Smokey's Security Weblog

veritas odium parit

Norton Internet Security 2011 and Norton Antivirus 2011 v18.5.0.125 (patch 18.5) released

UPDATE May 9, 2011: Norton Internet Security 2011, Norton Antivirus 2011 and Norton Internet Security Netbook Edition 2011 v18.6.0.29 (patch 18.6) released – ENGLISH ONLY

UPDATE May 12, 2011: Norton 360 v5.1.0.29 (patch 5.1) released – ENGLISH ONLY


Symantec/Norton released v18.5.0.125 (patch 18.5) Norton Internet Security 2011, Norton Antivirus 2011 and Norton Internet Security Netbook Edition 2011 (Stable/Official Release).

Like before, I installed the new NIS 2011 v18.5.0.125 over the top of my existent version (, also this time the update was no problem, all previous 2011 settings remained unaltered after the update. The update was accomplished within 1 minute, reboot was required.

Note: all downloads are originating directly from the Symantec/Norton servers, for security reasons I strongly advise only to download from these vendor servers.

Fixes and improvements

– Fixed an issue where Norton Insight might falsely report 0% trusted when Performance Monitoring was disabled.
– Fixed an issue with the Activity Map might not update when Smart Definitions are enabled.
– Improved instances where the Norton AntiSpam Toolbar might be erroneously disabled (or “grayed out”) in Microsoft Outlook 2007 and Microsoft Outlook 2010.
– Corrected an issue where “Custom UI Runtime Error in Norton AntiSpam Outlook Plugin” might display when using Microsoft Outlook.
– Fixed an issue where the option to “run” an executable was missing from a File Insight/Download Insight window.
– Corrected an issue where Idle Full System Scans would show report inconsistent amounts of Scanned Files.
– Fixed an issue where Full System Scans would not run continuously, including when the machine is left idle.
– Fixed an issue where the Norton Product may display “Subscription Expired” after updating from a previous version.
– Fixed Internet Explorer crashes that were due to Intrusion Prevention.
– Performance Enhancements were made on the Norton Toolbar for Internet Explorer 9 Beta.
– Enhanced Settings migration when updating from an older version.
– Usability and Performance improvements to the support experience.
– Added better Norton AntiSpam support for Microsoft Outlook configured with multiple accounts.
– Corrected a few instances of 8504 errors that may appear when the Norton product is launched.
– Fixed a Registry Leak issue that may occur during shutdown.

Important Symantec Corporation Statement

The issues that some users were experiencing where the Norton product would lock up after installing the 18.5 update was due to a definition that was applied after 18.5 was installed. Symantec have since corrected that definition and the issue will not occur.

Downloadlinks full version / update / trial / Norton Internet Security 2011 and Norton Antivirus 2011 v18.5.0.125 (patch 18.5)

– Norton Antivirus 2011 English version:

– Norton Internet Security 2011 English version:

– o – o – o – o – o – o – o – o -o –

– Norton Antivirus 2011 French version:

– Norton Internet Security 2011 French version:

– o – o – o – o – o – o – o – o -o –

– Norton Antivirus 2011 German version:

– Norton Internet Security 2011 German version:

– o – o – o – o – o – o – o – o -o –

– Norton Antivirus 2011 Dutch version:

– Norton Internet Security 2011 Dutch version:

– o – o – o – o – o – o – o – o -o –

Downloadlinks full version / update / trial / Norton Internet Security Netbook Edition 2011 v18.5.0.125 (patch 18.5)

– Norton Internet Security Netbook Edition 2011 English version:


December 29, 2010 Posted by | Advisories, Alerts, Anti-Spyware, Anti-Virus, Bundleware, Downloads, Malware, Norton Internet Security, Phishing, Recommended External Security Related Links, Toolbarware, Vulnerabilities | , , , , , , , , , , , , , , , , , , , , , , , , , | 1 Comment

PCWorld Labs / tested 13 security suites

Intro by PCLabs

It’s no longer enough for antivirus software to scan files on your PC. You need someone looking over your shoulder and telling you whether it’s safe to click that link; whether the popup for that software update is legitimate; and whether that download from your favorite social network is actually a tool created by organized criminals for stealing your personal information. You need an all-in-one Internet security suite capable of identifying, blocking, and cleaning up after a wide array of malware.

