—I’ve had viruses hop over to the thumb drive, ready to infect the next machine.




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:09 PM | Message # 10
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
How To Remove Internet Security 2010 and other Rogue/Fake Antivirus Malware

If you have a PC infected with Internet Security 2010, you’re probably reading this article so you can understand how to get rid of it. Thankfully we’ve got the instructions to help you get rid of this awful thing.
Internet Security 2010 is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.

Note: If you just want the instructions to get rid of it, you’ll want to scroll down a bit.
Anatomy of an Infection
Normally these infections start with a popup message like this one, coming from a rogue site or malvertisement—and they are often served up from porn sites, though these viruses are not exclusively from there.

IMPORTANT NOTE
If you’re a regular How-To Geek reader, you’re probably savvy enough to know how to avoid actually installing these things, but there’s a good chance that your mom isn’t. If you’ve got a relative that doesn’t know what they are doing, here’s what you should tell them to do when they get a popup like this one:
Kod:

HOLD DOWN THE POWER BUTTON FOR 10 SECONDS!

Seriously. If they really are infected with a real virus, powering off won’t be any worse. Some of these things are tricky and will try and install themselves no matter which way you click, and they look just like a real Windows error message. Powering off is just the simplest and best option for non-tech-savvy users. And yes, this is exactly what I tell my mom to do.

Moving Forward…
Once you click the popup message, you’ll be presented with a page that looks like your My Computer view, telling you that your PC is infected. Nevermind that no real antivirus looks like this, regular PC users don’t know any better.

After a few seconds of this, you’ll be presented with a popup dialog in the web page that says your PC is infect, and you can click the button to Remove all. The dialog looks real, and can even be dragged around the page—in my research, this seems to be the point where most regular users get confused.

Once you’ve clicked it, you’ll be prompted to run an installer—which you might note has a number of s.

As soon as the installer is able to execute, you are infected.

You won’t be able to open up any applications…

And you can’t remove it from Control Panel.

Removing Rogue Fake Antivirus Infections (General Guide)
There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:

Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
If that doesn’t work, reboot your PC into safe mode with networking (use F8 right before Windows starts to load)
Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
Reboot your PC and go back into safe mode with networking.
If that doesn’t work, and safe mode is blocked, try running ComboFix. Note that I’ve not yet had to resort to this, but some of our readers have.
Install MalwareBytes and run it, doing a full system scan. (see our previous article on how to use it).
Reboot your PC again, and run a full scan using your normal Antivirus application (we recommend Microsoft Security Essentials).
At this point your PC is usually clean.

Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).

Let’s Get to Removing Internet Security 2010
The first thing we’ll want to do is kill the virus that’s currently running on the system, and there’s a really easy way to kill Internet Security 2010 without downloading any special software just to kill it (we’ll still need to download something to clean it, however).
Open up the Start menu, click the Run button (or use the Win+R shortcut key), and then type in the following:

Code
taskkill /f /im is2010.exe


Hit the Enter key, and the main virus window should go away. After you’ve done that, you’ll want to quickly execute the following commands:

Code
taskkill /f /im winlogon86.exe
  taskkill /f /im winupdate86.exe


At this point the virus isn’t currently running on your system—but it’s still lurking in the shadows, but you can actually run any malware removal tools that you’d like.
Use SUPERAntiSpyware to Clean the Malware
Now that we’ve killed off all those processes, we’ll get to removing the actual malware from the system by downloading SUPERAntiSpyware and installing it. You should be able to grab the full version, or you can use the portable variety that we’ve already recommended.

If you grabbed the full version, make sure to use the Check for Updates button, and then click the Scan Your Computer button… make sure to perform a Complete Scan, and select all of your drives.

It should easily find and kill all of them. You’ll probably note that on this particular machine that I was using in the screenshot, there was a lot of other bad stuff that it caught as well. Woot!

Once it’s done, it’ll let you remove them all in a click, and then prompt you to reboot… you shouldn’t reboot yet. Job isn’t done, however!
Install Malwarebytes and Scan
Next you’ll want to install MalwareBytes and run it, making sure to run a full scan. The main reason to do this is because there’s no way a single malware removal tool can know about every single piece of malware out there, and you may as well make sure your system is clean.

