Christian Mairoll
-
Posts
1319 -
Joined
-
Days Won
118
Posts posted by Christian Mairoll
-
-
The independent ProtectStar test lab makes detail reviews of security software solutions. Only a few selected products have been awarded with the ProtectStar Award during the last 5 years.
a-squared Anti-Malware 4.5 was tested and won the coveted ProtectStar Award 2009!
Please check out the full 6-page detail review of a-squared Anti-Malware 4.5.
View the full article -
The Emsi Software malware research team has discoverd a new outbreak for the Adware.Win32.WindowsPolicePro.
WindowsPolicePro is a rogue security program that:
- Show False warning messages.
- Show Misleading scan results.
- Show fake Windows Security Center.
- Show fake error svchost.exe.
- And it’s Browser Helper Objects
The main installer of this malware seem like packed with EXECryptor, and it extract several files to:
%ProgramFiles%Windows Police Promsvcm80.dll
%ProgramFiles%Windows Police Promsvcp80.dll
%ProgramFiles%Windows Police Promsvcr80.dll
%ProgramFiles%Windows Police Prowindows Police Pro.exe
%ProgramFiles%Windows Police Protmpdbsinit.exe
%ProgramFiles%Windows Police Protmpwispex.html
%ProgramFiles%Windows Police Protmpimagesi1.gif
%ProgramFiles%Windows Police Protmpimagesi2.gif
%ProgramFiles%Windows Police Protmpimagesi3.gif
%ProgramFiles%Windows Police Protmpimagesj1.gif
%ProgramFiles%Windows Police Protmpimagesj2.gif
%ProgramFiles%Windows Police Protmpimagesj3.gif
%ProgramFiles%Windows Police Protmpimagesjj1.gif
%ProgramFiles%Windows Police Protmpimagesjj2.gif
%ProgramFiles%Windows Police Protmpimagesjj3.gif
%ProgramFiles%Windows Police Protmpimagesl1.gif
%ProgramFiles%Windows Police Protmpimagesl2.gif
%ProgramFiles%Windows Police Protmpimagesl3.gif
%ProgramFiles%Windows Police Protmpimagespix.gif
%ProgramFiles%Windows Police Protmpimagest1.gif
%ProgramFiles%Windows Police Protmpimagest2.gif
%ProgramFiles%Windows Police Protmpimagesup1.gif
%ProgramFiles%Windows Police Protmpimagesup2.gif
%ProgramFiles%Windows Police Protmpimagesw1.gif
%ProgramFiles%Windows Police Protmpimagesw11.gif
%ProgramFiles%Windows Police Protmpimagesw2.gif
%ProgramFiles%Windows Police Protmpimagesw3.gif
%ProgramFiles%Windows Police Protmpimagesw3.jpg
%ProgramFiles%Windows Police Protmpimageswt1.gif
%ProgramFiles%Windows Police Protmpimageswt2.gif
%ProgramFiles%Windows Police Protmpimageswt3.gif
%SystemRoot%ppp3.dat
%SystemRoot%ppp4.dat
%SystemRoot%svchasts.exe
%SystemRoot%system32bennuar.old
%SystemRoot%system32dddesot.dll
%SystemRoot%system32desote.exe
%SystemRoot%system32sysnet.dat
%UserProfile%DesktopPC_protect.exe
%UserProfile%DesktopWindows Police Pro.lnk
%UserProfile%Start MenuProgramsWindows Police ProWindows Police Pro.lnkAnd create new registry entries:
HKEY_CURRENT_USERsoftwareWindows Police Pro
HKEY_CURRENT_USERsoftwareWindows Police Prowindows Police Pro
HKEY_CURRENT_USERsoftwareWindows Police Prowindows Police ProRegistration
HKEY_CURRENT_USERsoftwareWindows Police Prowindows Police Prosetdata
HKEY_LOCAL_MACHINEsoftwaremicrosoftWindowsCurrentVersionUninstallWin Police Pro
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAntipPro2009_100
HKEY_LOCAL_MACHINEsoftwaremicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{76DC0B63-1533-4ba9-8BE8-D59EB676FA02}This malware also try to connect to core2634.newdomainagain.com.
How to remove the infection of Adware.Win32.WindowsPolicePro?
To delete this malware infection, please download and install a-squared
Anti-Malware. Run a full scan on all drives and move all detected items
to the quarantine
View the full article -
Great news!
a-squared Anti-Malware was nominated for the Epsilon software award 2009. This award is given to the best software during the European Software Conference event, which is held once a year in Berlin, Germany.
The voting period just began and lasts until October 27, 2009, so please give us your vote!
We need your help to win! Please go to the voting website, scroll down to the bottom and click the Next button. Then select a-squared Anti-Malware from the list and submit your vote.
