How To Use HiJackThis to find Malware infection Part One

How To Use HiJackThis to find Malware infection Part One

HijackThis – Trend Micro USA (Genuine Freeware) [wrkx w/ Netbooks]
Trend Micro HijackThis is a free utility that generates an in depth report of registry and file settings from your computer.
http://free.antivirus.com/hijackthis/
http://en.wikipedia.org/wiki/Hijackthis
http://sourceforge.net/projects/hjt/
HiJackThis UPDATED:
Trend Micro Releases HijackThis Source Code to sourceforge.net
MarketWatch (press release)
http://www.marketwatch.com/story/trend-micro-releases-hijackthis-source-code-to-sourceforgenet-2012-02-17

RUNNING A HJT LOG ANALYSIS PART ONE

There is always this need to review this magic utility – how to use it responsibly and SAFELY.

( FYI…. (for your information) The niks [nick names] are “HJT” and “HJT Log Help” and “HJT Log Analysis” – HiJackThis Log help – you may see around at forums etc. )

If you have never performed a HiJackThis Analysis, they are a simple quick look at start up items which may reveal malware installed that is starting up with the computer system and other softwares installed, and set to run every start up. An HJT Log may show a resident threat in some areas. It can reveal malware toolbars installed and possibly other threats misusing an Active X item. HJT generates a sort of system read out snapshot in a text log file that can be examined in depth.

HiJack This was NEVER designed to be a malware remover. It is NOT to be used as one or as a substitute for one. It is always mentioned to the average user to NEVER make changes to the computer with HiJackThis, but rather go to an Advanced User or Professional help online or elsewhere as a friend in the know and savvy at malware removal help. Mistaken use may cause damage to the system and/or other softwares rendering them inoperable.

IF YOU WERE TO CHOOSE “FIX THIS” ….. UH-OHH

If you clicked “Fix This” on any valid process or software – it may delete or corrupt that part of the Windows OS (operating system) or other softwares – now rendering them inoperable. NEVER click “Fix This” unless you are an Advanced User or Professional or have been directed to do so by one.

This may delete the executable file and possibly a “run” registry key, etc.

It can not delete/uninstall malware payload files and registry key entries – the FULL threat – and these left overs can be re-used by malware and potentially hide from antimalware products now. They may also, being orphaned (executable deleted, payload remnant = orphans), being orphaned may be used by a rootkit to hide from detection as an inert file not deemed as a threat during antimalware scans. At best, quality antimalware products may detect these possibly – possibly – as variants and quantine / remove these during a scan. Proabaly not.
 
In cases of in the wild threats or other severe threats rifling and hijacking control of the PC, their executable showing up in the scan/log HJT Log —- to regain control of the computer for the User it may possibly be used to delete the start up entry – the executable generally – “malware.exe” fantasy example. If it is a known malware threat (s) – their payload installation files can be found in full from online malware databases. Having regained control of the computer by deleting the executable from start up, the rest of the payload can now be manually removed. In cases of in’the-wild threats’ – the executable deleted can give control back of the PC, and a follow up to delete the entire installation manually will have to be performed when the payload is known and posted publicly. It should be cautioned to the user in this state to either not use the PC or just very sparingly as instability may occur or further infection activity.

That/this is all because generally the user has no Emergency Repair CD to reinstall Windows and needs the hail mary scenario to save their Computer from the trash – purchased by their hard earned sawbucks and as not being able to replace in the near future – stuck without a PC. It may be used in cases just to regain control of the PC to be able to access private files one wishes to back up – make a copy of – before reinstalling the system to Factory Fresh – wiping the entire disk first, another hail mary to save important files or documents, pictures, movies, etc. If the User is aware of that, proceed with that understanding.

Bottom line….. If you irresponsibly use, or give instructions to irresponsibly use, HJT – ignoring example hazards and damge warnings above – you may find it all come back on you by some smear blitz over the internet about “so and so destroyed my computer that creep ! ” to say the least. If you are a professional or company, you may be sued for damages for gross negligence and deceptive practices and destruction of computer equipment. That would have to be defined by Lawyers and the Court.

PART TWO WILL SHOW THE ACTUAL ANALYSIS. >>>
Click > Do System Scan and Create Log File

Webmaster:

BlueCollarPC.US

Malware Removal / Amateur Forensics

HOME http://bluecollarpc.us/

Alternate https://sites.google.com/site/pcsecurityhelper/

HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/

Membership/Join List:

Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com

Free Malware Removal Help / A Community Website Since 2005

Typical Question – How did I get infected with trojan and virus

Typical Question – How did I get infected with trojan and virus…

http://answers.yahoo.com/question/index?qid=20110923202712AAmHzZF

(I am antibotnet Yahoo ID as webmaster www.bluecollarpc.us)

It

may help a little with orientation with the behavior of malware. A trojan takes control and wants to do something and will rifle actions to get it done. A crash may occur because it is not normal expected behavior of the healthy system as is giving control command in an underhanded way as brute force. Trojans have evolved greatly and they have security software disabling trojans which disable free products and some shareware products as well. There are now Downloader Trojans that install more and more malware as the rootkit usually does. There are backdoor trojans that affect connectivity and control vital areas.

