| Category: Security |
 CaSIR v2.2 - Common and Stubborn Infections Remover   |
Version: 2.2
Submitted Date : 2008/8/22 |
Description:
 
If you have reached this page, then you probably have been sent here by one of our other free programs :RRT,PRT, DRT,SRT or isReset
By using our free programs above, you probably have got rid of some common infectors like:
Virus.Win32.Perlovga.a
Virus.Win32.Perlovga.b
Trojan-Dropper.Win32.Small.apl
Backdoor.Win32.small.lo
W32/QQRob-ABX
Alnooh
IM-Worm.Win32.Sohanad.ao
IM-Worm.Win32.Sohanad.as
IM-Worm.Win32.Sohanad.am
IM-Worm.Win32.Sohanad.ap
And you probably have got rid of the problems and the restrictions made by those infectors!
But this is NOT the end, Those infectors are NOTHING comparing to CaSIs!!!
What are CaSIs?
CaSIs is short for Common and Stubborn Infectors. These are malicious programs (viruses, worms, Trojans, etc.) that are notoriously difficult to detect and to remove by regular anti-virus programs. These programs often have the capability to disable your computer or your anti-virus programs.
Good examples of the those infectors are:
Win32.Brontok.q
Win32.Delf.cc
Win32.VB.by
Win32.VB.cz
Trojan.Win32.Small.wv (Medichi & Medichi2)
Trojan-Downloader.Win32.Todon.ai
Trojan-Downloader.Win32.Todon.aj
Worm.Win32.AutoRun.dkk (Ahsan virus)
Trojan-Downloader.Win32.VB.bbl
If one of the above nasty infectors infected your computer you will not be able to install any of the well-known Antivirus software like Kaspersky, Mcafee, Norton, AVG, Panda... (and about 135 more Different AVs)! and please, don't try to use the Safe Mode to remove them manually because those infectors will disable the "Safe Mode"!
How do you get infected by these CaSI's?
Well, mostly because you open an attachment from an email that isn't from one of your friends. Or by using infected removable storage medias (CDs,DVDs/Floppy disks/Flash disks, Memory Cards...). Or just by visiting a suspect website which can result in your computer being compromised.
The only thing that could have saved you was having a good Anti-Virus program with up-to-date signatures. If you didn't have those installed on your computer these CaSI's could enter your system with ease and change lots of settings.
Once you are infected, NOTHING (no well-known anti-virus program such as Kaspersky, Norton, Symantec, McAfee, NOD32, etc.) can rescue you anymore. You and your computer are doomed.
But now there is a solution and it is called CaSIR
What is CaSIR?
CaSIR (Common And Stubborn Infections Remover) -- is an on-demand malware removal software. We designed it especially to remove the most common and stubborn infections from your computer. It can remove their running processes, their bodies, their registry entries and any other leftovers!
CaSIR doesn't randomly search for CaSIs, but he goes directly to the areas that a specific CaSI infects and removes it from there, hence, it does its job in mere seconds!
CaSIR does more than that. It has a generic and strong technique that allows it to do the following:
. CaSIR removes the common restrictions made to your computer by those infectors which none of the AVs deal with.
. CaSIR removes the illegitmate services frequently used by those infectors.
. CaSIR recognizes and instantly kills and deletes any running process that is disguising itself among the legitimate system services.
. CaSIR removes any scripts used by those infectors to autorun.
. CaSIR removes any autostarting registry entries related to the illegitmate services he detects.
. CaSIR deals with all your storage medias (Fixed, floppy, removable...) and cleans them up all if need be.
. CaSIR cleans up your system registry so no more spy keys, garbage activities or messages keep asking for already deleted files.
. CaSIR's signatures are fully updatable, once you download the software, all you need to do is to download the new definitions frequently and you're up-to-date and ready-to-go.
How to use CaSIR?
Just extract the zip-file you download which contains only two files:
- CaSIR20.exe: The main executable file.
- casirdef.cas The definitions file.
Simply run CaSIR (in Normal Mode) and press Start, Wait for seconds' and you're done!
If CaSIR detected any CaSIs, it will restart your computer and works in what we calls "Pre-$hell mode", after finishing it's job, CaSIR will restart your computer in Normal mode.