Thank you very much!
View the full article -
The German com! magazine did a short test of the Mamutu 2.0 release in the latest issue 10/2009.
Quotes:
“Mamutu detected 100% of the tested Malware and blocked them.”
(+) Detects new pests too.
(+) Less false alerts with the community.
View the full article -
Issue 10/2009 of the German com! magazine published a big comparative of 10 freeware antivirus tools. The testing was executed by www.av-test.org. The In-the-wild test included 3200 of the most spread malwares. For the testing of the specific malware categories, they have used about 480,000 unique malware samples.
The following programs were tested:
- Avira Antivir Personal Free Antivirus 9.0
- Antivirus Software BitDefender 10
- Panda Cloud Antivirus Beta
- Microsoft Security Essentials 1.0
- Alwil Avast Antivirus Home 4.8
- AVG Anti-Virus Free Edition 8.5
- Emsi Software a-squared Free 4.5
- Comodo Internet Security 3.10
- PC Tools Antivirus Free Edition 6.0
- Clamwin Free Antivirus 0.95The detection test results for a-squared Free:
- Wildlist-Malware on Demand: 100% detected – best in test!
- Worms: 99.99% detected – best in test!
- Backdoors: 99.98% detected – best in test!
- Bots: 99.81% detected – best in test!
- Trojans: 99.95% detected – best in test!
- 5 active nasties: 100% detected – best in test!
- Heuristic (1 week without updates): 63.56% detected – best in test!
- Heuristic (2 weeks without updates): 52.72% detected – number 2 in test
- Ad- and Spyware: 99.57% detected – best in test!
View the full article -
Softpedia.com is similar to Download.com a high quality software directory. They published a very detailed review of a-squared Anti-Malware 4.5.
Full quote of their conclusion:
The Good
Although it brings to the table a plethora of options and fine tuning settings, a-squared is easy to manage by any average user. Its detection rate was over 98% and the flexibility in letting you decide upon online threats is to be fully appreciated.
The initial wizard can help you set up the entire application while the main screen gives way to fine tuning options in order to customize the way it protects your system. For each app on the computer you can create rules to restrict their performance or receive alerts when suspicious behavior is detected.
The various layers of protection can be enabled/disabled at will and all a-squared activity is logged for later reference. Scheduling system is very well thought, offering the chance to plan scans at specific times, dates and with a certain frequency, as well as define a start and end interval.
In order to reduce the amount of alerts, community knowledge can kick in and decide for you, according to your pre-configuration.
The Bad
Surf Protection alerts can be quite annoying, especially if you’re in the habit of roaming the less-known paths of the web. If tracking cookies are okay to block, with hosts things are different and many users may feel the urge to disable surf protection.The Truth
a-squared managed to score high in our tests and prove that it can be a great ally against the cyber threats. It is easy to handle and the help file thoroughly explains every option in the program.
Background Guard can easily help you monitor any application for suspicious activity, as well as deflect malware-like activities on your computer.
Each program launched on the system can be scanned upon execution in order to make sure that its activity is benign. Alert system is flexible enough to let you automatically create a rule for the notifications you receive and thus reduce the amount of pop-up messages displayed.
EDITOR’S RATINGS: User Interface: 
Features:
Ease of use:
Pricing/Value:
Overall:
View the full article -
The independent testing organization Malware Research Group spent much efforts in creating a close to real world needs test environment.
Methodology:
The MRG testers have installed and tested 25 different security solutions to see if they can prevent virus infections. From pure antivirus over firewalls with antivirus features to full internet security suites. To make the test as representative as possible, they have executed 60 different nasties. All samples of malware used in this test came from infected machines, samples were collected in August 2009.
The test results:
Only less than 50% of the tested security products were able to protect the test system.
a-squared Anti-Malware has detected all malware samples!
On request, MRG told us that a-squared Anti-Malware was the only product which was able to detect all samples purely based on signature detection. The behavior blocker part was not even needed to prevent the infections.
The tables shows: Program tested, Amount of samples blocked, Amount of Samples missed, Passed or Failed the test.
Program Blocked Missed MRG Project#20 a-squared 60 0 Passed Avast 58 2 Failed AVG 59 1 Failed AVIRA 60 0 Passed BitDefender 53 7 Failed Dr.Web 57 3 Failed eScan 52 8 Failed F-Prot 46 14 Failed Ikarus 60 0 Passed Kaspersky 60 0 Passed Microsoft (BETA) 57 3 Failed Nod32 58 2 Failed Norman 50 10 Failed Norton 58 2 Failed Panda 60 0 Passed Panda Cloud 60 0 Passed Prevx 60 0 Passed Spy Emergency 44 16 Failed Twister 58 2 Failed VIPRE 60 0 Passed COMODO 60 0 Passed F-Secure 60 0 Passed G DATA 60 0 Passed McAfee 59 1 Failed Online Armor++ 60 0 Passed
View the full article -
PC Security Labs, a new but well established antivirus testing agency, published the July 2009 test.
