If you have reached this page, then you probably have been sent here by one of our other free programs :RRT,PRT, DRT,SRT or isReset
CaSIR v2.2 - Common and Stubborn Infections
By using our free programs above, you probably have got rid of some common infectors like:
Virus.Win32.Perlovga.a
Virus.Win32.Perlovga.b
Trojan-Dropper.Win32.Small.apl
Backdoor.Win32.small.lo
W32/QQRob-ABX
Alnooh
IM-Worm.Win32.Sohanad.ao
IM-Worm.Win32.Sohanad.as
IM-Worm.Win32.Sohanad.am
IM-Worm.Win32.Sohanad.ap
And you probably have got rid of the problems and the restrictions made by those infectors!
But this is NOT the end, Those infectors are NOTHING comparing to CaSIs!!!
What are CaSIs?
CaSIs is short for Common and Stubborn Infectors. These are malicious programs (viruses, worms, Trojans, etc.) that are notoriously difficult to detect and to remove by regular anti-virus programs. These programs often have the capability to disable your computer or your anti-virus programs.
Good examples of the those infectors are:
Win32.Brontok.q
Win32.Delf.cc
Win32.VB.by
Win32.VB.cz
Trojan.Win32.Small.wv (Medichi & Medichi2)
Trojan-Downloader.Win32.Todon.ai
Trojan-Downloader.Win32.Todon.aj
Worm.Win32.AutoRun.dkk (Ahsan virus)
Trojan-Downloader.Win32.VB.bbl
If one of the above nasty infectors infected your computer you will not be able to install any of the well-known Antivirus software like Kaspersky, Mcafee, Norton, AVG, Panda... (and about 135 more Different AVs)! and please, don't try to use the Safe Mode to remove them manually because those infectors will disable the "Safe Mode"!
How do you get infected by these CaSI's?
Well, mostly because you open an attachment from an email that isn't from one of your friends. Or by using infected removable storage medias (CDs,DVDs/Floppy disks/Flash disks, Memory Cards...). Or just by visiting a suspect website which can result in your computer being compromised.
The only thing that could have saved you was having a good Anti-Virus program with up-to-date signatures. If you didn't have those installed on your computer these CaSI's could enter your system with ease and change lots of settings.
Once you are infected, NOTHING (no well-known anti-virus program such as Kaspersky, Norton, Symantec, McAfee, NOD32, etc.) can rescue you anymore. You and your computer are doomed.
But now there is a solution and it is called CaSIR
What is CaSIR?
CaSIR (Common And Stubborn Infections Remover) -- is an on-demand malware removal software. We designed it especially to remove the most common and stubborn infections from your computer. It can remove their running processes, their bodies, their registry entries and any other leftovers!
CaSIR doesn't randomly search for CaSIs, but he goes directly to the areas that a specific CaSI infects and removes it from there, hence, it does its job in mere seconds!
CaSIR does more than that. It has a generic and strong technique that allows it to do the following:
. CaSIR removes the common restrictions made to your computer by those infectors which none of the AVs deal with.
. CaSIR removes the illegitmate services frequently used by those infectors.
. CaSIR recognizes and instantly kills and deletes any running process that is disguising itself among the legitimate system services.
. CaSIR removes any scripts used by those infectors to autorun.
. CaSIR removes any autostarting registry entries related to the illegitmate services he detects.
. CaSIR deals with all your storage medias (Fixed, floppy, removable...) and cleans them up all if need be.
. CaSIR cleans up your system registry so no more spy keys, garbage activities or messages keep asking for already deleted files.
. CaSIR's signatures are fully updatable, once you download the software, all you need to do is to download the new definitions frequently and you're up-to-date and ready-to-go.
How to use CaSIR?
Just extract the zip-file you download which contains only two files:
- CaSIR20.exe: The main executable file.
- casirdef.cas The definitions file.
Simply run CaSIR (in Normal Mode) and press Start, Wait for seconds' and you're done!
If CaSIR detected any CaSIs, it will restart your computer and works in what we calls "Pre-$hell mode", after finishing it's job, CaSIR will restart your computer in Normal mode.
Important notes:
1. Since CaSIR is a security software that deal with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order to remove any infection. Some other security softwares will try to block CaSIR and prevent it from doing its job, please make sure it's not blocked and there's no other program blocking CaSIR. During disinfection process we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.
2. Please do NOT attempt to run CaSIR in safe mode, CaSIR needs to investigate your system to know what CaSIs are active, if you ran CaSIR in safe mode, he might not be able to detect any active CaSIs, as they usually do not run in safe mode!