The crash you mention probably did occur from the trojan infection and spyware does this too as opposed to a computer virus or worm. AVG did indicate a trojan infection found.

Viruses take over files to spread themselves. Some are specifically created to destroy computer files, systems, or drive itself. Newer ones have been crafted to steal passwords.

Your problem seems to be you are using the free AVG version which will NOT protect the computer because Real Time Protection is only activated in paid subscription antivirus and antispware products. If you had AVG paid antivirus – it would have blocked the trojan infection from occurring. NOTE today there are many newer and sophisticated trojans that simple antivirus no longer detects all. Antispyware will detect many of these and particularly ones used in spyware installations.

These can happen anywhere on the world wide web at any infected website whether hacked or intentionally a malicious content website. This is called a “drive by infection” meaning the unprotected computer will get infected just by visiting a bad website. This can include and is not limited to virus, trojan, spyware, and botnet infections. You MUST have Real Time Protection activated or there is NO protection.

The free home version scanners are called stand alone on demand scanning as “reactive” protection. Paid subscription security softwares have all this plus the “proactive” Real Time Protection processes (heuristics) that block all infections from occurring in the first place. All that gets past this is generally embedded malware in some software download that can be found by scanning the package FIRST before clicking to install OR will detect it trying to execute when the installer package is double clicked to execute the installation.

Threatfire is great as just the Real Time Protection processes protection themselves for both ativirus and antispwyare catagory threats. You can add that and scan regularly with AVG free. http://www.threatfire.com/
You forgot antispware with Real Time Protection – get free from Microsoft, Windows Defender to add to this package….. http://www.microsoft.com/athome/security/spyware/software/default.mspx

There are only two or three known antivirus and antispwyare programs in the world that have offered free Real Time Protection products, and fortunately they are far from dog programs. They have won several prestigious awards that the big companies have such as the VB100 Award and West Coast Certification to name a couple. I would pick one and install it immediately and keep AVG off to the side as a secondary stand alone scanner.

Microsoft Security Essentials
http://www.microsoft.com/security_essentials/

Comodo Free Anti Virus
http://antivirus.comodo.com/

ALSO
Spyware Terminator
(Antispyware and antivirus. Real time protection added ! )
http://www.spywareterminator.com/
* Fast spyware scanning
* 100% real-time protection
* HIPS protection
* Antivirus protection
* Multilanguage Support

Source(s):

http://bluecollarpc.us/Threats_FAQs.html

BSoD Blue Screen Of Death Helpers

BSoD Blue Screen Of Death Helpers

A typical event and answer….
http://answers.yahoo.com/question/index?qid=20110923213652AA4NDOF

QUOTED

….. (I am antibotnet yahoo id)

It would help everything if you noticed any name of anything and go to BleepingComputer.com. I hear you and understand you understand that you knew better than to keep using the computer without taking the few minutes to create an Emergency CD Repair disk to reinstall Windows to factory fresh after wiping the disk (erase all on it). Generally with the BSoD (Blue Screen Of Death) means you have to reinstall Windows unless you are really savvy with security.

You could try accessing the Windows Registry to delete malware entries manually. Fish through system32 and unknown program installations. HiJackFree can help with these things even though you may not yet be that advanced http://www.hijackfree.com/en/ …..We are talking start up processes items (executables and others) unfamiliar and autorun entries (if worm involved) Active X items as unknowns…. HiJackFree can help simply as it lists all these – what is actually loaded and running in your pc – in each section when you install it and use it anytime.

TRY USB DRIVE PORTABLE ANTIMALWARES…. You will need a USB Drive (sometimes called a thumb drive) and these look just like a USB Media stick but make SURE it is a DRIVE to operate these. They will NOT work on a USB Media stick (same price). About 12 to 22 USD (US Dollars) depending on size. A 2Gigabyte size is plenty of room for these and usually the smallest ones and they sell up to 8 gigs and higher. (These also store files like the usb media stick).

Emsisoft Emergency Kit Scanner (best detections)
http://www.emsisoft.com/en/software/eek/
The Emsisoft Emergency Kit contains a collection of programs that can be used without a software installation to scan and clean infected computers for malware.