Key facts:
- 23 well known antivirus products in test.
- 3132 Malware samples to be scanned.
Test results:
- Emsi Software’s a-squared Anti-Malware and Tall Emu’s Online Armor Personal Firewall ++ both missed only 3 samples, resulting in the first place in test!
- Of the missed 3 samples, a-squared Anti-Malware was able to catch 2 while dynamic testing (samples were started to see if the software can prevent infection).
- With only 1 missed sample, a-squared Anti-Malware’s total detection rate is 99.97%!
View the full article -
Malware Research Group did the first realtime protection test, executing 22 wide spread malware samples to see which security solutions are able to block them effectively (which is the most imporant fact on any antivirus program actually).
These were the candidates:
- Avira AntiVir Premium Version: 9.0.0.441
- a-squared Anti-Malware Version: 4.5.0.19
- avast! Professiona Edition Version: 4.8.1335
- Kaspersky Anti-Virus 2010 Version: 9.0.0.463
- G Data AntiVirus 2010 Version: 20.0.1.1
- COMODO Internet Security Version: 3.10.102363.531
- ESET NOD32 Antivirus System Version: 4.0.437
- Norton AntiVirus 2009 Version: 16.5.0.134
- AVG Anti-Virus Professional Edition: 8.5.406/1617
- Dr.Web anti-virus Version: 5.00.1.08030Only 2 of 10 candidates passed the test:
a-squared Anti-Malware and Avira AntiVir!
Please check out the MRG website for more details: http://malwareresearchgroup.com/forum/viewtopic.php?f=20&t=47
Additional note:
On request of Emsi Software, they have tested Mamutu 2.0 using the same samples. The result is stunning:
Even without any Malware signatures, Mamutu 2.0 blocked all samples too!
View the full article -
The German COM! computer magazine has published an extended product test for a-squared Anti-Malware 4.5 in their July 2009 issue.
They wrote:
- 100% detection on the In-The-Wild test.
- Very good detection on less known viruses and trojans.
- Selfprotection is working efficiently.
- False alert rate is significantly lower compared with previous versions.
Conclusion:
(+) Very high detection rate
(+) Little false alerts
(+) Good self protection
(-) The user has to decide by himself on alert windows
The tool has been improved significantly, works 100% as it should and proves best detection.
On a scale from 1 (best) to 6 (worst), a-squared Anti-Malware was rated with a very good 2.0!
View the full article -
MalwareResearchGroup did a major scanner test, using a massive set of malware samples. They used 626,424 different malware files to compare the scanner capabilities of 19 well known antivirus solutions.
Trojans/Backdoors – 468,850
Windows Viruses - 12,134
Worms – 64,358
Adware/Spyware – 58,224
Rootkits/Exploits – 11,058
Other Malware – 24,800Samples were gatherered between 2008 and 2009 and represent a typical spread ratio of each individual malware group.
Testresults
The table shows the program tested, the amount of malware samples (all of the categories above) that were detected and removed.
Program Detection Rate (%) a-squared 99.7% Avira 99.5% G DATA 99.4% Kaspersky 98.8% Avast 98.7% BitDefender 98.6% eScan 98.5% Norton 98.2% Nod32 97.4% COMODO 97.1% McAfee 96.8% F-Secure 96.4% AVG 96.2% Norman 95.4% Twister 94.6% Sophos 93.5% Spy Emergency 82.4% ClamAV 82.3% Dr.Web 79.5% 
View the full article -
PC Security Labs has finished a new bi-monthly test of 19 major antivirus products. The testset contained 3,601 different malicious samples of March and April 2009, representing a typical scenario today:
- 61.7% Trojans
- 22.9% Backdoors
- 14.2% Worms
- 0.7% Rootkits
- 0.5% VirusesIn static testing (found by the disk scanner), a-squared Anti-Malware 4.5 missed 6 samples, which means a detection rate of 99.83%.
PCSL tested the missed 6 samples by starting them to see how much of them can be blocked by the a-squared Anti-Malware Guard. The result:
a-squared Anti-Malware missed only 1 malware sample!!!
That means the best total detection rate of 19 antivirus products!
Total detection rate results in detail:
View the full article -
Anti-Malware test performed by Malware Research Group in April 2009:
Project details: On Demand scan test
Operating System used in this test: Windows XP Professional Service Pack 3
Total number of programs used in this test: 18
Malware samples used in this test: 395.844
Malware categories used in this test and the amount of samples in each category :
Windows/Macro Viruses- 18.696
Trojans/Backdoors- 243.811
Worms/Rootkits- 86.634
Adware/Spyware- 46.703
The table shows the program tested, the amount of malware samples (all of the categories above) that were detected and removed.