3. If you have more than one infected computer connected together to the same local network, do NOT attempt to use CaSIR on the infected computer while the other infected ones are connected to it, this would results in getting infected again and again. You always need to disconnect the infected computer from the network before using CaSIR and do so with all your infected computers one by one!
What is "CDS Jobs" button? and why is it there?
CDS is short for "CaSIR Deep Scanner". This is the part of CaSIR which uses the classic method of searching for malware; By the binary signature. We have added this new section of CaSIR starting from v2.0 because we lately noticed that some CaSIs' authors have developed a new method of making identifying their malware more difficult, that is to make the CaSI spread using random file names, random registry keys, random registry values and random running processes names, so that any algorithm based on the malware File/Folder/RegKey/RegVal/Running Modules/Processes/Threads names would fail and be of no use!
If CaSIR detected any such a nasty CaSIs (those with random techniques), he will analyze the situation first and kill the active parts of the CaSI, then invoke the CDS which will scan all your hard disks/floppy disks/flash disks/memory cards/iPod/MP3/WMA Drivers available on your system to clean them, then he will restart your computer in Pre-$hell mode to continue removing the other CaSIs, after finishing it's job, CaSIR will restart your computer in normal mode with a "Congratulations" message!
Please note that you can cancel those processes at any time, but we strongly don't recommend that, because by doing that, you will put your computer in a dangerous situation as the CaSI will come back again when you restart your computer, so please be patient and let CaSIR finish it's job.
Does CaSIR generate a log report?
Yes, after every phase of work, CaSIR will automatically generate a report file and saves it in same folder where CaSIR is. The report file always has the name: casirrpt.txt! This file is needed by us when you have any problem or inquiry and need to contact us, so please don't forget to attach this file with your inquiry.
How to update CaSIR definitions?
There's two methods of getting updates, offline and Online:
1. The Online method:
Simply press "Update" button and follow the instructions on screen.
2. The Offline method:
Visit www.sergiwa.com and go to downloads section, under Security software, you'll find CaSIR Definitions file. Download it. The definitions file is a very small zipped file that contains the CaSIs signatures. All you have to do is to download casirdef.zip, extract its contents and replace it with the old one!
What are those RNP, GFL, SFL, GFD, SFD, RKM, RKD, RKA, RSO?
When CaSIR find an infection on your computer, it shows up the infection in the following way :
XXX - YYY
XXX: is the type of the infection found
YYY: is the infection itself
XXX has 9 different keywords
RNP : Running Process
GFL : Group of Files
SFL : Single File
GFD : Group of Folders
SFD : Single Folder
RKM : Registry Key to be Modified
RKD : Registry Key to be Deleted
RKA : Registry Key to be Added
RSO: Regular System Optimization
How to buy CaSIR?
The Demo-version only detects the infection but doesn't remove them. To fully remove the infections you have to buy the Pro-version. If you are currently using the DEMO version of CaSIR, you will be automatically taken to this page whenever an infection found in your computer.
Buy from Plimus (Recommended)
This is the recommended authorized reseller of our products, they accept almost any type of payments methods, CC, PayPal, Wire transfer, pay by fax ...etc, they have an excellent customer support 24/7 an live assistance, you can buy in a secured place and enjoy the discounts and the special promotions, and the most great thing is that you don't have to wait to get your product activated as the activation process is fully automated. To buy CaSIR from Plimus click here
Buy from Avangate
If you do not have a Credit Card or you want to pay by PayPal or you want enjoy the discount options for bulk orders, you may purchase CaSIR from Avangate by clicking here
Buy from CNET
If you have your Credit Card ready and you need to buy only one unit, you may purchase CaSIR from CNET by clicking here
Notes for CNET buyers:
Once you purchase CaSIR, you'll receive a confirmation asking you to send your CaSIR ID to sales@sergiwa.com. CaSIR ID is the number CaSIR shows up when it starts up, it's usually a number of 8 or 9 digits, once you send your CaSIR ID, you'll instantly get your activation code!
Didn't get the activation code by email?
Below are some of the most common reasons you might not be getting the activation code by email.
* First, be patient, sometimes it takes a while for the email to arrive.
* Check to ensure you entered your email address correctly when you purchased the software. If it's wrong, contact us and provide a valid email.
* Check your junk email box, the email might have been filtered as junk.
* If you can't still get the email, post here and we'll help you to sort it out.
No comments:
Post a Comment