ClamWin Portable (Antivirus, more) [FREE]
http://portableapps.com/apps/utilities/clamwin_portable
Antivirus to go…. ClamWin Portable is the popular ClamWin antivirus packaged as a portable app, so you can take your antivirus with you to scan files on the go. You can place it on your USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind.
NEWS: ClamWin Portable 0.97.1 (anti-virus) Released | PortableApps.com …
ClamWin Portable 0.97.1 (anti-virus) Released. Submitted by John T. Haller on June 17, 2011 – 7:46pm. logo ClamWin Portable 0.97.1 has been released. …
http://portableapps.com/news/2011-06-17_-_clamwin_portable_0.97.1_released

Microsoft

Standalone System Sweeper (Beta) [FREE]
http://connect.microsoft.com/systemsweeper
Note “beta” means it is actually still a test version with ability of feedbacks from the community for any bugs found they need to correct. It then is released as normal “alpha” version.
NEWS:
Microsoft ships free malware cleaner that boots from CD or USB
ZDNet (blog)
June 1, 2011, 10:15am PDT In a move aimed at cutting down on support call costs, Microsoft has released a malware recovery tool that boots from a CD or USB stick. Ryan Naraine is a journalist and social media enthusiast specializing …
http://www.zdnet.com/blog/security/microsoft-ships-free-malware-cleaner-that-boots-from-cd-or-usb/8712

SUPERAntiSpyware

Portable Scanner (Antispyware) [FREE]
http://www.superantispyware.com/portablescanner.html
Follow the instructions below to download the SUPERAntiSpyware Portable Scanner. The scanner features our complete scanning and removal engine and will detect AND remove over 1,000,000 spyware/malware infections. The scanner does NOT install anything on your Start Menu or Program Files and does NOT need to be uninstalled. The scanner contains the latest definitions so you DO NOT need Internet Access on the infected system to scan.

Source(s):

http://bluecollarpc.us/Help_Center.html
http://portableapps.com/

Lavasoft Ad-Aware back in the News

Lavasoft Ad-Aware back in the News….

Lavasoft Ad-Aware was one of the pioneers in antispyware defense program software applications. I remember it well and was one of the ‘first loves’ way back in the beginning of the Windows XP years. Originally it was obviously among the top defenders. Graciously they offered a free home version to the public along with gaining more defenses by purchasing the full version. Along the way, the industry leaders kind of left it in the dust – among some Trend Micro Antispyware,  Spysweeper, CounterSpy, to name the few. Surprisingly, they are back in the news but I rely on independent labs results rather than ‘newbie hype’ or perhaps tainted news editors departments ‘test results’. ….for what it is worth…

ARTICLE: Lavasoft’s Ad-Aware Awarded PC Magazine Editors’ Choice

Zawya (press release)

Respected PC Magazine lead security analyst Neil Rubenking, who recently reviewed both versions of Ad-Aware said, “This latest Ad-Aware remains very effective at keeping malware out of a clean system and adds new technology that improves its ability to …

http://www.zawya.com/story.cfm/sidZAWYA20110327064724

___Next they will have to catch up to “Cloud Computing” products as industry leaders Trend Micro and Webroot have innovated…. I have a short blog blast here on that subject…

Desktop/Laptop Cloud Computing – new “super antivirus” for the New Decade

March 8, 2011 — bluecollarpc

https://bluecollarpcwebs.wordpress.com/2011/03/08/desktoplaptop-cloud-computing-new-super-antivirus-for-the-new-decade/

ALWAYS OBSERVE BAD PRODUCTS LISTS

Title: The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites

Description: Bad, False, Fake products

URL: http://www.spywarewarrior.com/rogue_anti-spyware.htm

LavaSoft — The Rogue Gallery

http://www.lavasoft.com/mylavasoft/rogues/latest

The Rogue Gallery, powered by the Malware Labs at Lavasoft, is a resource dedicated to keeping computer users safe from rogue security software. By providing a comprehensive database of current rogue security applications, you have the ability to clearly see what programs are considered rogue – and avoid them.

Partial list of rogue security software

http://en.wikipedia.org/wiki/Rogue_security_software

Scareware / From Wikipedia, the free encyclopedia

http://en.wikipedia.org/wiki/Scareware

Rogue security software / From Wikipedia, the free encyclopedia

http://en.wikipedia.org/wiki/Rogue_software

For reference I am webmaster http://BlueCollarPC.US/  (Windows – Community Help malware removal/info)

Since 2005

What is Identity Theft – identity stolen? How? Defenses ?

What is Identity Theft – identity stolen? How? Defenses ?