Install Microsoft Security Essentials

You should definitely install Microsoft Security Essentials and run another full scan once you’re done.
Note: If you used a thumb drive at any point during this process, you should make sure and scan that as well—I’ve had viruses hop over to the thumb drive, ready to infect the next machine.
Sidebar Note
Here’s an interesting fact for you—the two processes that we killed earlier are actually from Advanced Virus Remover, another awful malware we’ve previously told you how to get rid of. Clearly they are both developed by the same jerk.

The winlogon86.exe seems to be mostly used to show messages like this one:

While winupdate86.exe is responsible for blocking you from opening other apps, and re-launching the main Internet Security 2010 window.

Note: Robert, one of our excellent readers, wrote in mentioning that you can often just leave this window open, and then continue to install any malware removal tools you like. Here’s what he had to say:
There is one little trick that you missed, that I mentioned on a different post that was similar to this one. When it pops up with the error message saying; “Application cannot be executed. File is infected.” ..etc… Simply *MOVE* that message box to the corner of the screen, and you can install SuperAntiSpyware just fine.
There appears to only be one instance of that “error message” that will run at any given time. You will get multiple errors, you won’t get that obnoxious sound that computer makes when it tells you that you can’t do that…. Now, if you hit “OK” you’re just asking for a headache.
Great tip Robert, and thanks for helping out the cause! I’ve tested this out, and it appears to be the case depending on which virus you are infected with—some of them are smarter and shut you down all the way.
What About You? Had any Virus-Killing Experiences?
Have you had any experience lately killing this virus, or other similar ones? Let us know in the comments, or feel free to email into the tips line at tips@howtogeek.com with your best method for killing these viruses. We’d love to hear your expert feedback!
Update
Looks like there might be some stronger versions of this thing out there – I would advise not rebooting after you run the initial SUPERAntiSpyware scan, and installing and running MalwareBytes right away. Also, you should check out the advice from all the readers in the comments below.




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:10 PM | Message # 11
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
How To Remove Security Tool and other Rogue/Fake Antivirus Malware

If you have a PC infected with Security Tool, you’re probably reading this article so you can understand how to get rid of it. Thankfully we’ve got the instructions to help you get rid of this virus.
Security Tool is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, Internet Security 2010, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.

This particular virus blocks you from doing most things, like Task Manager…

It also gives you loads of error messages that just seem to pop up constantly.

And worse, it blocks you from running malware removal tools:

First we’ll walk through the general steps that usually apply, but you can skip down to read the specific steps that we used to remove this virus.
Removing Rogue Fake Antivirus Infections (General Guide)
There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:

Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
If that doesn’t work, reboot your PC into safe mode with networking (use F8 right before Windows starts to load)
Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
Reboot your PC and go back into safe mode with networking.
If that doesn’t work, and safe mode is blocked, try running ComboFix. Note that I’ve not yet had to resort to this, but some of our readers have.
Install MalwareBytes and run it, doing a full system scan. (see our previous article on how to use it).
Reboot your PC again, and run a full scan using your normal Antivirus application (we recommend Microsoft Security Essentials).
At this point your PC is usually clean.

Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).
Removing Security Tool
Since the above steps don’t always work, and Security Tool seemed to do a pretty good job of killing the malware removal tools I tried to use, I found another method to kill the virus off so I could begin the work of removing it.
First, we’ll need to know the username—if you aren’t sure what that is, right-click on the Start button and choose Open, then you can see it right in the location bar:

Next, open up the Start Menu, and then click the Run button (or use the Win+R shortcut key), and then type in the following command, substituting your own username if it is something other than administrator.

Code

     taskkill /f /fi “username eq administrator”


Note: If it doesn’t kill the virus the first time, you might have to use it again. Don’t be alarmed when your start menu disappears.

If all went well, the virus is dead and so is everything else including your start menu. Use the Ctrl+Shift+Esc shortcut key combination, and then go to File –> Run, and type in explorer to re-open the start menu and taskbar.

Note: If you find that the virus still isn’t dead, you can repeat the steps again.
Use SUPERAntiSpyware to Clean the Malware
Now that we’ve killed off all those processes, we’ll get to removing the actual malware from the system by downloading SUPERAntiSpyware and installing it. You should be able to grab the full version, or you can use the portable variety that we’ve already recommended.

If you grabbed the full version, make sure to use the Check for Updates button, and then click the Scan Your Computer button… make sure to perform a Complete Scan, and select all of your drives.