We examined 13 security suites for this story. To handle our expanded Internet security testing, PCWorld contracted for the services of, a respected security testing company. We looked at traditional signature-based detection (which indicates how well products can block known malware) and at how well the suites cleaned infections and blocked brand-new, live malware attacks.

In many respects, the suites we looked at produced closely bunched results, but they did vary in the efficacy of their protection and in the extra features they offered. Ultimately, we picked Symantec’s Norton Internet Security 2011–the most balanced of the suites–as our overall winner.

Source / full tests:

Tested Security Suites

  • Symantec Norton Internet Security 2011
  • Kaspersky Internet Security 2011
  • BitDefender Internet Security 2011
  • PC Tools Internet Security 2011
  • G-Data Internet Security 2011
  • F-Secure Internet Security 2011
  • Trend Micro Titanium Internet Security 2011
  • Panda Internet Security 2011
  • Eset Smart Security 4.2
  • Avira AntiVir Premium Security Suite
  • Comodo Internet Security 2011 Complete
  • McAfee Internet Security 2011
  • Webroot Internet Security Essentials 2011
  • December 28, 2010 Posted by | Advisories, Anti-Spyware, Anti-Virus, Bundleware, Malware, Norton Internet Security, Phishing, Recommended External Security Related Links, Toolbarware | , , , , , , , , , , , , , , , , , | Leave a comment

    AQMRB – Alliance of Qualified Malware Removal Boards™

    I am really pleased to announce that a new Security Alliance is born: AQMRB – Alliance of Qualified Malware Removal Boards™.

    Aim of the Alliance is, to provide the user searching for malware remove help with the best available and fully qualified services to remove malicious content from his PC, this all free of charge. Only boards that satisfy an extensive list with demanded qualifications/demands can apply for AQMRB membership, all applications will be thoroughly reviewed and evaluated, this with the aim that only fully qualified boards can join the Alliance.

    About AQMRB

    AQMRB is an Alliance of fully qualified Malware Removal Boards.

    AQMRB main aim is to serve customers searching and asking for malware removal help in the best possible way.

    AQMRB guarantee free professional malware removal help to non-commercial users.

    AQMRB boards offer malware removal help solely provided by staff that are trained and graduated at acknowledged malware removal schools/universities.

    AQMRB is a non-profit, volunteer network of independent Malware Removal Boards, and is not affiliated with any organisation.

    General Info

    More info about the Alliance can be found here: AQMRB
    Boards that have the intention to join the Alliance are invited to look at the home page of AQMRB for demanded qualifications.

    On behalf of AQMRB,

    Smokey, Founder

    July 18, 2010 Posted by | Anti-Spyware, Anti-Virus, Bundleware, Malware, News, Phishing, Recommended External Security Related Links, Toolbarware | , , , , , , , , | Leave a comment

    Smokey’s Security Forums offer now OTL (OldTimer ListIt) Log Analysis Help and Support in English, German and Spanish language

    Smokey’s Security Forums is pleased to announce that the board offer now free OTL (OldTimer ListIt) Log Analysis Help and Support Services in English, German and Spanish language. Board visitors with native language English, German or Spanish will now be helped in preferred language, the board have analysers speaking and writing all mentioned languages fluently.

    Like before, all malware removal help & support services on Smokey’s are free. To board guests it is also possible to offer their logs.

    Our current OTL (OldTimer ListIt) Log Analysis Help and Support Forums Survey:

    * English speaking visitors are welcome to post their OTL log here: OTL Log Analysis – Malware, Adware and Popup Removal – Alureon TDSS TDL3 Rootkit Removal Help – System Cleaning

    * Spanish speaking visitors are invited to post logs here: Análisis de registros utilizando OTL – Eliminación de Programas Maliciosos, Programas de Mercadeo y Popups & Limpieza del Sistema Operacional – Ayuda Malware Infeción Rootkit TDSS TDL3

    * German speaking visitors can post their OTL logs here: OTL Log Analyse – Malware/Schädlingen und Adware Entfernung – Popup Bekämpfung – TDSS TDL3 Rootkit Beseitigung

    Smokey’s wish everyone Happy Surfing!