Program Detection Rate (%) a-squared 99.6% Avira 99.6% G DATA 99.4% Avast 99.2% Norton 99.0% Kaspersky 98.8% BitDefender 98.7% eScan 98.5% F-Secure 98.3% McAfee 98.1% Nod32 97.6% AVG 96.9% COMODO 96.2% Twister 95.7% Sophos 93.5% Norman 93.2% Dr.Web 86.3% ClamAV 85.7% All details can be reviewed here: Test #18
View the full article -
Here is another anti malware challenge performed by SSUpdater Team (quoted):
This is the first Anti-Malware test performed by SSUpdater.com in 2009. but the long wait was worth it, in this test we used a total of 754.650 malware samples, and we concentrated only on the samples from the past 16 months. In this test we wanted to use as many known variants of all the famous names in the world of malware as possible, to name a few: Zlob, Monder, Conficker, Virtumonde, FraudPack, Renos, TDSS, AutoRun, Virut, Delf, FraudLoad, AutoIt, Inject, Kolab, Kolabc, Buzus, Poison, Bifrose, Palevo, Obfuscated, Adload, Zbot, Rbot, IFrame, Small, FakeAV, KillAV, Hupigon, Rukap, MyDNS, DNSChanger, Sinowal, Banker, Monderb, Sality, Midgare, Cinmus, Vanti, Stuh, Iksmas, Iroffer, OneStep, BlackHole, Magania, OnLineGames, Swizzor, Singu, Mudrop, Ciadoor, Qhost …………………… The malware categories used in this test: Windows Viruses, Trojans, Backdoors, Worms, Spyware, Adware, Rootkits, Exploits, Keyloggers, Hacking Tools, Malicious Scripts and other malware No unknown malware samples were used in this test. The test was conducted in virtual environment using Microsoft’s Windows XP SP3 with all the latest updates. We used a total of 25 programs.
All the programs used in this test were set to their maximum detection capabilities which include heuristic detection of unknown variants. The Results:
(Program name, Detection Rate)
1. Avira AntiVir Personal Edition Premium – 99.43%
2. a-squared Anti-Malware – 99.37%
3. G DATA Antivirus – 99.18%
4. avast! Professional Edition – 98.95%
5. Kaspersky Antivirus – 98.64%
6. Norton Antivirus – 98.58%
7. BitDefender Antivirus – 98.49%
8. ZoneAlarm Security Suite – 98.36%
9. F-Secure Antivirus – 98.16%
10. Nod32 Antivirus – 97.83%
11. McAfee Antivirus Plus – 97.51%
12. Comodo Internet Security – 96.93%
13. AVG Antivirus – 96.65%
14. Panda Antivirus – 96.22%
15. Rising Antivirus – 95.78%
16. Sophos Antivirus – 94.86%
17. F-Prot Antivirus – 93.47%
18. Outpost Security Suite – 92.58%
19. VIPRE Antivirus + Antispyware – 92.49%
20. VirusKeeper – 91.31%
21. Spy Emergency – 73.62%
22. Dr.Web – 71.05%
23. CA Antivirus – 68.84%
24. BullGuard Internet Security – DNF
25. Malwarebytes Anti-Malware – DNF*Note: Both BullGuard and Malwarebytes were unable to complete the scan therefore they classified as Did Not Finish.
Read all details on SSUpdater.com
View the full article -
Project details: Infected System Rescue test
Operating System used in this test: Windows XP Professional Service Pack 3
Total number of programs used in this test: 18
Malware samples used in this test: 30
All the samples used should be detected by all the participants in this test.
All the samples used are wide spread and no “unknown” variants have been used.