Once it’s done, it’ll let you remove them all in a click, and then prompt you to reboot. Job isn’t done, however!
Install Malwarebytes and Scan
Next you’ll want to install MalwareBytes and run it, making sure to run a full scan. The main reason to do this is because there’s no way a single malware removal tool can know about every single piece of malware out there, and you may as well make sure your system is clean.

Install Microsoft Security Essentials
You should definitely install Microsoft Security Essentials and run another full scan once you’re done.
Note: If you used a thumb drive at any point during this process, you should make sure and scan that as well—I’ve had viruses hop over to the thumb drive, ready to infect the next machine.




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:12 PM | Message # 12
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
List of Anti-Virus Software Compatible with Windows 7

Within a few hours of Windows 7 being released my inbox started filling up with readers asking what Anti-Virus software they should install in Windows 7. Since this seems like such an important topic, I decided to make a list of packages that work.
If this is your first time here, you should check out our list of 175 Windows 7 Tweaks, Tips, and How-To Articles
Our Recommendation
If you want something that’s going to work really well, and is totally free, you should check out the free Microsoft Security Essentials anti-virus solution, which isn’t going to slow down your PC.

Week in Geek: The Microsoft Security Essentials is Excellent Edition
Microsoft Security Essentials is a Free Antivirus Utility

Note: as a general rule, software that works on Windows Vista should work just fine on Windows 7, with the exception of software that installs low-level system components like an Anti-Virus, firewalls, or similar. These packages often are designed to only run on specific versions of Windows.
Windows AntiVirus Detection
When you first install Windows 7, you’ll get a popup balloon message telling you that you need to find an antivirus program online… notice the wrench on the balloons that will let you turn them off easily.

Once you’ve installed a compatible package, the message will go away and you’ll see a message in the Action Center telling you that “Virus protection” is On:

The packages should also hook into the Windows 7 update mechanism and let you know when your virus definitions are out of date.

And now, on to the list… I took a screenshot of the Action Center screen proving that each package installs and is recognized properly by Windows 7, but I also ran through a couple of quick tests for each package.
AVG Anti-Virus Free Edition
AVG Free is the most popular anti-virus software out there, and not only does it work just perfectly under Windows 7, but it’s on the list of a small number of software packages that are officially compatible per Microsoft.
You’ll notice that it also offers Anti-Spyware protection, and Windows recommends that you only run a single Anti-Spyware application:

For more on this package, see Mysticgeek’s review of AVG Free.
Avira AntiVir Personal Edition
Avira is a popular freeware antivirus solution that seems to be a hit on our forum, with a number of the regulars in favor of it. This software works without any issues that I could find during my quick testing.

For more on this package, see Mysticgeek’s review of AntiVir Personal Edition.
Norton AntiVirus 2009
Hardly needing an introduction, Norton AntiVirus 2009 works just fine. They are also on Microsoft’s list of compatible software for Windows 7.

You’ll notice that this provides anti-spyware protection, so you’d likely want to disable Windows Defender for performance reasons.
Avast! AntiVirus Home
Another popular Anti-Virus package that we’ve previously reviewed, this one works just fine. You’ll notice that this package provides Anti-Spyware protection as well.

Microsoft Windows Live OneCare: FAIL

This one was a bit of a surprise to me, but it turns out the previously reviewed Windows Live OneCare does not even install under Windows 7, just giving you a big fat error message:

I guess Microsoft still has some coordination problems. (Screenshot thanks to our forum administrator Scott).
Note: OneCare is going to be discontinued in June 2009, with Microsoft switching to offering a free product instead.

Kapersky Anti-Virus 2009
This antivirus software package is also on the Microsoft official list of Windows 7 compatible software. We’ve not reviewed it here because we tend to focus on free alternatives, but it’s well-known and preferred by a few of our forum members.

You’ll note that my virus database is out of date in the screenshot above. The Action Center consolidates all of these messages together into one place – rather useful.
McAfee VirusScan: FAIL
Reported to be not working by multiple readers including Daniel in the comments.
Also Working Per Reader Comments
These packages are reported to be working by the readers in the comments below:

PCGuard Anti-Virus from Virgina Media Broadband
ESET Nod32 Anti-Virus
Microsoft Forefront Client Security (Enterprise)

Thanks, keep them coming!
Important Note
Just because all of these packages install and run doesn’t mean they are necessarily “supported” by the vendors.
Ask the Readers: What Did We Miss?
Obviously if you are looking for an Anti-Virus package this list should help you out… but I would like to complete the list. If you’ve tested out any other packages, or had any issues with the ones on this list, leave a comment and I’ll update the article.