Two prong… the old fashioned way of “dumpster diving” for account information, sifting your trash for statements etc. The other half is through your computer, generally via spyware threats and some viruses such as a ‘password stealing virus’ – hacking accounts, account break in, impersonation, phishing email threats. Just think of your PC as a great big database and you need to protect it as it moves around the Net in communicating.

Install quality known high detection rated antivirus, antispyware (with Real Time Protection – only ! – free stuff does not do that), and a personal firewall. That is how to protect your computer system and files and communications from snoops. Pretty simple. There are some additional utilities and it is imperative now to finally upgrade to the latest version of Internet Explorer – versions 7, and latest 8, have the latest state of the art Microsoft anti-phishing technologies which block going to phishing sites that steal identities. Another to add is to check any accounts like the credit report scenario for new accounts being opened in your name and criminals maxxing out the account – the other half of stealing info, impersonation. That’s why they highly recommend monitoring all accounts and your name.

How on PC ? Spyware threats and certain crafted viruses as a “password stealing virus”. Spyware threats can add “keyloggers” which transmit everything you type and can add taking screenshots of anything you are looking at on the screen and is transmitted like when transacting, logging into accounts etc.

News … (scope) :
Identity theft costs a record $56.6 billion
http://www.identitytheftdaily.com/index.php/20090223506/Prevention/Identity-theft-costs-a-record-$56.6-billion.html
Identity Theft Daily – San Diego,CA,USA
Deloitte says that 51 percent of external attacks on financial institutions were
phishing followed by spyware at 48 percent. Recent laws in eight states let …MORE

Numbers are about even at 54 Billion a year in the USA – 3 years running ! – and went down to about 45 Billion last year, 2009. About 4 percent of Americans have become “un-people” (Orsin Wells book ? right author ?) as never being able to get credit ever again. These accounts/persons were not able to be fixed to satisfy or prove ID Theft etc. to repair their name and credit. It is a mess and highly scary. Keep diligence online to avoid infection (even with the best of quality security defense products) – dubbed “Safe Practices” (search). Try US CERT for some good help.

Here is a good link to become familiar with the actual threats (malware) that do this…..
Threats FAQs http://bluecollarpc.us/threatsfaq.php

Even more ways they do it are check washing and they have your blank check with signature. Banks, others, sell the anti-water washing checks that cost just a tad more. They even sell the special pens now that block that too, that deeply imprint writing that can’t be check washed. (Check washing is taken a check made out to anything and then put it in a special little tub of chemical that erases the hand written stuff only and then they fill it in again to some amount).

Another way even more are the “phisher emails” that are fake emails that look like any financial type communication but are actually fake and have some lead line like “your account needs to be updated, changed, new password reset, etc.” When you hit the link they provide to go to that (you’ve been phished) it generally leads to a data colecting site invisible to the eye. See Pharming too. Internet Explorer Version 7 and newest 8 both have the Microsoft anti-phishing technologies that block almost all of this to aid the community and is why it has always been mandatory to have the latest greatest version of any browser because the newest has the top tech available in browser security.

Always set all browsers to delete all “temporary internet files” every time you close it. These areas are hacked into by badware to retrieve info in. These show all the graphics of every where you go with the browser and also cookies so that they know what site you actually logged into. Java should be set to not store temporary internet files because it is the area trojans hack into to avoid detection. Various Java applications will reveal your browsing history as well. Access Java settings at Start / Control Panel / Java… and double click it or right click – open… click the “Do Not Store temporary files on computer”.

“Social Enginneering” means they hunt around social networking destinations and forums and boards for “chatty cathys” blabbering away about these sensitive personal things to figure out how to trick a User into clicking something to infect with the above mentioned crimewares and scenarios.
http://www.microsoft.com/protect/terms/socialengineering.aspx (Obviously Facebook is now the largest target with over 400 million users and is too, too public for this)

A plague right now has been the fake security products (scareware) which are actually the above infections doing the same but tricking into buying it from fake pop ups of “Your Computer is infefected with such and click here to buy this super duper malware removal to clean the infection” etc.

Keep Windows Updates on Automatic for all critical and important Updates issued every second Tuesday of the month dubbed “Patch Tuesday” and currents…..
http://www.networkworld.com/news/2010/060310-microsoft-plans-gigantic-patch-tuesday.html?source=nww_rss (Windows Updates is your computer “lifeline” for latest programming vernabilities Updates/Fixes – blocking enabling hackers and crimeware to snoop and take over the computer itself. As well, top optimization and “make overs”, Upgrades/Updates, Service Packs, additional driver updates, etc. are retrieved here and available for installation. Use the “Custom Scan” option for these.)
More …. (current threat)
http://www.us-cert.gov/current/index.html#adobe_releases_security_advisory_for2

Keep all software up to date fully patched and try popular recomended Secunia PSI (personal software inspector) from well known Secunia.com http://secunia.com/vulnerability_scanning/personal/ used by millions.

