September 2, 2008

iPMS v2.1 - iSergiwa Portable free Malware

iPMS v2.1 - iSergiwa Portable Malware iPMS detects and removes tons of malware like viruses, worms, spyware, trojans. It removes them from all your hard drives, shared network drives, floppy disks and USB flash disks (removable media must be write enabled during the scan process).
However, the demo version of iPMS is only for detection purpuses, it does NOT remove any malicious objects!

iPMS Targets
You can view a list of all malware targeted by iPMS v2.1 by clicking on TARGETS button. You can also view a full list of malicious objects targeted by iPMS online by clicking here

How to use iPMS?

To do a full scan, start your computer in safe mode and run iPMS then click START. To scan individual objects (drives, folders..) click INSTALL button, this will integrate iPMS with your Windows Explorer and add an item to the explorer context menu called "Scan with iPMS". Use this item whenever you need to scan any individual object.

How to update iPMS program?

All you have to do is to click UPDATE button and follow the instructions.

How to update iPMS targets database?

All you have to do is to click UPDATE button and follow the instructions.

Important note:
Since this tool is a security software that deals with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order for it to do it's job. Some other security softwares will try to block the tool and prevent it from doing its job, please make sure that it's not blocked by your filewall and there's no other program blocking it.
Before running this tool, we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.

How to buy iPMS Pro?

iPMS license is “Per User” which means that once you purchase the software you will be able to use it to scan and clean unlimited number of computers. iPMS license rely physically on a flash disk/thumb drive/memory card you select to be as a USB Dongle. Plug in your flash disk into your computer and run iPMS, your thumb drive will act like a USB dongle, iPMS will give you a number consists of 8 or 9 digits which we call iPMS ID. Send this ID to sales@sergiwa.com along with your proof of purchase and we will send you the activation code. This will allow you to use iPMS Pro as a portable software on any computer that has your thumb drive plugged in. Please do not format your thumb drive or throw it away as it will be your physical license. iPMS will NOT work in Pro mode unless you have your USB dongle plugged in.


Buy from Plimus (Recommended)
This is the recommended authorized reseller of our products, they accept almost any type of payments methods, CC, PayPal, Wire transfer, pay by fax ...etc, they have an excellent customer support 24/7 an live assistance, you can buy in a secured place and enjoy the discounts and the special promotions, and the most great thing is that you don't have to wait to get your product activated as the activation process is fully automated. To buy iPMS from Plimus click here

Buy from Avangate
If you do not have a Credit Card or you want to pay by PayPal or you want enjoy the discount options for bulk orders, you may purchase iPMS from Avangate here

Buy from CNET
If you have not purchased the software yet and you have your Credit Card ready and you need to buy only one unit from CNET, please do it by clicking here


Notes for CNET buyers:
Once you purchase CaSIR, you'll receive a confirmation asking you to send your CaSIR ID to sales@sergiwa.com. CaSIR ID is the number CaSIR shows up when it starts up, it's usually a number of 8 or 9 digits, once you send your CaSIR ID, you'll instantly get your activation code!

iSergiwa free Software

If you have reached this page, then you probably have been sent here by one of our other free programs :RRT,PRT, DRT,SRT or isReset
CaSIR v2.2 - Common and Stubborn Infections
By using our free programs above, you probably have got rid of some common infectors like:

Virus.Win32.Perlovga.a
Virus.Win32.Perlovga.b
Trojan-Dropper.Win32.Small.apl
Backdoor.Win32.small.lo
W32/QQRob-ABX
Alnooh
IM-Worm.Win32.Sohanad.ao
IM-Worm.Win32.Sohanad.as
IM-Worm.Win32.Sohanad.am
IM-Worm.Win32.Sohanad.ap

And you probably have got rid of the problems and the restrictions made by those infectors!

But this is NOT the end, Those infectors are NOTHING comparing to CaSIs!!!

What are CaSIs?

CaSIs is short for Common and Stubborn Infectors. These are malicious programs (viruses, worms, Trojans, etc.) that are notoriously difficult to detect and to remove by regular anti-virus programs. These programs often have the capability to disable your computer or your anti-virus programs.

