Remove Advanced Virus Remover - dangerous and annoying rogue security application

Any ideas that Advanced Virus Remover was legitimate security software were scotched out as files created with the Advanced Virus Remover installation were revealed, which files were then accused in being viruses when Advanced Virus Remover completed its free scan. Thus, Advanced Virus Remover created files to show them as a viruses, while they actually were rather harmless. Advanced Virus Remover was also classified as a program installed in a hidden mode with virus and trojan. i.e. a sort of SmitFraud. In order to remove Advanced Virus Remover you need to get rid of Advanced Virus Remover core components and Registry entries. Single Advanced Virus Remover removal may yet not resolve a security problem as associated infections may remain. Perform complete system cleanup and removal of Advanced Virus Remover, as well as of other infections exposed, with professional removal tool. Click here to start free scan.

Advanced Virus Remover screenshot:

Advanced Virus Remover removal tool:

Download Advanced Virus Remover Removal Tool

Advanced Virus Remover manual removal instructions: Delete Advanced Virus Remover files:

PAVRM.exe
Advanced Virus Remover.lnk

Delete Advanced Virus Remover registry entries:

HKEY_CURRENT_USER\Software\AVR
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\
International\CpMRU

Fast Antivirus 2009 removal breaks the illusion of protection

Fast Antivirus 2009 (FastAntivirus 2009) is instilled as freeware and starts its annoying ads upon the installation. Attempts to get rid of Fast Antivirus 2009 without professional assistance may be fatal for your computer system. Simultaneously, if you fail to remove Fast Antivirus, you are unlikely to run the computer at full capacity and enjoy it, but will be bothered at the constant basis with repeating alerts and scans. Fast Antivirus 2009 states your computer is overfilled with viruses; it is quite possible. The point is that Fast Antivirus 2009 viruses are files, which either do not actually reside at your computer or do not pose any challenge to computer security. True viruses, if any, are thus ignored. Click here to run free scan and perform Fast Antivirus 2009 removal applying the relevant and reliable software specialized on spyware removal (Spyware Doctor with antivirus).

Fast Antivirus 2009 screenshot:

Fast Antivirus 2009 removal tool:

Download Fast Antivirus 2009 (FastAntivirus 2009) Remover

Fast Antivirus 2009 manual removal guide:
Delete Fast Antivirus 2009 files:

Fast Antivirus 200917.mof
FastAV.exe
mozcrt19.dll
sqlite3.dll
SysFld
vd952342.bd
fastav.cfg
cookies.sqlite
Instructions.ini
Fast Antivirus 2009.lnk
Fast Antivirus 2009.lnk
ANTIGEN.sys
cid.dll
CLSV.dll
CLSV.tmp
ddv.dll
dudl.dll
eb.drv
eb.tmp
energy.sys
fix.drv
gid.exe
hijackthis.log.lnk
PE.drv
PE.sys
PE.tmp
SICKBOY.dll
tempdoc.sys

Delete Fast Antivirus 2009 registry entries:

HKEY_CLASSES_ROOT\FastAV.DocHostUIHandler
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Internet Settings\5.0\User Agent\Post Platform "898701124903"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Run "Fast Antivirus 2009"

Pimping Tha All New Snort.org

The home of Snort, snort.org received a facelift last night! The site has been largely static and unchanged for some time now.

A shortlist of the new features on the new snort.org that should make life easier for all:



• New navigation
• Improved account management
• New user forums
• Persistent link panel
• Improved VRT subscription management

What this does NOT mean is that your tools that automatically fetch snort rules tarballs will be broken... everything is still 100% functional and up in that area.

Having said all of this, please check out the new snort.org for yourself!

I extend a hearty good job to the entire snort.org team for their efforts in this, it looks and functions excellently!

Cheers,
JJC

Baconator Renamed => Pulled_Pork

So, for some "mostly obvious reasons" I have renamed the Baconator project to Pulled_Pork. This was for a variety of reasons and if you really want to know I'll explain it.. Just drop by #snort on freenode... suffice it to say that this new name is more fitting. Please also note the google code location has changed from /p/baconator to /p/pulledpork. I did note on the baconator page that this change has occured.

The new location => http://code.google.com/p/pulledpork/

As always, thanks for the support and please fetch the latest version to do some testing for me!

Cheers,
JJC

Webstoresecurity.com removal

The first stage of infecting your computer may be secret upload of Webstoresecurity.com hijacker. This hijacker has a dual function; first of all, it takes control over the browser and makes it at the constant basis download Webstoresecurity.com page; in addition, it attempts to secretly launch the downloading and installing of rogue antispyware.
Where you have been redirected or visited intentionally Webstoresecurity.com, click here to start free scan and remove Webstoresecurity.com hijacker. Webstoresecurity.com may contain malicious scripts and deliver malware like above hijacker, which is why its visiting is a good reason to scan computer and get rid of malwarescn.com infections as appropriate.