Just like Windows, all other outdated unpatched softwares can be hacked into by these crimewares – the new “soft target” for crimeware entry (crimeware – viruses and worms are illegal and spyware according to laws). PSI will scan fast all software and presents the links for the free updates issued by the software companies and makers – many times also posted at their product website. Many newer softwares have an Update button (not talking about buying Upgrades – but updates) and can be set to check for updates like daily, weekly monthly. This is how you know you have a higher quality software, and security attended, as opposed to some free do-dad thingy somewhere from off some download destination and become outdated and dangerous in this manner – spring clean ! Dump old outdated unattended softwares not used often or ever (forgotten installation) if you can live without it, as is an unattended potentially dangerous entry point. For instance, it may be a utility of software from way back in the decade and is completely dangerous as obsolete in current threats – the product coding security-wise was not even invented yet and is an easy target for break in and even take over the computer system eventually.

Happy and Safe Computing !
Webmaster, http://www.bluecollarpc.org/

SOURCES..
http://en.wikipedia.org/wiki/Rogue_security_software
http://www.spywarewarrior.com/rogue_anti-spyware.htm
http://www.lavasoft.com/mylavasoft/rogues/latest
http://www.us-cert.gov/current/index.html#fbi_releases_warning_about_scareware

From our New Project ….
PC Security Helper
https://sites.google.com/site/pcsecurityhelper/
Posted by PC Security Helper Blog
http://pcsecurityhelper.blogspot.com/
Posted by BlueCollarPC.Org BlogCasts at 6/10/2010 4:22 AM
Categories: BlueCollarPC.Org Blog
Tags: riskware BlueCollarPC.Org Blog Windows Updates temporary internet files scareware stolen identity Security cyber crime crimeware ID Theft

Rogue Gallery Helps IDentify Scam Software

Rogue Gallery Helps IDentify Scam Software

If you’re trying to figure out whether that “MalwareDefender2009″ program is a legit app or a scam, a new listing of the known scams can help. …..
http://www.networkworld.com/news/2009/120109-rogue-gallery-helps-id-scam.html?source=NWWNLE_nlt_security_2009-12-02

SEE

LavaSoft (makers of Ad-Aware, more)
The Rogue Gallery
The Rogue Gallery, powered by the Malware Labs at Lavasoft, is a resource
dedicated to keeping computer users safe from rogue security software. By
providing a comprehensive database of current rogue security applications, you have the ability to clearly see what programs are considered rogue – and avoid them. Navigate the Rogue Gallery by displaying the latest threats or by searching for specific programs, listed in alphabetical order. Use the “Submit a Rogue” link to quickly and easily send any suspicious programs directly to Malware Labs to be analyzed.
http://www.lavasoft.com/mylavasoft/rogues/latest

SEE
Title: The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites 
Description: Bad, False, Fake products 
URL:  http://www.spywarewarrior.com/rogue_anti-spyware.htm 
About This Page – Please Read:
Those who have followed the development of this page since 2004 will have noted that the list of “rogue/suspect” anti-spyware products has not been updated since May 2007. Unfortunately, other time commitments have precluded our efforts to keep that list up to date. Since the last update dozens of “new” rogue anti-spyware programs have hit the ‘Net. The vast majority of them, however, are not really new, but are simply re-branded clones and knockoffs of the same rogue applications that have been around from years. In most cases, they are being pushed through the same deceptive practices by the same parties responsible for earlier versions. See in particular these “families” of anti-spyware products, which continue to live on through shameless re-branding: 15, 18, 19, 21, 22, & 23. 
If you are looking for information on the most recent rogue anti-spyware applications, we recomend visiting these sites:

BleepingComputer.com: Spyware & Malware Removal Guides
MalwareBytes: Newest Rogue Threats
MalwareBytes Blog
Bharath’s Security Blog
VitalSecurity.org
Sunbelt Blog

TO FIGHT FAKE ROUGE PRODUCTS YOU ARE GOING TO HAVE TO BECOME FAMILIAR WITH AGE OLD TRUSTED PUBLICATIONS SUCH AS ARSTECHNICA.COM AND PCWORLD.COM AND CNET.COM AND ON AND ON….. FAMILIAR AND POPULAR DESTINATIONS ON THE WORLD WEB THAT ARE WELL ESTABLISHED AND WELL KNOWN AND HAVE WRITE UPS ABOUT REAL PRODUCTS.