Important notes:
1. Since CaSIR is a security software that deal with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order to remove any infection. Some other security softwares will try to block CaSIR and prevent it from doing its job, please make sure it's not blocked and there's no other program blocking CaSIR. During disinfection process we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.
2. Please do NOT attempt to run CaSIR in safe mode, CaSIR needs to investigate your system to know what CaSIs are active, if you ran CaSIR in safe mode, he might not be able to detect any active CaSIs, as they usually do not run in safe mode!
3. If you have more than one infected computer connected together to the same local network, do NOT attempt to use CaSIR on the infected computer while the other infected ones are connected to it, this would results in getting infected again and again. You always need to disconnect the infected computer from the network before using CaSIR and do so with all your infected computers one by one!
What is "CDS Jobs" button? and why is it there?
CDS is short for "CaSIR Deep Scanner". This is the part of CaSIR which uses the classic method of searching for malware; By the binary signature. We have added this new section of CaSIR starting from v2.0 because we lately noticed that some CaSIs' authors have developed a new method of making identifying their malware more difficult, that is to make the CaSI spread using random file names, random registry keys, random registry values and random running processes names, so that any algorithm based on the malware File/Folder/RegKey/RegVal/Running Modules/Processes/Threads names would fail and be of no use!
If CaSIR detected any such a nasty CaSIs (those with random techniques), he will analyze the situation first and kill the active parts of the CaSI, then invoke the CDS which will scan all your hard disks/floppy disks/flash disks/memory cards/iPod/MP3/WMA Drivers available on your system to clean them, then he will restart your computer in Pre-$hell mode to continue removing the other CaSIs, after finishing it's job, CaSIR will restart your computer in normal mode with a "Congratulations" message!
Please note that you can cancel those processes at any time, but we strongly don't recommend that, because by doing that, you will put your computer in a dangerous situation as the CaSI will come back again when you restart your computer, so please be patient and let CaSIR finish it's job.
Does CaSIR generate a log report?
Yes, after every phase of work, CaSIR will automatically generate a report file and saves it in same folder where CaSIR is. The report file always has the name: casirrpt.txt! This file is needed by us when you have any problem or inquiry and need to contact us, so please don't forget to attach this file with your inquiry.
How to update CaSIR definitions?
There's two methods of getting updates, offline and Online:
1. The Online method:
Simply press "Update" button and follow the instructions on screen.
2. The Offline method:
Visit www.sergiwa.com and go to downloads section, under Security software, you'll find CaSIR Definitions file. Download it. The definitions file is a very small zipped file that contains the CaSIs signatures. All you have to do is to download casirdef.zip, extract its contents and replace it with the old one!
What are those RNP, GFL, SFL, GFD, SFD, RKM, RKD, RKA, RSO?
When CaSIR find an infection on your computer, it shows up the infection in the following way :
XXX - YYY
XXX: is the type of the infection found
YYY: is the infection itself
XXX has 9 different keywords
RNP : Running Process
GFL : Group of Files
SFL : Single File
GFD : Group of Folders
SFD : Single Folder
RKM : Registry Key to be Modified
RKD : Registry Key to be Deleted
RKA : Registry Key to be Added
RSO: Regular System Optimization
How to buy CaSIR?
The Demo-version only detects the infection but doesn't remove them. To fully remove the infections you have to buy the Pro-version. If you are currently using the DEMO version of CaSIR, you will be automatically taken to this page whenever an infection found in your computer.
Buy from Plimus (Recommended)
This is the recommended authorized reseller of our products, they accept almost any type of payments methods, CC, PayPal, Wire transfer, pay by fax ...etc, they have an excellent customer support 24/7 an live assistance, you can buy in a secured place and enjoy the discounts and the special promotions, and the most great thing is that you don't have to wait to get your product activated as the activation process is fully automated. To buy CaSIR from Plimus click here
Buy from Avangate
If you do not have a Credit Card or you want to pay by PayPal or you want enjoy the discount options for bulk orders, you may purchase CaSIR from Avangate by clicking here
Buy from CNET
If you have your Credit Card ready and you need to buy only one unit, you may purchase CaSIR from CNET by clicking here
Notes for CNET buyers:
Once you purchase CaSIR, you'll receive a confirmation asking you to send your CaSIR ID to sales@sergiwa.com. CaSIR ID is the number CaSIR shows up when it starts up, it's usually a number of 8 or 9 digits, once you send your CaSIR ID, you'll instantly get your activation code!