Official Microsoft Anti-Virus Partners Page at microsoft.com




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:13 PM | Message # 13
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
List of Spyware Protection Software Compatible with Windows 7

If you are one of the many people testing the beta release of Windows 7, you should still make sure to keep your computer safe and secure. The other day we created a list of Anti-Virus software compatible with Windows 7, and today we'll be covering a list of compatible Spyware protection utilities.
Note: make sure to check out our screenshot walkthrough of the Windows 7 Beta if you haven't already, as Microsoft is giving away beta keys that don't expire until August 1st.
If you have a commercial security suite such as Norton or McAfee, then it probably includes anti-malware protection, and if you decide to run a separate anti-spyware package you should probably disable the other one. This is even mentioned in the Windows 7 Action Center screen if you install more than one:

Without further ado, on to the list…
Windows Defender
By now I am sure you are familiar with Microsoft’s Windows Defender anti-malware utility which is included with Vista and Windows 7. It's a fairly solid utility and obviously is going to work just fine in Windows 7.

You should disable Windows Defender if you decide to use any other antispyware package. This can also increase performance in some cases as The Geek pointed out in this Lifehacker article.

Spybot Search & Destroy
I figured we will kick this off with Spybot Search & Destroy, a personal favorite. I was able to install, update, immunize, and scan without any issues and the cool Easter Egg is still there!

Ad-Aware
Arguably the most popular anti-spyware application, previously mentioned Lavasoft Ad-Aware 2008 also worked flawlessly.

Malwarebytes’ Anti-Malware
Malwarebytes is another protection utility I get asked about quite often and this too works successfully in Windows 7. This is a great scanning program which is free unless you want real-time protection, that will set you back $24.95.

Spyware Blaster
Spyware Blaster is different to the other spyware detection utilities in the way it works. Think of it as a shield against known spyware threats that you do not have to keep continuously running. Essentially you just need to run it when you want to update the database (which I would recommend doing fairly often). For automatic updates you will need to purchase a license for $9.99.
It disables a list of spyware related to Active X controls and flags them in the registry so an associated spy process will not be able to run, and hooks into your browser to check downloads.

Everything I tested seems to work without any problems. It is good to know we can rely on these trusted utilities for the 7 beta until Microsoft releases their free security solution in the second half of this year.
Anti-Malware Suites
There are a number of "suites" that include protection for everything including spyware, and some of them we've previously tested in Windows 7 during our Windows 7 Compatible Anti-Virus Software list.

AVG Free
Avira AntiVir
Norton AntiVirus 2009
Avast! AntiVirus
Kapersky Anti-Virus 2009

What other anti-spyware software packages do you know about that also work? Let us know!




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:14 PM | Message # 14
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
Microsoft Security Essentials is a Free Antivirus Utility

Microsoft Security Essentials is a free utility that provides real-time protection to identify and eliminate harmful viruses and other malware from your PC. Today we’ll take a look at how it performs and the protection it has to offer.
Microsoft Security Essentials (MSE) is free Anti-Malware protection that replaces their previous “pay for” utility One Care. It has left beta and version 1.0 was released to the public yesterday. As with the beta we showed you before, this version provides real-time protection and runs quietly in the background. It actually runs a lot like the beta version and the user interface is the basically same.

Before installation make sure there is no other Antivirus or spyware application running on the machine. However, you don’t need to turn off Windows Defender, because MSE takes care of it for you.

You will have to validate your copy of Windows to be able to install and use Security Essentials.

The user interface is basic, simple, and easy to use. After installation it will update the virus definitions right away. After that it will update itself automatically in the background so once installed it truly is a “set it and forget it” process.

After the database is updated the computer status turns green. There are 4 tabs at the top that allow you to control different functions.

Under Settings you can choose what actions it should take with malware based on its threat level.

By default Real-time protection is enabled but if you want to disable it you want. The Real-time protection is light on system resources and doesn’t slow down other processes at all.

It shows a green icon in the notification area letting you know your system is protected.

Progress is displayed while a manual scan takes place and tells you the amount of time it takes. Scan times will vary between systems based on amount of files and hardware performance.

It works like most other Antivirus apps and lets you scan a single file.