    June 5, 2010 Posted by | Advisories, Alerts, Anti-Spyware, Bundleware, Recommended External Security Related Links, Toolbarware | , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

    Trend Micro is Smokey’s Security Weblog 2009/2011 Hall of Shame Awardee

    Like I explained in the introduction of the Smokey’s Security Weblog Hall of Shame, sole purpose of this Hall is to improve users experiences and interests concerning all security related issues. Experiences that are many times not satisfying and even really disappointing: users are treated in a way that isn’t acceptable, e.g. by (government) instances and institutions, security vendors, aso aso.

    This time I had to Award a well-known security vendor: Trend Micro. They prefer to ignore warnings and to correct incorrect behavior. ‘File Trend Micro’ regard a childish loser with condemnable attitude.

    Let’s summarize the facts about Trend Micro and the reason to provide them the honor to be added to Smokey’s Security Weblog Hall of Shame: one week ago I blogged about Trend Micro, not just a security company but also the developers of ‘HJT – HijackThis’, a free log analyzing/report tool used by malware fighters to clean infected systems from malicious content. Because HJT missed the malware combat train, more and more security websites (my site Smokey’s Security Forums included) and malware hunters/fighters decided to ditch HJT in favor of OTL (formerly OTListIt2) Log Analysis Tool by OldTimer, a highly sophisticated, always up-to-date application regarding combating (new) malware threats.

    Irresponsible, childish and condemnable reaction of Trend Micro: flagging ‘G2G – GeeksToGo!’, home of OTL and OldTimer, as a bad site, and also blocking OTL from running.

    Like I wrote one week ago: Trend Micro, I am done with your company and your products. You aren’t trustworthy. You are childish and bad. Again, don’t try to explain it are all mistakes, it are determined actions to destroy the competition. I warned you to correct your wrong behavior, regrettably you decided to ignore my warning.

    For reasons mentioned above it’s a great pleasure to add Trend Micro to Smokey’s Security Weblog Hall of Shame, you really deserved this honor!


    December 19, 2009 Posted by | Anti-Spyware, Anti-Virus, Bundleware, Downloads, Malware, News, Phishing, Recommended External Security Related Links | , , , , , , | 1 Comment

    Part 2: Malware is evolving, HijackThis not – OTL Log/Report Tool as replacement

    Like I wrote a couple of months ago, malware is evolving at a very fast rate, sadly HijackThis isn’t evolving so quickly. In OTL (formerly OTListIt2) by Oldtimer my board Smokey’s Security Forums found an excellent replacement for HijackThis, from now on my board will only accept OTL logs. Again, OTL will serve our members looking for malware removal help in an optimal way, and it will accomplish at the same time our high board demands and standards.

    Like before, if you think your PC is infected or if you want to be sure your PC is clean, feel free to post your OTL log here: OTL (formerly OTListIt2) Log Analysis and Malware Hunting, Removal & Cleaning (English language) or Hilfe bei Problemen mit Viren, Trojanern, Würmern, Spyware, Adware, Ransomware, Popups und sonstigen Schädlingen (German – Deutsch language).
    Please keep in mind, that (malware removal) help will only be offered to registered board members. Of course board registration and all help is free. You are invited to register here.

    Safe computing! 🙂

    On behalf of Starbuck, OTL Team Leader Smokey’s Security Forums,


    Update 2010-14-03: Guests allowed to post on Smokey’s for Log Analysis and Malware Removal help

    December 11, 2009 Posted by | Advisories, Anti-Spyware, Anti-Virus, Bundleware, Phishing, Recommended External Security Related Links, Vulnerabilities | , , , , , | Leave a comment

    New flash attack has no real ‘fix’: ‘everyone is vulnerable’

    We all know Adobe Flash, it’s the most widely installed software product possibly in the Internet environment. And of course, the internet-creeps abuse that fact and misuse flash to drop their malicious crap on PC’s that are not well protected against flash attacks.

    Past week I stumbled (again) over an article that describe the dangers of flash very well, I will share an excerpt of that article with my blog readers, to warn them and do the necessary to defend them against the dangers of flash.