Didn't get the activation code by email?
Below are some of the most common reasons you might not be getting the activation code by email.
* First, be patient, sometimes it takes a while for the email to arrive.
* Check to ensure you entered your email address correctly when you purchased the software. If it's wrong, contact us and provide a valid email.
* Check your junk email box, the email might have been filtered as junk.
* If you can't still get the email, post here and we'll help you to sort it out.
Important notes:
1. Please do NOT send CaSIR IDs asking for activation codes before purchasing CaSIR!
2. Please do NOT send the "Serial Number" or the "Order Number" of the purchase process to us, we do not need those numbers as we automatically receive them from the merchant of record for the transaction you make when purchasing CaSIR, instead, please send us CaSIR ID of your copy of CaSIR, it's the number CaSIR gives you when it starts and asks you to send it to sales@sergiwa.comCaSIRDeveloper: Issam Sergiwa Company: iSergiwa SoftwareOS: Windows XP, Vista Bugs? Problems? Contact support@sergiwa.com
|
 100143  179.01 KB  Windows XP, Vista  http://www.sergiwa.com |
| Category: Security |
| RRT v4.8.0.3 - With Removable Media Malware Defender |
Version: 4.8.0.3
Submitted Date : 2008/8/19 |
Description:
Now with Removable Media Malware Defender.
You may not believe this but there still are lots of computer users that have no anti-virus program installed because they erroneously think that they will be spared from infection. Some don’t even know what a computervirus is!
Well they are clearly wrong and the result is that I needed to clean, repair or dismantle lots of computers to get rid of all the malware that had infected their systems.
When someone asks for my assistance, the first thing I always do is an offline anti-virus scan and clean.
But when I boot the computer, I am often faced with the same problem; the virus has made some changes to the system restrictions in order to hide itself from easy detection. These restrictions are most often:
1 - Disable Folder Options >> so the user can't set the option to show hidden files!
2 - Disable Registry Tools >> so the user can't see what is going on during system startup!
3 - Disable Ctrl+Alt+Del >> so the user can't see the virus and the other applications running!
4 - Disable Show hidden files & folders >> so the user can't see the malware bodies which always come with hidden attribute set to true!
5 - Disable Run Command >> so the user can't use it to run some tools to track the virus activites of remove it.
6 - Disable Windows Firewall (SharedAccess) >> so the virus can send & receive any data through the network without the attention of the user!
7 - Disable Windows Firewall (Wscsvc) >> so the virus can send & receive any data through the network without the attention of the user!
8 - Disable Windows Firewall (Wuauserv) >> so the virus can send & receive any data through the network without the attention of the user!
9 – Restrict Internet Explorer Home Page Changing >> so the user can't change the malicious web page set by the malware!
10 – Restrict Internet Explorer Closing >> so the user can't close the pops up windows that appear when visiting the malicious web page or any other website!
11 – Hide Internet Options >> so the user can't change any setting set by the malware!
12 – Hide Internet Explorer Address Bar >> so the user can't see what web page being visited and what scripts being executed!
13 - Restrict Internet Explorer Right Click >> so the user can't view the source of the page being visited and other useful things.
14 – Hide Internet Explorer Navigation Buttons >> so the user will be forced to user the keyboard shortcuts to navigate through the web sites!
15 - Hide Internet Explorer Context Menu >> so the user can't access this menu which make him able to select some useful settings.
16 - Hide Internet Explorer Toolbar >> so the user can't use it to remove some unwanted toolbars made by the malware.
17 - Disable Command Prompt (cmd.exe) >> so the user cannot run any console programs like command prompt removal tools...
18 - Disable Control Panel >> so the user cannot use the control panel applets.
19 - Hide system files/folders >> so the user can't see the malware bodies which usually come with system attribute set to true!
20 - Change Show Hidden files option button >> So even if you select "Show hidden files and folders from folder options these files & folder will not be shown!