List of Malware samples used in this test:
Adware.Win32.Cinmus.hen
Adware.Win32.Virtumonde.qpm
Backdoor.Win32.Bifrose.zbx
Backdoor.Win32.BlackHole.d
Backdoor.Win32.Hupigon.efjs
Backdoor.Win32.Poison.oo
Backdoor.Win32.Singu.bt
Backdoor.Win32.Sinowal.bq
FraudTool.Win32.Agent.b
Hoax.Win32.Renos.vark
Net.Worm.Win32.Kolab.baq
Rootkit.Win32.Clbd.kr
Trojan.Win32.Buzus.jio
Trojan.Win32.Delf.hjd
Trojan.Win32.Inject.afm
Trojan.Win32.Midgare.gga
Trojan.Win32.Monder.dtn
Trojan.Win32.Monderb.hrf
Trojan.Win32.Qhost.kng
Trojan.Win32.VB.jiq
Trojan.Clicker.Win32.Small.kj
TrojanDownloader.FakeAlert.wr
TrojanDownloader.Win32.Agent.bbkf
TrojanDownloader.Win32.CodecPack.ml
TrojanDownloader.Win32.Zlob.wg
TrojanDropper.Win32.Mudrop.cy
TrojanSpy.Win32.Delf.dq
TrojanSpy.Win32.Zbot.dmz
TrojanSpy.Win32.VB.axg
Virus.Win32.Virut.bv
The Table shows the name of the program used,
how many points the program got and the final result.Product Points Result a-squared 30 System Rescued Avast 30 System Rescued Avira 30 System Rescued AVG 30 System Rescued BitDefender 30 System Rescued COMODO 30 System Rescued ClamAV 26 Failed Dr.Web 23 Failed eScan 30 System Rescued F-Secure 30 System Rescued G DATA 30 System Rescued Kaspersky 30 System Rescued McAfee 28 Failed NOD32 24 Failed Norman 27 Failed Norton 30 System Rescued Sophos 29 Failed Twister 28 Failed Read on here for testing methodology and details.
View the full article -
a-squared Free is rated as best free trojan scanner/trojan remover by techsupportalert.com.
Quote:
a-squared Free is a good choice to scan and remove malware, especially trojans, from your PC. It removes reliably the trojans containing backdoors, keyloggers, dialers and other destructive pests which make it dangerous to surf the web.
View the full article -
The SSUpdater Team did their first freeware antimalware competition.
From the SSUpdater Forum:
In this test we have used a total of 18 freeware programs and 4 full version programs, the full version programs were tested so they can show you how the freeware programs compare to them.
The test was conducted in a virtual environment using fully updated Windows XP SP3, identical clones were created for every program tested, the programs used were set to their maximum capabilities and used the latest signature database/program build.
In total we used 303.200 malware samples including all the latest malware samples that were found until the testing began. We have used the flowing malware categories: Windows Viruses, Trojans, Backdoors, Worms, Spyware, Adware, Rootkits, Exploits, Keyloggers, Hacking Tools, Malicious Scripts and other types of malware.
We have measured the amount of memory that was used by all programs tested, the amount that you will see is only the memory used by the scanning process. The Results:
(Detection Rate/Average Memory Used)1. a-squared Anti-Malware 4.0 Free Edition – 99.48% (90.000k)
2. AntiVir Personal Edition – 98.74% (50.000k)
3. Avast! Home Edition – 98.71% (58.000k)
4. BitDefender Free Edition – 96.81% (31.000k)
5. McAfee by AOL – 95.58% (96.000k)
6. Comodo Internet Security – 94.85% (26.000k)
7. DriveSentry – 93.66% (15.000k)
8. AVZ Antiviral Toolkit 4 – 92.36% (20.000k)
9. Rising Antivirus Free Edition – 92.18% (65.000k)
10. Blink Personal Edition – 91.08% (110.000k)
11. AVG Antivirus Free Edition – 89.22% (51.000k)
12. Moon Secure Antivirus Beta – 88.47% (82.000k)
13. PC Tools Antivirus Free Edition – 87.69% (20.000k)
14. a-squared Anti-Malware 3.5 – 85.39% (48.000k)
15. My Free Antivirus – 83.87% (58.000k)
16. Spyware Terminator with ClamAV – 79.62% (156.000k)
17. ClamWin Antivirus – 74.48% (25.000k)
18. Malwarebytes Anti-Malware – 3.71% (28.000k)
Full Versions:
1. Avira AntiVir Premium – 98.83% (50.000k)
2. Kaspersky Antivirus – 98.28% (41.000k)
3. Norton Antivirus – 96.94% (125.000k)
4. Nod32 4.0 beta – 89.79% (48.000k)
Read all details on SSUpdater.com
View the full article -
PC Security Labs, a new antivirus testing organization, did a scanner comparative test of 6 antivirus products:
a-squared Anti-Malware 4.0.0.14
Ikarus virus.utilities T3 1001034
Kaspersky Internet Security 2009 8.0.0.454(a,b)
Kingsoft Internet Security 2008 2008.9.8.18
Trend Micro AntiVirus plus AntiSpyware 2008 8.910-1002
Twister Anti-TrojanVirus V7 R3 7.3.1.23211Total Detection Summary: 1979 Malware Samples