I HAVE JUST SEEN A FAKE PRODUCT VARIANT OF MALWARE VIRUSBURST SITE THAT LOOKS LIKE A REAL ANTIVIRUS PRODUCT WEBSITE WITH SEARCH ENGINE RESULTS CLAIMING IT JUST WAN ITS 4TH VB100 AWARD !!!! 

FBI Releases Warning about Scareware (US-CERT) http://www.us-cert.gov/current/index.html#fbi_releases_warning_about_scareware
KNOW AND ASK ABOUT AGE OLD KNOWN PUBLICATION WEBSITES FOR CROSS REFERENCES OF PRODUCTS – BELOW ARTICLE SHOWS 16 TOP PRODUCT NAMES THAT YOU NOW KNOW ARE NOT ROGUE FAKE ANTIVIRUS PRODUCTS. IT HAS TURNED INTO A NIGHTMARE CURRENTLY !!! BELOW ARE YOUR TOP WORLD PRODUCTS – SHAREWARE ……PRELIMINARY LIST WILL ADD MORE / JAN 2010

Rating the best anti-malware solutions
http://arstechnica.com/security/news/2009/12/av-comparatives-picks-eight-antipua-winners.ars

Here are the results of this particular test:

1.G DATA Antivirus 2010: 99.8 percent
2.Trustport Antivirus 2010: 99.8 percent
3.AVIRA AntiVir Premium 9.0: 98.9 percent
4.McAfee VirusScan Plus 2010: 98.9 percent
5.BitDefender Antivirus 2010: 98.6 percent
6.eScan AntiVirus 10.0: 98.6 percent
7.F-Secure Anti-Virus 2010: 98.6 percent
8.Symantec Norton Antivirus 2010: 98.6 percent
9.Kaspersky Anti-Virus 2010: 96.7 percent
10.ESET NOD32 Antivirus 4.0: 96.5 percent
11.avast! Free 5.0: 96.3 percent
12.Sophos Antivirus 9.0.1: 95.4 percent
13.Microsoft Security Essentials 1.0: 94.6 percent
14.AVG Anti-Virus 9.0: 93.9 percent
15.Norman Antivirus & Anti-Spyware 7.30: 88.5 percent
16.Kingsoft AntiVirus 9 Plus: 87.1 percent

VB100 Award = Perfect scores ! (Top AntiVirus World Prize)
http://www.virusbtn.com/vb100/index
http://en.wikipedia.org/wiki/Virus_Bulletin
About the Virus Bulletin 100% award
The Virus Bulletin 100% awards recognise those products best able to detect viruses known to be ‘in the wild’. Unlike some other similar-sounding schemes, Virus Bulletin uses the most up-to-date WildList in its tests. This means that products that are ‘up with the game’ are the ones most likely to be granted VB100 awards. More information about Virus Bulletin can be found on its website: www.virusbtn.com.

ESET NOD32 Currently 59 VB100 awards !
http://www.eset.com/
http://en.wikipedia.org/wiki/ESET_NOD32
This brings the ESET Antivirus VB100 award total to 59 – still
the highest of any antivirus vendor!
December 2009 – ESET antivirus scoops 59th VB100 Award
http://www.betterantivirus.com/nod32-and-virus-news/archives/1456-December-2009-ESET-antivirus-scoops-59th-VB100-Award.html

Sophos Antivirus (UK)
http://www.sophos.com/
http://en.wikipedia.org/wiki/Sophos
Sophos’s anti-virus engine and identities are now packaged into
Webroot Spy Sweeper with Anti-Virus (Webroot Spysweeper one of world’s best)
http://www.webroot.com/
Sophos wins VB100 on Windows XP
http://www.sophos.com/pressoffice/news/articles/2009/04/vb100.html
…..the 46th VB100 that Sophos has received !
(Note, Sophos is a corporate business application only available to Home Desktop in the new “marriage” combo suite created recently with industry leader Webroot Spysweeper.)

F-Secure
http://www.f-secure.com/
F-Secure Awards – Award-Winning Antivirus and Protection Products
http://www.f-secure.com/en_US/about-us/awards-reviews/2009/

Advanced +++ in AV-Comparatives Performance test
Dec 23, 2009
Anti-virus (Award)
F-Secure Internet Security 2010 receives VB100 award in the latest Virus Bulletin comparative review.
http://www.f-secure.com/en_US/products/home-office/internet-security/
VB100 award
Dec 01, 2009
Internet Security (Award)

Kaspersky (Russia)
http://www.kaspersky.com/
Kaspersky Lab’s antivirus solutions win prestigious VB100 award in testing on Windows 7 platform
http://www.kaspersky.com/news?id=207575987
One of the most popular anti-virus solutions among computer users, Kaspersky Anti-Virus 2009, won a VB100 award from Virus Bulletin on Windows Vista Business Edition.