Webstoresecurity.com screenshot:

Webstoresecurity.com removal tool:

Webstoresecurity.com Removal Tool

Baconator 0.1 Beta 2 (try me)

I have completed the 0.1 Beta 2 of Baconator and believe it to be fairly stable and user friendly! Please give it a roll (it's not in a tarball yet, so you will have to check it out as noted below) and let me know if you experience any issues or have any updates / features that you would like to see.

The timeline:
Release 0.1:(This is complete)

• First Beta Release
• Downloads latest rules file
• Verifies MD5 of local rules file
• If MD5 has not changed from snort.org.. doesn't fetch files again
• handle both rules and so_rules
• Capability to generate stub files

Release 0.2:(I have started to work on this piece, probably finished in a few more weeks)

• Rule modification, i.e. disabling of specific rules within rule sets
• Capability to compile so_rules from source
• Outputs changes in rules files if any rules have been added / modified
• Compares new rules files with current rule sets
• Option to use Emerging-Threats rules in addition to snort.org rules
• Option to define custom URL to fetch rules tarballs from
• Automated retrieval of certain variables (Distro, Snort Version.. etc)

Next Release...

• TBD by community needs / requests

Visit the google code site for info on how to check out the code etc..

http://code.google.com/p/baconator/

Cheers,
JJC

N.J. accidentally reveals personal data of 28K unemployed residents

Article here => http://www.nj.com/news/index.ssf/2009/05/3k_unemployed_nj_residents_may.html

Somehow these statements make it ok? => "This is a fluke," department spokesman Kevin Smith said. "This was just a clerical error."

Right, it's just a clerical error that affects 28,000 individuals lol. I'll grant them that it's not as major as many other items that have occurred.. but they seem to not take it seriously is my short and sweet point!

Yes, they (as I have stated in the past) like all other agencies have a standard => http://www.state.nj.us/it/ps/p7cir.html, but evidently as long as "It's just a clerical error" again, it's ok.

Anyway, just wanted to start the week off on a small soap box ;-)

Cheers,
JJC

Get rid of Secure Antivirus Pro (SecureAntivirus Pro) to be a true master of your computer

Secure Antivirus Pro (SecureAntivirus Pro) has been reported to damage MS Office software. Brief examination of this software exposed a number of executables capable of issuing the corresponding commands. During the observations there was no software damaged, but Secure Antivirus Pro requested great portion of system resource and created slow computer problem. Under such conditions of RAM shortage, a very few pieces of software run properly.
Secure Antivirus Pro is another rogue antispyware. It may be downloaded by user with or without his or her informed consent. Backdoor installation is also possible.
Removal of Secure Antivirus Pro requires removal of all Secure Antivirus Pro constituents, for they may act separately and oppress your computer system. Click here to start free scan and remove Secure Antivirus Pro fake antispware (using Spyware Doctor with antivirus).

Secure Antivirus Pro screenshot:

Secure Antivirus Pro removal tool:

Download Secure Antivirus Pro Removal Tool

Secure Antivirus Pro manual removal guide:
Delete Secure Antivirus Pro files:

av.exe

Delete Secure Antivirus Pro registry entries:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run “Secure AntiVirus Pro”

Snort 2.8.5 at snort.org... get it while it's hot!

A beta version of Snort 2.8.5 is now available on snort.org, at
http://www.snort.org/dl/

Snort 2.8.5 introduces:

- Ability to specify multiple configurations (snort.conf and everything
it includes), bound either by Vlan ID or IP Address. This allows you
to run one instance of Snort with multiple snort.conf, rather than
having separate processes.

- Continued inspection of traffic while reloading a configuration.
Add --enable-reload option to your configure script prior to building.

- Rate Based Attack prevention for Connection Attempts, Concurrent
Connections, and improved rule/event filtering. See README.filters
for details.

- SSH preprocessor (no longer experimental)

- Performance improvements in various places

Please see the Release Notes and ChangeLog for more details.

Please submit bugs, questions, and feedback to snort-beta@sourcefire.com.

DC Agency Accidentally Emails PII about College Financial Aide Applicants <= WHAT?

Yes, the headline is indeed true. Yet another in a seemingly endless series of silly (stupid) mistakes made by individuals that lead to significant data leakage.

The Article:
D.C. Agency Accidentally E-Mails Personal Data About College Financial Aid Applicants

How many times is this going to happen before people begin to take things as simple as user education / training, as related to security, seriously? Having worked for a variety of branches within the federal government, I can tell you that they do have some fairly basic protocols in-place that allow for basic online (depending on the agency/organization either annual, semi-annual etc...) instruction and in the same session, testing. This then creates a nifty little certificate that you can hang in your little cubicle and is tracked by the CSO (or equivalent thereof) to provide for proof that said Agency/organization is meeting with their requirements.