1. a-squared: 1970: 99.56%
2. Ikarus: 1968: 99.44%
3. Kaspersky: 1948: 98.43%
4. Twister: 1917: 96.87%
5. Trend Micro: 1823: 92.12%
6. Kingsoft: 1686: 85.19%Read all details about this antivirus test here.
View the full article -
From Calender Of Updates forum:
Quote: The number of misleading applications (aka rogue products) have escalated and there are now hundreds of rogue software floating around the net. Users need protection not only from common threats (such as viruses etc) but also from rogue software. Luckily, the trustworthy malware scanners have added detections of rogue products. Total samples: 70 rogue applications
Rogue Detections: Old, Not So Old and New Threats
To complete the test we gathered some old (2 years ago), not so old (last year) and new (this year) rogue samples.Some misleading applications in this test were picked-up by searching the internet using keywords that is similar to non-misleading and popular software. (Example: AntivirProtect is similar to Antivir by AVIRA, SpyBlaster is similar to SpywareBlaster by Javacool). Others were picked by visiting websites that offer database of software (free downloads website). Some were picked by directly going to rogue software vendor’s website.
Note: There are rogue products in these test that were not picked but was offered by existing rogue software e.g. PCTurboPro offers another rogue software: WinAntivirus 2007 Pro.
We selected most of the samples not by risk level but by it’s age level. Please read on to find out why it is IMPORTANT that age level (old, not so old, new threats) is important to be detected especially if the method to get the samples is easy as searching the internet, using a search engine or by going to any website that is offering free downloads.
We’ve run the test by scanning the system with the following free antispyware/antimalware applications:
A-Squared by Emsisoft (A2)
Ad-Aware 2007 by Lavasoft (AAW)
Malwarebytes Anti-Malware by Malwarebytes (MBAM)
RogueRemover by Malwarebytes (RR)
SUPERAntispyware by Superantispyware.com (SAS)
Spyware Doctor Starter Edition by PC Tools (SD)
Spybot Search & Destroy by Safer Networking (SSD)
Windows Defender by Microsoft (WD)Please note that it is IMPORTANT that a scanner to be able to detect not only the newer threats but also old threats because these threats are still in the wild and are available through different distributions (email, website, ads, phishing etc).
Results
1. A-Squared: 91.4% 2. Malwarebytes Anti-Malware: 65.7% 2. RogueRemover: 65.7% 4. Ad-Aware: 61.4% 5. Spybot Search & Destroy: 58.6% 6. SUPERAntispyware: 54.3% 7. Windows Defender: 42.9% 8. Spyware Doctor Starter Edition: 40.0%Analysis
1. It goes without saying, but we’ll say it, anyway, a perfect malware scanner does not exist.
2. Of the scanners tested, a-squared by Emisoft performed significantly better than the others. It only failed to detect six items. This product performed equally well detecting the old, not so old and new threats.
3. Malwarebytes’ Anti-Malware and RogueRemover both performed well on the tests. RogueRemover failed to detect 24 rogue samples and Malwarebytes’ Anti-Malware, concidentally, also failed to detect 24 rogue samples. It should be noted that the failed samples were not the same items on both scanners. When scanned with both of scanners, the total number of samples missed was only ten. This is important to note since it clearly displays the benefit of using multiple scanners. One succeeds where the other fail, but both used together failed on a much smaller group of samples.
4. Ad-aware, Spyware Doctor, Spybot S&D, Windows Defender and SUPERAntispyware all performed very poorly. As this test clearly indicates, there are other scanners available that did a better job detecting threats. If you are currently using any of the scanners in this group, you should consider using the other scanners highlighted in this test either in addition to, or instead of, this group.
Donna, thanks for testing these products!
View the full article
Windows PC Defender Adware Removal Instructions
in Malware and Computer Security
Posted
The Emsi Software malware research team has discoverd a new outbreak for the Windows PC Defender adware. a-squared Anti-Malware detect this malware as Adware.Win32.WindowsPCDefender.
Windows PC Defender is rogue security software that show false warning messages and show misleading scan results. The advertisement will state that you are infected and then prompt you to download Windows PC Defender to your computer. If you download and install Windows PC Defender, it will start automatically when your computer starts. The installer will also create numerous harmless files on your computer, usually at Recent folder, that are used to impersonate malware files. Once the program is running it will scan your computer and then display these files as infections, but will not allow you to remove them until you purchase the program.
