Posts Tagged ‘spyware doctor’

The Spyware Doctor download is one of the top spyware remover program downloads on the Internet. This program at one point was the endorsed spyware remover of the Google Pack popular program edition. In this commentary let’s look at the download from the newest version viewpoint. Particularly, let’s take notice of version 6.0.1 – a mid-cycle update.

PC Tools’ focus for this distribution or update appears to be an enhancement of the protection, detection and scanning facilities.

This Spyware Doctor download has a innovative feature that the manufacturer calls “next generation sliding signatures.” Sliding signatures provide this edition with the power to identify threats infamous for frequently morphing. These signatures are used to discern the recognizable blueprints inside these types of misleading morphing threats and rapidly alert the software of the infection.

EXPERT NOTE: The recommended malware software duo is spyware doctor with antivirus.

PC Tools’ sliding signatures have also brought performance improvements to the search interval and compact memory footprint and smaller system load as a whole during searchs. Notably, you can keep using your PC while the application scans for threats in silence in the background with ease and slight loading from the application.

PC Tools now offers password protection that lets you guard against illicit users, malware, spyware or adware trying to change key security settings, which in turn renders your computer susceptible to attack by infections because of the lack of such a protection mechanism. With Spyware Doctor 6.0.1, you now have the means to password protect changes to the application settings, shutdown within the real-time protection module called IntelliGuard.

You have complete control over your installation to make sure that maximized defense for every user when you activate password protection.

For serious game enthusiasts and Internet television watchers, the Full Screen Detection mode aspect is intended to render an uninterrupted user experience. This element offers zero-interruptions resulting in a light performance hit to your system when in full screen mode is engaged. Your security is not compromised while this feature is enabled.

Spyware Known_Bad_Sites points to a recognized bad site may have hijacked. Phishing, Spyware and Adware website may utilize the host file in Windows to direct your browser to an malicious website eventhough your were trying to access a clean website such as your financial site.

These messages displayed by Spyware Doctor occur because you might have some bad websites added to your favorites websites in your browser…

Spyware Doctor will spot those websites and signal them as Spyware.Known_Bad_Sites. Remember every time you put in some bad websites like certain free software, free audio, free video ,and some other bad websites spyware doctor will continue to flag them with  Spyware.Known_Bad_Sites.

These sites can be websites you visited as well. They will leave a cookie on your computer.Remove your cookies and temporary Internet files. Then run Spyware Doctor to verify that you have rid your computer of the infecting websites info.

From PCHell(dot)com:

Generally there might not be any reason to worry about all these files in your computer, but what if you sell your computer and all that information is left for someone else to see. Maybe friends and relatives visit and use your computer and you dont want everyone to know what files you are running on your computer. Then you are going to want to know how to delete these files.
Even if you are not worried about privacy on your computer, you may be surprised to realize how much hard drive space all this information takes up. You may want to delete these files If you are running out of drive space.

To delete these files, how would I do it?
For Internet Explorer 5 and above, you can follow these directions to clear out temporary files and delete cookies.
1) Open Internet Explorer and click on Tools
2) Click on Internet Options
3) On the General Tab, in the middle of the screen, click on Delete Files
4) You may also want to check the box “Delete all offline content”
5) Click on OK and wait for the hourglass icon to stop after it deletes the temporary internet files
6) You can now click on Delete Cookies and click OK to delete cookies that websites have placed on your hard drive.

To clear the Internet History in IE:
1) Open Internet Explorer and click on Tools
2) Click on Internet Options
3) On the General Tab, in the middle of the screen, click on Clear History
Click the OK button
To clean up other temporary files on your computer in Windows 98 or higher:
1) Click Start,  Programs (or All Programs), Accessories,  System Tools, Disk Cleanup
2) Choose the correct drive usually C:
3) Check the boxes in the list and delete the files

Download The latest version (6.0.1.444) here: Spyware Doctor Download

What is in the latest release:

• Password Protection – You can secure your settings, the Immunizer and the IntelliGuard now using a password.When this features is active, the user will be required to enter a password before he or she can modify settings.
  A password hint is used to support the recovery of lost passwords.
  