If a threat is detected a red attention screen pops up in the Notification Area and you can clean the threat right away based on your recommended actions or find out more detail about the threat.

If you want more details, they actually provide a good amount of information on a threat. When in the details screen you can change the recommend action if you want and clean it from there.

During out tests we tried to download an infected file, but MSE stopped it and wouldn’t allow the download to continue unless manually selecting to ignore it. This is very nice so someone doesn’t ignore the s, click out of the screens, and try to download and install the app anyway.

For testing we ran this on the 32-bit version of Windows 7 Home Premium but it will also work with XP and Vista. It is light on system resources and runs quietly without constantly popping up messages and annoying you. It does pop up a message when it matters though. If a threat is found it will pop up a red alert to let you know about the malware and decide what actions to take. It’s nice to have a free anti-malware utility that is easy to use and effective. While Microsoft doesn’t always offer the best security solutions, they seem to have gotten this one right.

Download Microsoft Security Essentials




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Sefica Date: Cetvrtak, 2012-10-18, 2:14 PM | Message # 15
BLOKIRAN
Posts: 262
Reputation: 8
Reputation: 4
Offline
Remove Malware from an Infected System with Ad-Aware 2009

Earlier this week, we showed you just how much of a problem spyware really is, then we showed you how to clean it up with Spybot—and in today’s lesson we’ll show you how you could have cleaned up the mess with Ad-Aware 2009.
Scanning for Malware
The nice thing about Ad-Aware 2009 is that as soon as you finish installing it, it will automatically check for and download updates.
Once the updating process has finished, you will be asked to restart your computer. After restarting, the following window will display and you can start your scan for malware by clicking on the “Radar Symbol”.

After you have clicked on the “Radar Symbol”, this is the window that you will see. To get the best results for removing malware, it is highly recommended to choose “Full Scan”. You can see in the screenshot the areas that will be checked and the types of malware that will be scanned for. Click the “Scan Now” button at the bottom to begin.

Once Scanning is Complete
Depending on the size of your system (i.e. the amount of files, etc.), the scan time will vary. Once the malware scan has finished, the results will be displayed as shown below and broken into categories. Notice that there are drop down menus for each category to allow you to choose the specific type of action to be taken (very nice!).

Here is a look at the options available on the drop down menus. The default setting is “Recommended” but may not be the action that best suits your needs.
Note: “Recommended” for each category will vary in the action that is taken, so choose the one that works best for you.

As you can see, we chose “Remove all” for each category in our example. We knew for certain that each item category listed was a definite problem. If you are not certain which action to take, a quick search using Google, Bing, or another search engine should easily provide adequate information to help you decide which action is the best one to choose.
Notice that there is also an option to “Set System Restore Point”. It is recommended to select the option. Click the “Perform Actions Now” button at the bottom when you have finished choosing your settings.
Note: If you have selected “Set System Restore Point”, Ad-Aware will “appear” to not be working for a moment. This is nothing to worry about…just Ad-Aware creating the System Restore Point.

Removing the Malware
Here you can see that while removing the malware from our example system, a suspicious file was brought to our attention. We chose to “Submit” the file for evaluation by Lavasoft. Submitting suspicious files is recommended and helps improve future scan results.

Once you have dealt with any suspicious files (if any were found on your system), you will see the following window displaying the results of the actions that you selected. Notice that you may be prompted to “Reboot Your Computer”.

A Quick Look at the Reboot
If you were prompted to “Reboot Your Computer”, you can expect to see the following types of action being taken by Ad-Aware during the system reboot.

Conclusion
Like any anti-malware software, Ad-Aware may not remove everything by itself. But it is a wonderful program to have installed on your system and when used with other anti-malware software, will help keep your operating

system clean and healthy.

Download Ad-Aware Anniversary Edition (version 8.0.7.0) from download.cnet.com




Sefica je blokirana , od sada koristi novi NALOG -S3F1C4- .
Forum » Pomoc i podrska » Razni tutorijali » Virus i spuware (EN) (Tutorijal je na engleskom)
  • Page 1 of 3
  • 1
  • 2
  • 3
  • »
Search:

Osnivaci
Ana Babic /Sefica/
Marija Nikolic /mallaMaja/
Nikolina Djuzic /NiNa/



+381/ --- / -- -- mestozazabavu@gmx.com
Lokacija
sample map