The main program will extract several files to (the name of the files and directory for this rogue are random):
%CommonAppData%b0cf5WPba6.exe
%CommonAppData%WPCDSyswpcd.cfg
%AppData%MicrosoftInternet ExplorerQuick LaunchWindows PC Defender.lnk
%AppData%Windows PC DefenderInstructions.ini
%UserProfile%Cookiesindex.dat
%UserProfile%Cookiesvirus [email protected][1].txt
%UserProfile%Desktop1587.mof
%UserProfile%DesktopWindows PC Defender.lnk
%UserProfile%DesktopWPCD.ico
%UserProfile%DesktopBackUpHyperSnap-DX.lnk
%UserProfile%DesktopWPCDSysvd952342.bd
%UserProfile%RecentANTIGEN.tmp
%UserProfile%Recentcb.dll
%UserProfile%Recentcid.exe
%UserProfile%Recentcid.sys
%UserProfile%RecentCLSV.drv
%UserProfile%Recentexec.drv
%UserProfile%Recentfix.sys
%UserProfile%Recentgrid.tmp
%UserProfile%Recentkernel32.tmp
%UserProfile%RecentPE.sys
%UserProfile%RecentPE.tmp
%UserProfile%Recentppal.drv
%UserProfile%RecentSM.tmp
%UserProfile%Recenttjd.sys
%UserProfile%Recenttjd.tmp
%UserProfile%Start MenuWindows PC Defender.lnk
%UserProfile%Start MenuProgramsWindows PC Defender.lnk
And create new registry entry:
HKEY_LOCAL_MACHINEsoftwaremicrosoftWindowsCurrentVersionRunWindows PC Defender
This rogue also try to modify hosts file:
74.125.45.100 4-open-davinci.com
74.125.45.100 securitysoftwarepayments.com
74.125.45.100 privatesecuredpayments.com
74.125.45.100 secure.privatesecuredpayments.com
74.125.45.100 getantivirusplusnow.com
74.125.45.100 secure-plus-payments.com
74.125.45.100 www.getantivirusplusnow.com
74.125.45.100 www.secure-plus-payments.com
74.125.45.100 www.getavplusnow.com
74.125.45.100 www.securesoftwarebill.com
74.125.45.100 secure.paysecuresystem.com
74.125.45.100 paysoftbillsolution.com
206.53.61.77 google.ae
206.53.61.77 google.as
206.53.61.77 google.at
206.53.61.77 google.az
206.53.61.77 google.ba
206.53.61.77 google.be
206.53.61.77 google.bg
206.53.61.77 google.bs
206.53.61.77 google.ca
206.53.61.77 google.cd
206.53.61.77 google.com.gh
206.53.61.77 google.com.hk
206.53.61.77 google.com.jm
206.53.61.77 google.com.mx
206.53.61.77 google.com.my
206.53.61.77 google.com.na
206.53.61.77 google.com.nf
206.53.61.77 google.com.ng
206.53.61.77 google.ch
206.53.61.77 google.com.np
206.53.61.77 google.com.pr
206.53.61.77 google.com.qa
206.53.61.77 google.com.sg
206.53.61.77 google.com.tj
206.53.61.77 google.com.tw
206.53.61.77 google.dj
206.53.61.77 google.de
206.53.61.77 google.dk
206.53.61.77 google.dm
206.53.61.77 google.ee
206.53.61.77 google.fi
206.53.61.77 google.fm
206.53.61.77 google.fr
206.53.61.77 google.ge
206.53.61.77 google.gg
206.53.61.77 google.gm
206.53.61.77 google.gr
206.53.61.77 google.ht
206.53.61.77 google.ie
206.53.61.77 google.im
206.53.61.77 google.in
206.53.61.77 google.it
206.53.61.77 google.ki
206.53.61.77 google.la
206.53.61.77 google.li
206.53.61.77 google.lv
206.53.61.77 google.ma
206.53.61.77 google.ms
206.53.61.77 google.mu
206.53.61.77 google.mw
206.53.61.77 google.nl
206.53.61.77 google.no
206.53.61.77 google.nr
206.53.61.77 google.nu
206.53.61.77 google.pl
206.53.61.77 google.pn
206.53.61.77 google.pt
206.53.61.77 google.ro
206.53.61.77 google.ru
206.53.61.77 google.rw
206.53.61.77 google.sc
206.53.61.77 google.se
206.53.61.77 google.sh
206.53.61.77 google.si
206.53.61.77 google.sm
206.53.61.77 google.sn
206.53.61.77 google.st
206.53.61.77 google.tl
206.53.61.77 google.tm
206.53.61.77 google.tt
206.53.61.77 google.us
206.53.61.77 google.vu
206.53.61.77 google.ws
206.53.61.77 google.co.ck
206.53.61.77 google.co.id
206.53.61.77 google.co.il
206.53.61.77 google.co.in
206.53.61.77 google.co.jp
206.53.61.77 google.co.kr
206.53.61.77 google.co.ls
206.53.61.77 google.co.ma
206.53.61.77 google.co.nz
206.53.61.77 google.co.tz