Avast
http://www.avast.com/
http://www.avast.com/eng/awards.html

PC Tools Spyware Doctor with AntiVirus (PC Tools Spyware Doctor one of world’s best)
http://www.pctools.com/consumer/products/
PC Tools receives prestigious Virus Bulletin VB100 awards
for Spyware Doctor and PC Tools AntiVirus
http://www.pctools.com/news/view/id/177/

Avira
http://www.avira.com/
http://www.avira.com/en/company_news/avira_receives_again_vb_100_award_on_windows_xp.html
Desktop Products
 Avira AntiVir Premium
 Avira Premium Security Suite
 Avira AntiVir Professional

CounterSpy (antispyware) with Vipre Antivirus (CounterSpy one of world’s best)
http://www.sunbeltsoftware.com/
VIPRE® Antivirus + Antispyware from Sunbelt Software Wins VB100 Award for Malware Detection on Windows 7 Platform
http://www.sunbeltsoftware.com/Press/Releases/?id=322
http://www.counterspy.com/

Kingsoft Internet Security
http://www.binarynow.com/
Kingsoft Internet Security 2009 obtains VB100 award from Virus Bulletin for April 2009
http://www.binarynow.com/internet-security/kingsoft-internet-security-2009-obtains-vb100-award-from-virus-bulletin-for-april-2009/
Kingsoft Internet Security 9 Plus
Internet security suite that contains anti-virus, anti-malware, a vulnerability scanner and personal firewall.
Find and fix rootkits, spyware, trojans, virus and malware infections. Protect your PC for less!
Forefront Client Security
http://www.microsoft.com/forefront/clientsecurity/en/us/product-information.aspx
Forefront Client Security wins VB100 award for Windows Server 2008 anti-malware
http://blogs.technet.com/forefront/archive/2008/10/02/forefront-client-security-wins-vb100-award-for-windows-server-2008-anti-malware.aspx