    New flash attack has no real ‘fix’: ‘everyone is vulnerable’
    Dark Reading | nov 12, 2009

    Researchers have discovered a new attack that exploits the way browsers operate with Adobe Flash — and there’s no simple patch for it.

    The attack can occur on Websites that accept user-generated content — anything from Webmail to social networking sites. An attacker basically takes advantage of the fact that a Flash object can be loaded as content onto a site and then can execute malware from that site to infect and steal information from visitors who view that content by clicking it.”Everyone is vulnerable to this, and there’s nothing anyone can do to fix it by themselves,” says Michael Murray, CSO for Foreground Security, which today posted demonstrations of such an attack against Gmail, SquirrelMail, and cPanel’s File Manager. “We’re hoping to get a message out to IT adminstrators and CIOs to start fixing their sites one at a time.”An attacker could upload malicious code via a Flash file attachment or an image, for instance, and infect any user that clicks on that item to view it. “If I can trick a system to let me upload anything, I can run code in any browser, and Adobe can’t fix this,” Murray says. “If I can upload a picture to a site and append it with Flash code to make it look like an image, once a user views that, the code executes and I can steal your cookies and credentials.”

    The only thing close to a “fix” is for the Website to move its user-generated content to a different server, according to Michael Bailey, the senior researcher for Foreground Security who discovered the attack.

    Bailey says the attack is similar to a cross-site scripting attack. “This is very easy to perform,” he says.

    The researchers don’t expect Adobe to issue any fixes to Flash’s origin policy, mainly because it would affect so many applications.

    Web application developers could help prevent the attack by denying Flash content by default, which isn’t a very realistic option: “Doing that will break a lot of applications,” Bailey says. “And that’s the problem.”

    For end users, the Firefox browser add-in NoScript provides some protection from this attack, as does Toggle Flash for Internet Explorer, the researchers say.


    I produced the same article on DSLReports, feel free to join the DSLR-discussion, and to look for suggestions how to protect yourself.

    November 15, 2009 Posted by | Advisories, Alerts, Anti-Spyware, Anti-Virus, Bundleware, Downloads, News, Recommended External Security Related Links, Vulnerabilities | , , , , , , , , , , , , | Leave a comment

    Smokey’s Security Forums now on ‘Facebook’ and ‘Twitter’

    To keep up with technology and as additional service to the community, from now on you can keep up with the latest posted and/or reproduced on Smokey’s Security Forums on Facebook and Twitter.

    Smokey’s on Facebook:
    Smokey’s on Twitter:

    New content will be added regularly.
    Feel free to ‘Become a Fan’ or to ‘Follow’.  🙂

    August 15, 2009 Posted by | Advisories, Alerts, Anti-Spyware, Anti-Virus, Bundleware, Friends, Malware, Phishing, Recommended External Security Related Links, Toolbarware, Vulnerabilities | , , , , , , , , | Leave a comment

    Surf Smokey’s with confidence: all external links in posts are checked and rated by WOT – Web of Trust

    Being a serious security board, we take our members web safety very seriously. This is why we have integrated the WOT (Web of Trust) feature on our board Smokey’s Security Forums.
    All members will now be able to view the safety of any link provided on our site and will be able to see the trustworthiness, vendor reliability, privacy, and child safety of any site before clicking the link. More about WOT below.

    WOT- Web of Trust

    WOT warns you about risky websites. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. This is the reason that all external links in posts on Smokey’s Security Forums are from now on checked by WOT and therefore guarantee safe surfing via our board.

    WOT is also available as free Internet security addon for your browser. We advice you to download and install this useful addon. It is an free, extra layer of defense against risky websites.

    WOT is available as addon for Firefox and Internet Explorer.