206.53.61.77 google.co.ug
206.53.61.77 google.co.uk
206.53.61.77 google.co.za
206.53.61.77 google.co.zm
206.53.61.77 google.com
206.53.61.77 google.com.af
206.53.61.77 google.com.ag
206.53.61.77 google.com.ar
206.53.61.77 google.com.au
206.53.61.77 google.com.bn
206.53.61.77 google.com.br
206.53.61.77 google.com.by
206.53.61.77 google.com.bz
206.53.61.77 google.com.cu
206.53.61.77 google.com.ec
206.53.61.77 google.com.fj
206.53.61.77 www.google.ae
206.53.61.77 www.google.as
206.53.61.77 www.google.at
206.53.61.77 www.google.az
206.53.61.77 www.google.ba
206.53.61.77 www.google.be
206.53.61.77 www.google.bg
206.53.61.77 www.google.bs
206.53.61.77 www.google.ca
206.53.61.77 www.google.cd
206.53.61.77 www.google.com.gh
206.53.61.77 www.google.com.hk
206.53.61.77 www.google.com.jm
206.53.61.77 www.google.com.mx
206.53.61.77 www.google.com.my
206.53.61.77 www.google.com.na
206.53.61.77 www.google.com.nf
206.53.61.77 www.google.com.ng
206.53.61.77 www.google.ch
206.53.61.77 www.google.com.np
206.53.61.77 www.google.com.pr
206.53.61.77 www.google.com.qa
206.53.61.77 www.google.com.sg
206.53.61.77 www.google.com.tj
206.53.61.77 www.google.com.tw
206.53.61.77 www.google.dj
206.53.61.77 www.google.de
206.53.61.77 www.google.dk
206.53.61.77 www.google.dm
206.53.61.77 www.google.ee
206.53.61.77 www.google.fi
206.53.61.77 www.google.fm
206.53.61.77 www.google.fr
206.53.61.77 www.google.ge
206.53.61.77 www.google.gg
206.53.61.77 www.google.gm
206.53.61.77 www.google.gr
206.53.61.77 www.google.ht
206.53.61.77 www.google.ie
206.53.61.77 www.google.im
206.53.61.77 www.google.in
206.53.61.77 www.google.it
206.53.61.77 www.google.ki
206.53.61.77 www.google.la
206.53.61.77 www.google.li
206.53.61.77 www.google.lv
206.53.61.77 www.google.ma
206.53.61.77 www.google.ms
206.53.61.77 www.google.mu
206.53.61.77 www.google.mw
206.53.61.77 www.google.nl
206.53.61.77 www.google.no
206.53.61.77 www.google.nr
206.53.61.77 www.google.nu
206.53.61.77 www.google.pl
206.53.61.77 www.google.pn
206.53.61.77 www.google.pt
206.53.61.77 www.google.ro
206.53.61.77 www.google.ru
206.53.61.77 www.google.rw
206.53.61.77 www.google.sc
206.53.61.77 www.google.se
206.53.61.77 www.google.sh
206.53.61.77 www.google.si
206.53.61.77 www.google.sm
206.53.61.77 www.google.sn
206.53.61.77 www.google.st
206.53.61.77 www.google.tl
206.53.61.77 www.google.tm
206.53.61.77 www.google.tt
206.53.61.77 www.google.us
206.53.61.77 www.google.vu
206.53.61.77 www.google.ws
206.53.61.77 www.google.co.ck
206.53.61.77 www.google.co.id
206.53.61.77 www.google.co.il
206.53.61.77 www.google.co.in
206.53.61.77 www.google.co.jp
206.53.61.77 www.google.co.kr
206.53.61.77 www.google.co.ls
206.53.61.77 www.google.co.ma
206.53.61.77 www.google.co.nz
206.53.61.77 www.google.co.tz
206.53.61.77 www.google.co.ug
206.53.61.77 www.google.co.uk
206.53.61.77 www.google.co.za
206.53.61.77 www.google.co.zm
206.53.61.77 www.google.com
206.53.61.77 www.google.com.af
206.53.61.77 www.google.com.ag
206.53.61.77 www.google.com.ar
206.53.61.77 www.google.com.au
206.53.61.77 www.google.com.bn
206.53.61.77 www.google.com.br
206.53.61.77 www.google.com.by
206.53.61.77 www.google.com.bz
206.53.61.77 www.google.com.cu
206.53.61.77 www.google.com.ec
206.53.61.77 www.google.com.fj
206.53.61.77 google.com
206.53.61.77 www.google.com
206.53.61.77 bing.com
206.53.61.77 www.bing.com
206.53.61.77 search.yahoo.com
206.53.61.77 www.search.yahoo.com
206.53.61.77 search.live.com
206.53.61.77 search.msn.com
Malware screenshots:
How to remove the infection of Adware.Win32.WindowsPCDefender?
To delete this malware infection, please download and install a-squared Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine
View the full article