21 - Disable Show System files check box >> So even if you unchecked "Hide protected operating system files" these files & folder will not be shown!
22 - Disable Show all files/folders check >> So changing this from folder options will be ignored!
23 - Hide Desktop items to prevent the user from accessing My Computer and other desktop shortcuts!
24 – Hide files extensions: This is commonly used by malware to trick the user. By hiding file extension, a user doesn't know whether a file with folder icon is an exe file or just an ordinary folder.
25 – Disable File Extentions Check >> So changing this from folder options will be ignored!
26 – Restrict Windows Update >> So the user cannot download security patches from Microsoft.
27 – Disable Shut Down Command >> So the user cannot shut down the system normally.
28 – Restrict Settings Folders >> Just imagine when you all items under Start menu>Settings wont run!
29 – Disable Taskbar context menu >> You right click your taskbar.. Oops; nothing happens!
30 – Disable Logoff Command >> So the user cannot logoff and use another profile.
31 – Hide Start Menu Logoff >> So the user cannot use this shortcut to logoff!
32 – Restrict Add/Remove Programs >> So the user cannot see what applications and windows components are installed or uninstall/reinstall any application.
33 – File Extention Default >> So the user cannot select "Hide extensions for known file types".
34 – No Windows Update >> So the user cannot download security updates and other fixes for windows.
35 – R-Media Malware >> This item is indicating that a malicious object is trying to invade your computer through removable media, please see the details below.
36 – Hidden Drives >> So the user cannot see any of the storage drives but they still can use RUN to access and explore them.
37 – Restricted Drives >> So the user can see the drives but cannot access them even when using RUN command.
38 – No Search >> So the user cannot search the file system using the start menu item for any file.
Unfortunately, AV Software doesn’t really care about these restrictions and do nothing to re-enable them!
Until AV software comes up with such a tool in their future versions, we have created a very small tool for you that does just that! It re-enables all what the virus had previously disabled, and gives you back the control over your own computer. We called it Remove Restrictions Tool (RRT).
The new great feature:
RRT now is implemented with a totally new and great feature, we call it:
Removable Media Malware Defender.
Since we noticed that most of the malware nowadays spread via removable media (Flash disks in specific), we implemented RRT with the ability of monitoring, blocking and removing any type of malware that uses flash disks to spread.
RRT with AutoRemove enabled will monitor your system and detects any flash disk as soon as it gets plugged into the USB port. The generic technique will work in less than few milliseconds , if it detects any infection in the flash disk, it will block it and remove the infection before it makes any harm to your computer.
The great news is that RRT -unlick the traditional AVs- doesn't need to be updated with malware signatures in order for it to do it's job, instead, it uses a generic and smart technique that detects any type of malware that attempt to infect your system via flash disk inserted into the USB ports.
Important notes:
1 - Since this tool is a security software that deals with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order for it to do it's job. Some other security softwares will try to block the tool and prevent it from doing its job, please make sure that it's not blocked by your filewall and there's no other program blocking it.
Before running this tool, we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.
2 - Though RRT is able to remove the restrictions caused by malware even if the malware is already active, your computer must be CLEAN before using RRT. RRT is not programmed to heal your computer from any type of malware that is already infected your computer. RRT is just a tool to remove the malware leftovers and is a DEFENDER against the future malware that may infect your computer through removable media in the future!
3. RRT will NOT protect you from any malware type that may infect your computer through CD/DVD drives, emails, or the internet. It's only programmed to protect you from the Flash disks malware. By using RRT with AutoRemove enabled, you will be sure 100% of that your computer will not get infected through flash disks!
How to buy RRT
The limited version of this tool is for FREE for personal use only. This limited version does not have the AutoRemove feature and has no Removable Media Malware Defender. If you would like to use the application in a business environment or you want to enjoy those two great features you are required to license the application. Licensing is quick, and the pricing is flexible.