    System requirements

    – WOT Firefox addon:

    Operating system: Windows (all), Mac OS X, or Linux
    Browser: Mozilla Firefox 1.5 or newer (3.0 recommended)

    – WOT Internet Explorer addon:

    Operating system: Windows 2000 / XP / Vista (XP or Vista recommended)
    Browser: Microsoft Internet Explorer 6.0 or newer (8.0 recommended)

    More info about WOT- Web of Trust and addon download:

    Happy surfing, 🙂


    August 8, 2009 Posted by | Advisories, Anti-Spyware, Anti-Virus, Bundleware, Downloads, Malware, Phishing, Recommended External Security Related Links | , , , , , , , , , , , , , | 3 Comments

    Profound Malwarebytes’ (MBAM) Anti-Malware Scanner Review

    Test organization: Softpedia | Ionut Ilascu, Editor, Software Reviews
    Date: 2nd of June 2009
    Version reviewed: Malwarebytes’ Anti-Malware 1.37

    Program description

    Malwarebytes’ Anti-Malware is a full-blown anti-malware program that can be considered the next step in the detection and removal of malware. It uses a new technology that was especially designed to quickly detect, deter and destroy any malware that could reside in your computer.


    – Malware scanner
    – Malware remover
    – File unlocker
    – Threat quarantine
    – Quick and full system scan
    – Ignore list
    – Logging

    The test results

    The Good

    Easy installation, fast scans, daily updates, detects what other security software misses, ease of use, light footprint on system resources and it can be used free of charge; these are the very attributes of Malwarebytes’ Anti-Malware.

    The application can cohabit with other anti-malware products, thus adding another layer of defense against threats. Although there is a paid version that includes real-time protection, the free one does not prevent the user from removing the nasties.

    The Bad

    Its database contains signatures mostly for threats that evade most of the security products on the market, so it cannot yet be used as the only protection for the system.

    The FileASSASSIN tool has not quite reached full maturity and has yet to learn to unlock files before removing them. In our testing Unlocker did a better job.

    The interface should be improved aesthetically given the trends soon to be set by the upcoming Windows 7 and even the current Vista.

    The Truth

    One seldom meets an application that can do what others can’t. In our case Malwarebytes’ Anti-Malware proved that it could discover what others missed. It does not provide the most complete signature database and it may not protect against the largest pool of malware, but it works great as a “wingman” for the security app you decide to use. Thus is enforces better protection and keeps you safe from some of the less known threats on the market.

    You can try it for free and scan the system from time to time using the quick option to scan for the most common types of malware. It won’t take long and system resources will be used responsibly.

    Extended/full review: Softpedia

    June 2, 2009 Posted by | Advisories, Anti-Spyware, Anti-Virus, Bundleware, Downloads, Friends, Malware, Phishing, Recommended External Security Related Links, Toolbarware | , , , , , , , , , | 1 Comment

    [UPDATED] Comodo Software Removed from Softpedia due to Adware/Spyware issues with CIS

    Kudos to Softpedia! After reading their statement concerning Comodo Software, I can only tell Softpedia from this place: you have my full support. Pre-ticked boxes that will provide the user with crapware (adware/spyware) during the install of software is simply not done. It is sneeky behavior. Even worse, CIS – Comodo Internet Security install third-party software (SafeSurf), irrelevant to the main product’s functionality, without leaving room for option. Very indecent, especially because CIS is security software. This kind of software should protect the user, not to fool them with premeditation.

    Softpedia article:

    Stefan Fintea, Software News Editor
    28th of April 2009

    As all our regular users know, programs awarded by Softpedia with the 100% Clean and 100% Free awards have been thoroughly checked by our team of editors and passed several tests. Aside from the fact that all programs on Softpedia are scanned with world-renowned security products, all awarded programs are installed by our team and checked for any spyware or adware components.