Avoid Fake AntiVirus Products – see top list here of the REAL PRODUCTS

 http://www.bluecollarpc.org/Spyware_Removal_Center.html

TO FIGHT FAKE ROUGE PRODUCTS YOU ARE GOING TO HAVE TO BECOME FAMILIAR WITH AGE OLD TRUSTED PUBLICATIONS SUCH AS ARSTECHNICA.COM AND PCWORLD.COM AND CNET.COM AND ON AND ON….. FAMILIAR AND POPULAR DESTINATIONS ON THE WORLD WEB THAT ARE WELL ESTABLISHED AND WELL KNOWN AND HAVE WRITE UPS ABOUT REAL PRODUCTS. I HAVE JUST SEEN A FAKE PRODUCT VARIANT OF MALWARE VIRUSBURST SITE THAT LOOKS LIKE A REAL ANTIVIRUS PRODUCT WEBSITE WITH SEARCH ENGINE RESULTS CLAIMING IT JUST WAN ITS 4TH VB100 AWARD !!!! 
FBI Releases Warning about Scareware (US-CERT) http://www.us-cert.gov/current/index.html#fbi_releases_warning_about_scareware
KNOW AND ASK ABOUT AGE OLD KNOWN PUBLICATION WEBSITES FOR CROSS REFERENCES OF PRODUCTS – BELOW ARTICLE SHOWS 16 TOP PRODUCT NAMES THAT YOU NOW KNOW ARE NOT ROGUE FAKE ANTIVIRUS PRODUCTS. IT HAS TURNED INTO A NIGHTMARE CURRENTLY !!! BELOW ARE YOUR TOP WORLD PRODUCTS – SHAREWARE ……PRELIMINARY LIST WILL ADD MORE / JAN 2010Rating the best anti-malware solutions
http://arstechnica.com/security/news/2009/12/av-comparatives-picks-eight-antipua-winners.arsHere are the results of this particular test:1.G DATA Antivirus 2010: 99.8 percent
2.Trustport Antivirus 2010: 99.8 percent
3.AVIRA AntiVir Premium 9.0: 98.9 percent
4.McAfee VirusScan Plus 2010: 98.9 percent
5.BitDefender Antivirus 2010: 98.6 percent
6.eScan AntiVirus 10.0: 98.6 percent
7.F-Secure Anti-Virus 2010: 98.6 percent
8.Symantec Norton Antivirus 2010: 98.6 percent
9.Kaspersky Anti-Virus 2010: 96.7 percent
10.ESET NOD32 Antivirus 4.0: 96.5 percent
11.avast! Free 5.0: 96.3 percent
12.Sophos Antivirus 9.0.1: 95.4 percent
13.Microsoft Security Essentials 1.0: 94.6 percent
14.AVG Anti-Virus 9.0: 93.9 percent
15.Norman Antivirus & Anti-Spyware 7.30: 88.5 percent
16.Kingsoft AntiVirus 9 Plus: 87.1 percentVB100 Award = Perfect scores ! (Top AntiVirus World Prize)
http://www.virusbtn.com/vb100/index
http://en.wikipedia.org/wiki/Virus_Bulletin
About the Virus Bulletin 100% award
The Virus Bulletin 100% awards recognise those products best able to detect viruses known to be ‘in the wild’. Unlike some other similar-sounding schemes, Virus Bulletin uses the most up-to-date WildList in its tests. This means that products that are ‘up with the game’ are the ones most likely to be granted VB100 awards. More information about Virus Bulletin can be found on its website: www.virusbtn.com.ESET NOD32 Currently 59 VB100 awards !
http://www.eset.com/
http://en.wikipedia.org/wiki/ESET_NOD32
This brings the ESET Antivirus VB100 award total to 59 – still
the highest of any antivirus vendor!
December 2009 – ESET antivirus scoops 59th VB100 Award
http://www.betterantivirus.com/nod32-and-virus-news/archives/1456-December-2009-ESET-antivirus-scoops-59th-VB100-Award.htmlSophos Antivirus (UK)
http://www.sophos.com/
http://en.wikipedia.org/wiki/Sophos
Sophos’s anti-virus engine and identities are now packaged into
Webroot Spy Sweeper with Anti-Virus (Webroot Spysweeper one of world’s best)
http://www.webroot.com/
Sophos wins VB100 on Windows XP
http://www.sophos.com/pressoffice/news/articles/2009/04/vb100.html
…..the 46th VB100 that Sophos has received !
(Note, Sophos is a corporate business application only available to Home Desktop
in the new “marriage” combo suite created recently with industry leader Webroot Spysweeper.)F-Secure
http://www.f-secure.com/
F-Secure Awards – Award-Winning Antivirus and Protection Products
http://www.f-secure.com/en_US/about-us/awards-reviews/2009/Advanced +++ in AV-Comparatives Performance test
Dec 23, 2009
Anti-virus (Award)
F-Secure Internet Security 2010 receives VB100 award in the latest Virus Bulletin comparative review.
http://www.f-secure.com/en_US/products/home-office/internet-security/
VB100 award
Dec 01, 2009
Internet Security (Award)Kaspersky (Russia)
http://www.kaspersky.com/
Kaspersky Lab’s antivirus solutions win prestigious VB100 award in testing on Windows 7 platform
http://www.kaspersky.com/news?id=207575987
One of the most popular anti-virus solutions among computer users, Kaspersky Anti-Virus 2009, won a VB100 award from Virus Bulletin on Windows Vista Business Edition.Avast
http://www.avast.com/
http://www.avast.com/eng/awards.htmlPC Tools Spyware Doctor with AntiVirus (PC Tools Spyware Doctor one of world’s best)
http://www.pctools.com/consumer/products/
PC Tools receives prestigious Virus Bulletin VB100 awards
for Spyware Doctor and PC Tools AntiVirus
http://www.pctools.com/news/view/id/177/Avira
http://www.avira.com/
http://www.avira.com/en/company_news/avira_receives_again_vb_100_award_on_windows_xp.html
Desktop Products
Avira AntiVir Premium
Avira Premium Security Suite
Avira AntiVir ProfessionalCounterSpy (antispyware) with Vipre Antivirus (CounterSpy one of world’s best)
http://www.sunbeltsoftware.com/
VIPRE® Antivirus + Antispyware from Sunbelt Software Wins VB100 Award for Malware Detection on Windows 7 Platform
http://www.sunbeltsoftware.com/Press/Releases/?id=322
http://www.counterspy.com/Kingsoft Internet Security
http://www.binarynow.com/
Kingsoft Internet Security 2009 obtains VB100 award from Virus Bulletin for April 2009
http://www.binarynow.com/internet-security/kingsoft-internet-security-2009-obtains-vb100-award-from-virus-bulletin-for-april-2009/
Kingsoft Internet Security 9 Plus
Internet security suite that contains anti-virus, anti-malware, a vulnerability scanner and personal firewall.
Find and fix rootkits, spyware, trojans, virus and malware infections. Protect your PC for less!Forefront Client Security
http://www.microsoft.com/forefront/clientsecurity/en/us/product-information.aspx
Forefront Client Security wins VB100 award for Windows Server 2008 anti-malware
http://blogs.technet.com/forefront/archive/2008/10/02/forefront-client-security-wins-vb100-award-for-windows-server-2008-anti-malware.aspx

Spyware Removal Center

http://www.bluecollarpc.org/Spyware_Removal_Center.html