Evidently though, the "don't email sensitive rubbish out" section was missing in the OSSE's online curriculum?

You tell me...
JJC

Malware Catcher 2009 removal guide: another clone of Virus Sweeper and Virus Shield 2009

Malware Catcher 2009 may be caught at various online storages offering to install free computer security tools. These tools, however, mislead users into thinking their computers are infected regardless of their actual infection status. Malware Catcher 2009, to the above purpose, creates a number of harmless files to display them as scan results.
Another way how Malware Catcher 2009 enters computers is a trojan installation.
Malware Catcher 2009 may be blocked by host system for a while in its features; in particuliar, fake scan that Malware Catcher 2009 attempts to run may be aborted. Pay attention to alerts by Malware Catcher 2009 in such a case; these alerts lead to online ads praising Malware Catcher 2009 and suggesting to register its trialware, that requires online payment to the variable, subject to the term of registration, amount. .
To perform safe and fast Malware Catcher 2009 removal, click here and apply reliable security tool to remove Malware Catcher 2009 and any other parasites harming your computer system and personal data.

Malware Catcher 2009 screenshot:

Malware Catcher 2009 removal tool:

Download Malware Catcher 2009 Remover

Malware Catcher 2009 manual removal instructions:
Delete Malware Catcher 2009 files:

cb.tmp
CLSV.dll
CLSV.drv
eb.tmp
energy.exe
energy.sys
energy.tmp
exec.dll
fix.sys
PE.drv
PE.sys
std.drv
tjd.exe
tjd.tmp
Malware Catcher 2009.lnk
7c69f0c
7c69f0c\MCatcher.exe
7c69f0c\SystemFeed
7c69f0c\SystemFeed\vd952342.bd
SystemFeed
SystemFeed\mctch.ini
Malware Catcher 2009
Instructions.ini
Malware Catcher 2009.lnk

Delete Malware Catcher registry entries:

HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\MCatcher.DocHostUIHandler
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Internet Settings\5.0\User Agent\Post Platform “[xSP_2:2092962508]”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Internet Settings\5.0\User Agent\Post Platform “6989019803″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Run “Malware Catcher 2009″

Proantivirusscanv3.com - another misleading domain to block

Proantivirusscanv3.com is a typical browser hijacker that use Zlob trojan to promote and sell Personal Antivirus fake security software. Proantivirusscanv3.com comes from Russia and Ukraine and its purpouse is to scare users and force to download rogue anti-spyware applications. We recommend to use Spyware Doctor with antivirus in order to detect and remove both Proantivirusscanv3.com hijacker and Zlob Trojan.

Proantivirusscanv3.com screenshot:

Proantivirusscanv3.com removal tool (free scan):

Delete Proantivirusscanv3.com

WinActive AntiVirus - new rogue with aggressive behaviour

WinActive AntiVirus (WinActiveAntiVirus) belongs to the big group of programs utilizing Windows logo and attempting to make users believe that Windows has accepted and supports the trial versions of them. Of course, Windows actually does not accept such fake security tools as WinActive AntiVirus and is also duped accepting commands of this malicious program as user’s commands when WinActive AntiVirus exploits Windows vulnerabilities.
WinActive AntiVirus is usually installed with trojan or through the websites with misleading scanners. Hidden installation of WinActive AntiVirus is to be understood as trial version installation to the purpose of prompting user into buying the full version. The procedure of suggesting is very annoying and may, in addition, slow down the computer. The scan run by WinActive AntiVirus is a random extracting of names from names list and inclusion them into the table represented on the monitor. WinActive AntiVirus also produces window entitled Windows Security Center. It is understood that Windows has no relation to this fake alert but that is has not banned it yet.
Click here to stop the naïve attempts of online robbery and remove WinActive AntiVirus (using Spyware Doctor with antivirus).

WinActive AntiVirus removal tool:

Download WinActive AntiVirus Remover

Remove malicious hijackers

Free-tube-video-central.net, Hot-tube-tuberzzz.net, Niche-tube-videos-here.net, Tubezzz-boobezzz.net are malicious web-sites that promotes fake security products from Russia. They use trojan horses to hijack your browser and display fake security scans. Download Spyware Doctor with antivirus to get rid of these annoying hijackers.

Remove

http://free-tube-video-central.net
http://hot-tube-tuberzzz.net
http://niche-tube-videos-here.net
http://tubezzz-boobezzz.net

hijacker using removal tool with free scan

Offer-provider.com.net hijacker removal solution

Offer-provider.com.net is the latest browser hijacker that promote VirusRemover 2009 rogue anti-spyware. Offer-provider.com.net generate popups to scare users and force to download (and buy :-) ) useless antivirus solution. We recommend to remove Offer-provider.com.net hijacker using Spyware Doctor + antivirus.

Offer-provider.com.net screenshot:

Offer-provider.com.net removal tool:

Download Offer-provider.com.net Remover