    We make sure the program doesn’t fall under any of the six cases mentioned on our adware definition page. Please be advised that this definition is our creation and has not been “borrowed” from an online or offline source. It was created by our team of specialists to ensure that it covers all cases that may result in the legitimate dissatisfaction of our users. Therefore, if we find adware in a program it will be listed accordingly, regardless of the license it’s listed under on the producer’s website.If the application has been found free of viruses/spyware and neither the installation process nor runtime experience reveal any unpleasant surprises, the program receives the 100% Clean award or, if it’s free for both personal and commercial use, the 100% Free award.A program will not receive any award (or even be published on Softpedia) if it’s impossible to successfully pass through all of the above steps. But if it is possible, as you can see, the rules are very strict and no exception will ever be made. If a program fails to pass the adware test, it will be immediately marked as Adware, regardless of its popularity, developer or current user rating on Softpedia.Now that we’ve cleared this up, you might be asking yourselves ‘OK, but what does this have to do with Comodo?” Well, if you had searched Softpedia for Comodo in the past week, you would have surely noticed that the company’s flagship programs were no longer listed on Softpedia.This was not our decision, of course, but let’s start with the beginning.On April, 15th, Softpedia received an official cease and desist letter from the Comodo legal team requesting us to “discontinue all references on Softpedia identifying CIS as adware” within seven days, because Comodo Internet Security is not adware.The first thing we did was, of course, to double-check the license, but, as we’ve tried explaining to the Comodo team, CIS is indeed adware.Why? Well, for starters, because the installer attempts to change both the browser’s homepage and search engine. As if that wasn’t a good enough reason, the setup also offers to install SafeSurf. Here’s what the official Comodo letter states: “SafeSurf is optional and does not display unsolicited advertisements on a user’s computer, nor does it hijack browser settings or perform search overriding or home page changing without the user’s consent.” Aside from the fact that SafeSurf is a component that the program (CIS) does not require to fully function, therefore it alone would be a good reason to mark CIS as adware, this utility also installs Ask Toolbar without asking for the user’s permission. This type of behavior is clearly not the one described in the Comodo email and could be easily classified as spyware (since adware would imply prior user consent).

    Update: It was brought to our attention that users installing SafeSurf are informed in the utility’s EULA regarding the inclusion of software in their browser. Informing the user that third-party software irrelevant to the main product’s functionality will be installed without leaving room for option is not, by far, normal behavior. That would practically imply that producers can force users into installing any third-party software or changing their homepage or search engine and get away with it, because a notification was made in the EULA. Furthermore, the graphic provided in the setup window is clearly deceiving as it does not show the toolbar that is installed along SafeSurf.

    Well said Softpedia, I have nothing to add.

    Interesting read: “Current Practices of IAC/ Toolbars by Benjamin Edelman”

    Softpedia invite you to provide their article with your opinion here.

    Update, 3th of January 2009

    This is interesting: by coincidence I noticed today that Softpedia removed their article regarding CIS (Comodo Internet Security) and also all comments on it. We can only guess for the why of this Softpedia trash action, but I don’t like this  suprising hide action at all…

    I traced reactions of the Softpedia community on the trash action:

    Interesting comment of one of these people, he wrote in bold so it seem he is not happy at all with the Softpedia ‘we-didn’t-wrote-anything-action’:

    “Why did Softpedia remove all the pages, dedicated to this topic? I know that Comodo IS has been re-listed again on Softpedia, but all the articles ARE to be and should have been archived, but NOT simply deleted – the way Softpedia did.
    Now I can’t comprehend whether the information and conclusions, issued by Softpedia’s staff can be trusted or, may be, that is a way of blackmailing software developers? I still don’t understand why all the articles with negative claims towards Comodo were removed from Softpedia. It’s abnormal – Softpedia has outraged our rights for information. Would be grateful for explanation from the Softpedia’s representatives.”

    FWIW, a recent post on DSLR attented me again on the issue Comodo/Softpedia, thanks folks for waking me up!

    Additional Update, 3th of January 2009

    Here the opinion of loyal Comodo Trooper Endymion on the issue, posted May 06, 2009 in the Comodo forum:

    “How nice for softpedia to withdraw some far-fetched claims. (ATM it should be still possible to read the previous revision form google cache before it will be wiped out.) Guess they still forgot to mention that there are other criteria for adware other than the ones which Softpedia Awards are based on and likewise that eventual FPs about legitimate toobars are usually corrected by many AV vendors.Nevertheless they made at least an attempt to remove some mistakes.”

    and Comodo Chief Melih’s reaction on it:

    “That was after our 2nd legal letter we sent this week!We asked them to remove all the statements that were defamatory. They seem to have a habit of changing stuff without explanation. Its very underhanded to change stuff and pretend that it didn’t exist and without explaining why they changed it.”