Buy from Plimus (Recommended)
This is the recommended authorized reseller of our products, they accept almost any type of payments methods, CC, PayPal, Wire transfer, pay by fax ...etc, they have an excellent customer support 24/7 an live assistance, you can buy in a secured place and enjoy the discounts and the special promotions, and the most great thing is that you don't have to wait to get your product activated as the activation process is fully automated. To buy RRT from Plimus click here
Buy from Avangate
If you do not have a Credit Card or you want to pay by PayPal or you want enjoy the discount options for bulk orders, you may buy RRT from Avangate here
Buy from CNET
If you have your Credit Card ready and you need to buy only one unit, please you may buy RRT from CNET by clicking here
Notes for CNET buyers:
Once you purchase the software, you'll receive a confirmation asking you to send your RRT ID to sales@sergiwa.com. RRT ID is the number RRT shows up when it starts up, it's usually a number of 8 or 9 digits, once you send your RRT ID, you'll instantly get your activation code!
Didn't get the activation code by email?
Below are some of the most common reasons you might not be getting the activation code by email.
* First, be patient, sometimes it takes a while for the email to arrive.
* Check to ensure you entered your email address correctly when you purchased the software. If it's wrong, contact us and provide a valid email.
* Check your junk email box, the email might have been filtered as junk.
* If you can't still get the email, post here and we'll help you to sort it out.
RRT - With Removable Media Malware Defender
Developer: Issam Sergiwa
Company: iSergiwa Software
OS: Windows XP, Vista
Bugs? Problems?
Contact support@sergiwa.com
|
|
182031 128.70 KB Windows XP, Vista http://www.sergiwa.com |
| Category: Security |
| iPMS v2.1 - iSergiwa Portable Malware Scanner |
Version: v2.1
Submitted Date : 2008/8/19 |
Description:
What does iPMS do?
iPMS detects and removes tons of malware like viruses, worms, spyware, trojans. It removes them from all your hard drives, shared network drives, floppy disks and USB flash disks (removable media must be write enabled during the scan process).
However, the demo version of iPMS is only for detection purpuses, it does NOT remove any malicious objects!
iPMS Targets
You can view a list of all malware targeted by iPMS v2.1 by clicking on TARGETS button. You can also view a full list of malicious objects targeted by iPMS online by clicking here
How to use iPMS?
To do a full scan, start your computer in safe mode and run iPMS then click START. To scan individual objects (drives, folders..) click INSTALL button, this will integrate iPMS with your Windows Explorer and add an item to the explorer context menu called "Scan with iPMS". Use this item whenever you need to scan any individual object.
How to update iPMS program?
All you have to do is to click UPDATE button and follow the instructions.
How to update iPMS targets database?
All you have to do is to click UPDATE button and follow the instructions.
Important note:
Since this tool is a security software that deals with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order for it to do it's job. Some other security softwares will try to block the tool and prevent it from doing its job, please make sure that it's not blocked by your filewall and there's no other program blocking it.
Before running this tool, we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.
How to buy iPMS Pro?
iPMS license is “Per User” which means that once you purchase the software you will be able to use it to scan and clean unlimited number of computers. iPMS license rely physically on a flash disk/thumb drive/memory card you select to be as a USB Dongle. Plug in your flash disk into your computer and run iPMS, your thumb drive will act like a USB dongle, iPMS will give you a number consists of 8 or 9 digits which we call iPMS ID. Send this ID to sales@sergiwa.com along with your proof of purchase and we will send you the activation code. This will allow you to use iPMS Pro as a portable software on any computer that has your thumb drive plugged in. Please do not format your thumb drive or throw it away as it will be your physical license. iPMS will NOT work in Pro mode unless you have your USB dongle plugged in.
Buy from Plimus (Recommended)
This is the recommended authorized reseller of our products, they accept almost any type of payments methods, CC, PayPal, Wire transfer, pay by fax ...etc, they have an excellent customer support 24/7 an live assistance, you can buy in a secured place and enjoy the discounts and the special promotions, and the most great thing is that you don't have to wait to get your product activated as the activation process is fully automated. To buy iPMS from Plimus click here
Buy from Avangate
If you do not have a Credit Card or you want to pay by PayPal or you want enjoy the discount options for bulk orders, you may purchase iPMS from Avangate here
Buy from CNET
If you have not purchased the software yet and you have your Credit Card ready and you need to buy only one unit from CNET, please do it by clicking here
Notes for CNET buyers:
Once you purchase CaSIR, you'll receive a confirmation asking you to send your CaSIR ID to sales@sergiwa.com. CaSIR ID is the number CaSIR shows up when it starts up, it's usually a number of 8 or 9 digits, once you send your CaSIR ID, you'll instantly get your activation code!