• Full Screen Mode – Should the computer user want to watch movies, play games or display a full-screen presentation, PC Tools Spyware Doctor can be configured to detect this mode and silently prevent threats without interruption to your session. Popups are blocked and the History will record all events processed during this time.
• Right Click Scan – Just right click on a  file, folder or drive and then your can perform a scan with Spyware Doctor.
• New Scan Engine – The new scan engine has been integrated with file detection which will improve detection capabilities, improve scan speed and reduce memory usage. Small memory footprints are key in the current environments where netbooks are proliferating.
• Network driver (TDI) enhancements – The update divides network TDI monitoring into the following components:
  1. TDI generic driver – Receive network events and pass them to plugins that are registered to receive those events
  2. Product specific Network Plugins – Spyware Doctor Site Guard Plugin will register with TDI to receive and handle Site Guard TDI events. This will allow an easy way to update drivers specific to the plugin without having to update all TDI driver components.

FYI: What is TDI? From Wikipedia:

The Transport Driver Interface or TDI is the protocol understood by the upper edge of the Transport layer of the Microsoft Windows kernel network stack.

Transport Providers are implementations of network protocols such as TCP/IP, NetBIOS, and AppleTalk.

When user-mode binaries are created by compiling and linking, an entity called a TDI client is linked into the binary. TDI clients are provided with the compiler. The user-mode binary uses the user-mode API of whatever network protocol is being used, which in turn causes the TDI client to emit TDI commands into the Transport Provider.

Typical TDI commands are TDI_SEND, TDI_CONNECT, TDI_RECEIVE.

The purpose of the Transport Driver Interface is to provide an abstraction layer, permitting simplification of the TDI clients.

Fixes in Spyware Doctor 6.0.1.444 include

:

• GUI Enhancements
• Minor driver updates
• Internal bug fixes

Here another interesting yet dangerous infection: Exploit AdobeReader.

Exploit.AdobeReader includes malicious code that permits remote execution of random code on the target computer system. As the host computer's logged-in user, the executed commands will run using those privileges.

Here were a few things I noticed about this remote exploit.

First, it creates a new process called CbEvtSvc.exe. According to threat and exploit authorities the process has a 92% identification rate. Threat Experts declared that in 92% of the cases this process is an infection of your computer system.

Second, it starts itself as a service under the COM+ Event System and its looks to run as a non-svcshost process.

Two steps need to be taken: First remove the exploit using Spyware Doctor Download so that the process and its registry entries are removed. Second read the following bulletin snippet from Adobe:

A critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited.

Adobe has released the Adobe Reader 9.1 and Acrobat 9.To resolve this issue, you need 1 product update. Upgrade to Adobe Reader 9 if you currently use Adobe Reader and Acrobat 9 - Adobe Recommends.1 and Acrobat 9.1. Adobe recommends users of Acrobat 8 update to Acrobat 8.1.4, and users of Acrobat 7 update to Acrobat 7.1.1. For Adobe Reader users who can’t update to Adobe Reader 9.1, Adobe has provided the Adobe Reader 8.1.4 and Adobe Reader 7.1.1 updates.

Release date: February 19, 2009

Last Updated: March 24, 2009

Vulnerability identifier: APSA09-01

CVE number: CVE-2009-0658

Platform: All platforms

Summary

This critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited.

As a malicious trojan or bot, Trojan Agent ASMU is definitely a security risk for the network of computers and the infected computer itself.

I am troubled by the above statement in at least a couple of ways. First, Trojan Agent ASMU could be a Trojan Horse or it could be a bot.  Second, it could infect other computers in the network.

I have discussed Trojans before but let us look at what they are again. Trojans are a type of malware that appears to perform a sought-after purpose but in fact carries out secret malicious tasks. These tasks let unauthorized admission to the host computer, giving them the capacity to save their files on the user’s computer or even observe the user’s screen and be in command of the user’s computer.

What is even more concerning is that it does not have to be a Trojan but it could be a Bot.  A Bot typically runs hidden and uses a covert channel to communicate with its command center. Bots are not preprogrammed threats. The bot can be controlled by the command center once they have been installed onto your computer!

Newer bots can automatically scan and propagate their environment themselves using vulnerabilities and weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community. The process of stealing computing resources as a result of a system being joined to a “botnet” is sometimes referred to as “scrumping.”

We are constantly faced with threats such as these that put our computers in a compromised state. For this threat in particular, it can be removed using the Spyware Doctor with Antivirus download.PC Tools is the creator of this spyware removal software. It is a very popular removal tool for infections. If you have been plagued with the Trojan Agent ASMU infection then spyware doctor with antivirus should be able to help rid it from your computer.