    A certain darkwraith007 provide the Comodo community subsequent with his POV:

    “[at] Comodo Devs:You have lost my respect. Be glad that your product comes without a monetary cost. I may still be needing to use it if only until Steve Gibson finishes his firewall (whenever that is) and it gets put to the test. Hopefully it’ll be free, but that’s doubtful.I can’t believe there’s so much back and forth between the meaning of this word and that word and so forth.PEOPLE DO NOT WANT THE ASK.COM TOOLBAR OR OTHER CHANGED BROWSER SETTINGS, DO YOU UNDERSTAND THAT?I hope you all can understand that and repair the reputation you have tarnished among your users. I miss the days of the Kerio Personal Firewall…now its a paid product. >_>If you respond to crticism of your product by sending legal letters, then perhaps I’m not wanted here.”

    Stay tuned!

    April 30, 2009 Posted by | Anti-Spyware, Anti-Virus, Bundleware, Downloads, Friends, Malware, News, Recommended External Security Related Links, Toolbarware | , , , , , , , , , , , | Leave a comment

    Official Jetico Inc. Support Forums have new URLs

    Like you have read here, I have migrated my board Smokey’s Security Forums to SMF – Simple Machines Forum baord software.

    For technical reasons it wasn’t possible to use the URLs of the “old” board anymore, so all forums on my board have new ones.

    – Index Smokey’s Security Forums:

    – HijackThis & OTListIt2 Log Analysis and Malware Hunting, Removal & Cleaning (English language):,5.0.html and in German – Deutsch language:,205.0.html

    Concerning the Official Jetico Inc. Support Forums please update these bookmarks also:

    – Jetico Personal Firewall v2 Support Forum:,51.0.html
    – Jetico Personal Firewall v2 Knowledge Base:,60.0.html
    – Jetico Personal Firewall v2 Bug Reports:,63.0.html

    – Jetico Personal Firewall v1 Support Forum:,52.0.html

    – Jetico BestCrypt for Windows Support Forum:,70.0.html
    – Jetico BestCrypt for Linux Support Forum:,152.0.html
    – Jetico BCVE BestCrypt Volume Encryption Support Forum:,75.0.html

    – Jetico BCArchive Support Forum:,73.0.html

    – Jetico BCWipe for Windows Support Forum:,138.0.html
    – Jetico BCWipe for UNIX Support Forum:,153.0.html

    Support, Help and advice will only be provided to registered board members.
    You are invited to register (for free) here.



    April 7, 2009 Posted by | Advisories, Anti-Spyware, Anti-Virus, Bundleware, Downloads, Friends, News, Phishing, Recommended External Security Related Links, Toolbarware, Vulnerabilities | , , , , , , , , , , , , , , , | Leave a comment

    Safe Computing and Preventing Malware Infections

    The current outbreak of the polymorphic worm Downadup, aka Conficker and Kido, and all its variants make very clear that many users don’t act in a responsable and secure way. After all, at the moment 9 (nine) million PCs are contaminated by that worm for reason of a missing Microsoft Security Update for Windows (KB958644). At the same time numerous users don’t posses safe computing and surfing habits, ignore standard precautions, haven’t the slightest idea how to prevent malware and in case they have a PC contaminated by malware they are trying to clean the PC by themselves or by self-declared “security experts”. Keep in mind that malware cleaning/removal isn’t a job for amateurs, it is a dedicated job for well trained and full qualified malware hunters.

    Safe computing/surfing and preventing malware is a matter of education. Only well educated users have the reasonable possibilty to remain “clean”. The sole aim of me and my staff on Smokey’s Security Forums is to fulfill this aim by providing the user for free with Education, Support, Help and Advice, and in case the PC of the user is infected by malware to offer malware cleaning/removal by real security experts: comprehensive trained, full qualified HJT/OTListIt2 Analysers/Malware Hunters.

    Some basic rules for safe computing, related links at the end of this post:

    – Activate the automatic update function in Windows. Always accept and install all updates offered by Microsoft.
    – If you don’t like automatic updates, consider to use the Microsoft Baseline Security Analyzer (MBSA). MBSA is an easy to use free tool that helps individuals, small and medium businesses to determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. It will improve your security management process by using MBSA to detect common administrative vulnerabilities and missing security updates on your computer systems.
    – Always install all Service Packs offered by Microsoft.
    – Educate and protect yourself, e.g. by visiting my board and reading the FAQs, How-To’s and Advisories concerning Safe Computing and Preventing Malware.
    – In case your PC is infected by malware, adware or any other undesired badware or nasties visit my board to get rid of such crap. Only full qualified HijackThis & OTListIt2 Log Analysers/Malware Hunters will care about these infections and help you in a professional way, of course for free, to get rid of it. Note: only registered board members will receive malware removal/cleaning help, registering on my board is also for free.