Didn't get the activation code by email?
Below are some of the most common reasons you might not be getting the activation code by email.
* First, be patient, sometimes it takes a while for the email to arrive.
* Check to ensure you entered your email address correctly when you purchased the software. If it's wrong, contact us and provide a valid email.
* Check your junk email box, the email might have been filtered as junk.
* If you can't still get the email, post here and we'll help you to sort it out.
iPMS – iSergiwa Portable Malware Scanner
Developer: Issam Sergiwa
Company: iSergiwa Software
OS: Windows XP, Vista
Bugs? Problems?
Contact support@sergiwa.com
|
|
46613 594.94 KB Windows XP, Vista http://www.sergiwa.com |
| Category: Utilities |
| ACPC v4.0 - iSergiwa Arabic Code Page Converter |
Version: 4.0
Submitted Date : 2008/8/7 |
Description:
Have you finally made up your mind and now want to move to a Windows-based database manager or application?
Do you have such a large database that is seems to take ages to re-enter its data?
Are you perhaps intending to publish your database on the internet to allow your customers to view or access it online?
Have you ever faced the problem of being unable to read the Arabic DOS characters under Windows or MySQL servers?
If your answer was ‘Yes’ to any of the above questions then we designed a program that is purpose-built for you and your needs!
iSergiwa ACPC v4.0
Converting is as easy as 123
1 - Export your database using your DOS-Based application to any format you prefer: DBF, TXT, CSV, TSV etc.
2 - Run ACPC v4.0 and browse for the exported file.
3 - Press Convert and you're done!
This software is NOT free, please download the package first. If you like it, buy it.
|
|
10803 793.56 KB Windows All http://www.sergiwa.com |
| Category: Security |
| PRT v2.5 - Perlovga Removal Tool |
Version: 2.5
Submitted Date : 2008/5/17 |
Description:
Sick and tired of constantly seeing the temp2.exe error message?
When you doubleclick on one of your hard drive partitions, does it show you some unexpected results?
When you rightclick on one of your hard drive partitions, do you see a new item called "Autoplay" on top of other items with bold face?
When you right click on one of your hard drive partitions, do you see some new items with garbage text?
If your answer was ‘Yes’ to any of the above questions then the chances are that you may be infected with the Perlovga virus (otherwise known as temp2.exe) or one of its variants. The problem is that this virus is particulary cumbersome to remove, even by reputable anti-virus programs. But we have the solution and it is called PRT (or Perlovga Removal Tool)!
What does this tool do?
It detects and reoves all traces of the Perlovga virus from your system, including floppy disks and USB flash disks (the latter ones must be write enabled during the scan process).
It also removes the leftovers of this virus by removing the 'autorun.inf' files and cleaning up you system registry, so you won’t see the 'autoplay' item anymore.
How to use it?
Start your computer in Safe mode and run this tool. If you have infected floppy/flash disks you can insert them and click start. You can repeat this process for every disk you have.
Important note:
Since this tool is a security software that deals with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order for it to do it's job. Some other security softwares will try to block the tool and prevent it from doing its job, please make sure that it's not blocked by your filewall and there's no other program blocking it.
Before running this tool, we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.
Notes:
If you experience any problems, find any bugs or just want to leave your comments, please contact us here: support@sergiwa.com
This tool is for FREE for personal use only! If you would like to use the application in a business environment you are required to license the application. Licensing is quick, and the pricing is flexible. If you would like to license our application for your business or corporation, please do it here
|
|
103284 32.50 KB Windows XP, Vista http://www.sergiwa.com |
| Category: Security |
| DRT v1.0 - Duplicated folders Removal Tool |
Version: 1.0
Submitted Date : 2008/5/16 |
Description:
What does this tool do?
This tool removes the so called : duplicated folders virus which is a very common symptom of being infected by virus IM-Worm.Win32.Sohanad.ao and friends. It removes the duplicated folders from all your hard drive partitions including floppy disks and USB flash disks (those must be write enabled during the scan process)
How to use it?