    Update 2010-14-03: Guests allowed to post on Smokey’s for Log Analysis and Malware Removal help


    Smokey’s Security Forums
    FAQs, How-To’s and Advisories concerning Safe Computing and Preventing Malware
    HijackThis (HJT) & OTListIt2 Log Analysis and Malware Removal/Cleaning Assistance and Services
    Microsoft Baseline Security Analyzer (MBSA) Frequently Asked Questions
    Download Microsoft Baseline Security Analyzer

    Safe computing!

    Smokey’s Security Forums is Site Member ASAP

    January 17, 2009 Posted by | Advisories, Anti-Spyware, Anti-Virus, Bundleware, Downloads, Friends, Phishing, Recommended External Security Related Links, Toolbarware, Uncategorized, Vulnerabilities | , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

    CNET’s offer rogue Anti-Spyware for download

    Surprising to me, and probably with me most blog readers, is the fact that CNET’s, property of CBS Interactive, offer rogue/malicious programs for download.

    Regular blog visitors will remember the two articles I wrote past week about Intelinet Internet Security of well-known scammer Cashier Myricks, a malicious program advertised as  “Award Winning Spyware Remover” and “acknowledgements of the software by security experts”.

    In the meanwhile it should be clear to everyone that Intelinet Internet Security is a rogue Anti-Spyware Program and therefore have to be rated as Malware. It is very surprising that CNET “apparently” isn’t informed about that piece of malware and stick determined to the download offer. I write “apparently” because I am informed that CNET is warned by several readers that the program is malicious, besides I informed today CNET’s Editor in Chief Scott Ard via an email. An so called “return to sender email”…

    Well, I have now some curious questions to CNET:

    1. Are all available downloads approved before download release?
    2. If the answer is no, how will be guaranteed that all downloads are trustable?
    3. Is there a CNET QA Department, and, if yes, what are the efforts of that department to keep the download archive clean?

    The fact that CNET still offer Intelinet Internet Security for download let raise another question: how many other malicious programs are offered by CNET? Till we have a satisfying elucidation from CNET I can only advise: to protect your PC and all data on it, don’t download anything from their download archive. The software can be contaminated.

    In case CNET need a review of my recent Intelinet Internet Security articles, here you go:

    December 31, 2008 Posted by | Advisories, Alerts, Bundleware, Downloads, Friends, Malware, News, Recommended External Security Related Links | , , , , , , , , , , | 5 Comments

    Intelinet Internet Security now provided with the Malware label

    Well, that was a really fast promotion for Intelinet Internet Security of well-known scammer Cashier Myricks.

    Two days ago I blogged about the issue and rated his crappy product Intelinet Internet Security as “a very suspicious piece of software, promoted by scammers and crooks and therefore belonging to the crapware category.”

    * With the help of the great DSLR community I can close file Intelinet Internet Security with a new rating for Cashier’s garbage:

    “belonging to the category malware”

    TonyKlein, valued DSLR member and acknowledged Security Expert, contributed my inquiry on DSLR with evidence of the malicious character of Intelinet Internet Security by a program check performed by VirusTotal, a trustable service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by multiple antivirus engines. Here the link to the VirusTotal check report:

    Tony also delivered proof of detection and removal of the program by MBAM – Malwarebytes’ Anti-Malware, an excellent anti-malware application, reviewed by me some time ago. Here a MBAM detection report about Cashier Myricks malware:

    Again my advice: stay far away from crap/malware like Intelinet Internet Security. These malicious programs will hurt you and your PC.

    * 2008-12-31: File Intelinet reopened for reason of the CNET/ refusal to remove this as malware classified piece of crapware from it’s download archive.

    December 29, 2008 Posted by | Advisories, Alerts, Bundleware, Downloads, Malware, News, Recommended External Security Related Links, Vulnerabilities | , , , , , , , , | 3 Comments