Start your computer in Safe mode and run this tool. if you have infected floppy/flash disks you can insert them and click start. you can repeat this for every disk you have.
Important note:
Since this tool is a security software that deals with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order for it to do it's job. Some other security softwares will try to block the tool and prevent it from doing its job, please make sure that it's not blocked by your filewall and there's no other program blocking it.
Before running this tool, we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.
Notes:
If you experience any problems, find any bugs or just want to leave your comments, please contact us here: support@sergiwa.com
This tool is for FREE for personal use only! If you would like to use the application in a business environment you are required to license the application. Licensing is quick, and the pricing is flexible. If you would like to license our application for your business or corporation, please do it here
|
|
21763 11.72 KB Windows All http://www.sergiwa.com |
| Category: Security |
| isReset v1.0 - Files/Folders attributes Reset Tool |
Version: 1.0
Submitted Date : 2008/5/16 |
Description:
What does this tool do?
Some malware do change your files' attributes to system/hidden but when you want to change them back to normal you wont be able to do that because the options are grayed.
isReset resets your system/hidden files/folders so you can view/access them normally.
How to use it?
Simply drag & drop your files/folders into the cross sign and then click RESET.
Important note:
Since this tool is a security software that deals with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order for it to do it's job. Some other security softwares will try to block the tool and prevent it from doing its job, please make sure that it's not blocked by your filewall and there's no other program blocking it.
Before running this tool, we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.
Notes:
If you experience any problems, find any bugs or just want to leave your comments, please contact us here: support@sergiwa.com
This tool is for FREE for personal use only! If you would like to use the application in a business environment you are required to license the application. Licensing is quick, and the pricing is flexible. If you would like to license our application for your business or corporation, please do it here
|
|
22091 26.37 KB Windows All http://www.sergiwa.com |
| Category: Security |
| SRT v2.1 - Sohanad Removal Tool |
Version: 2.1
Submitted Date : 2008/5/16 |
Description:
Sick and tired of constantly seeing the New Folder.exe file in the root path of every storage media you have?
Sick and tired of constantly seeing a new folder inside every folder you have?
When you doubleclick on one of your hard drive partitions, does it show you some unexpected results?
When you rightclick on one of your hard drive partitions, do you see a new item called "Autoplay" on top of other items with bold face?
When you right click on one of your hard drive partitions, do you see some new items with garbage text?
When your Antivirus detects and deletes the malware that causes all of that and restart your system, do you see an error message similar to: "Windows cannot find SSCVIIHOST.exe..."?
If your answer was ‘Yes’ to any of the above questions then the chances are that you may be infected with the Sohanad virus (otherwise known as New Folder.exe) or one of its variants:
IM-Worm.Win32.Sohanad.as
IM-Worm.Win32.Sohanad.ao
IM-Worm.Win32.Sohanad.am
IM-Worm.Win32.Sohanad.ap
The problem is that this virus is particulary cumbersome to remove, even by reputable anti-virus programs. But we have the solution and it is called SRT (or Sohanad Removal Tool)!
What does this tool do?
It detects and reoves all traces of the Sohanad virus from your system, including floppy disks and USB flash disks (the latter ones must be write enabled during the scan process).
It also removes the leftovers of this virus by removing the 'autorun.inf' files and cleaning up you system registry, so you won’t see the 'autoplay' item anymore.
How to use it?
Start your computer in Safe mode and run this tool. If you have infected floppy/flash disks you can insert them and click start. You can repeat this process for every disk you have.
Important note:
Since this tool is a security software that deals with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order for it to do it's job. Some other security softwares will try to block the tool and prevent it from doing its job, please make sure that it's not blocked by your filewall and there's no other program blocking it.
Before running this tool, we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.
Notes:
If you experience any problems, find any bugs or just want to leave your comments, please contact us here: support@sergiwa.com
This tool is for FREE for personal use only! If you would like to use the application in a business environment you are required to license the application. Licensing is quick, and the pricing is flexible. If you would like to license our application for your business or corporation, please do it here
|
|
32128 40.50 KB Windows All http://www.sergiwa.com |
|
Germany (1)
USA (4)