Good examples of the those infectors are:

Win32.Brontok.q
Win32.Delf.cc
Win32.VB.by
Win32.VB.cz
Trojan.Win32.Small.wv (Medichi & Medichi2)
Trojan-Downloader.Win32.Todon.ai
Trojan-Downloader.Win32.Todon.aj
Worm.Win32.AutoRun.dkk (Ahsan virus)
Trojan-Downloader.Win32.VB.bbl

If one of the above nasty infectors infected your computer you will not be able to install any of the well-known Antivirus software like Kaspersky, Mcafee, Norton, AVG, Panda... (and about 135 more Different AVs)! and please, don't try to use the Safe Mode to remove them manually because those infectors will disable the "Safe Mode"!

How do you get infected by these CaSI's?

Well, mostly because you open an attachment from an email that isn't from one of your friends. Or by using infected removable storage medias (CDs,DVDs/Floppy disks/Flash disks, Memory Cards...). Or just by visiting a suspect website which can result in your computer being compromised.

The only thing that could have saved you was having a good Anti-Virus program with up-to-date signatures. If you didn't have those installed on your computer these CaSI's could enter your system with ease and change lots of settings.

Once you are infected, NOTHING (no well-known anti-virus program such as Kaspersky, Norton, Symantec, McAfee, NOD32, etc.) can rescue you anymore. You and your computer are doomed.

But now there is a solution and it is called CaSIR

What is CaSIR?

CaSIR (Common And Stubborn Infections Remover) -- is an on-demand malware removal software. We designed it especially to remove the most common and stubborn infections from your computer. It can remove their running processes, their bodies, their registry entries and any other leftovers!

CaSIR doesn't randomly search for CaSIs, but he goes directly to the areas that a specific CaSI infects and removes it from there, hence, it does its job in mere seconds!

CaSIR does more than that. It has a generic and strong technique that allows it to do the following:

. CaSIR removes the common restrictions made to your computer by those infectors which none of the AVs deal with.
. CaSIR removes the illegitmate services frequently used by those infectors.
. CaSIR recognizes and instantly kills and deletes any running process that is disguising itself among the legitimate system services.
. CaSIR removes any scripts used by those infectors to autorun.
. CaSIR removes any autostarting registry entries related to the illegitmate services he detects.
. CaSIR deals with all your storage medias (Fixed, floppy, removable...) and cleans them up all if need be.
. CaSIR cleans up your system registry so no more spy keys, garbage activities or messages keep asking for already deleted files.
. CaSIR's signatures are fully updatable, once you download the software, all you need to do is to download the new definitions frequently and you're up-to-date and ready-to-go.

How to use CaSIR?

Just extract the zip-file you download which contains only two files:
- CaSIR20.exe: The main executable file.
- casirdef.cas The definitions file.

Simply run CaSIR (in Normal Mode) and press Start, Wait for seconds' and you're done!

If CaSIR detected any CaSIs, it will restart your computer and works in what we calls "Pre-$hell mode", after finishing it's job, CaSIR will restart your computer in Normal mode.

Important notes:
1. Since CaSIR is a security software that deal with the file system, the system registry and the running processes, it MUST be given all the rights it demands in order to remove any infection. Some other security softwares will try to block CaSIR and prevent it from doing its job, please make sure it's not blocked and there's no other program blocking CaSIR. During disinfection process we recommend you to disable any other security solution you are runing such as Antivirus, Firewall, monitoring tools ..etc.

2. Please do NOT attempt to run CaSIR in safe mode, CaSIR needs to investigate your system to know what CaSIs are active, if you ran CaSIR in safe mode, he might not be able to detect any active CaSIs, as they usually do not run in safe mode!

3. If you have more than one infected computer connected together to the same local network, do NOT attempt to use CaSIR on the infected computer while the other infected ones are connected to it, this would results in getting infected again and again. You always need to disconnect the infected computer from the network before using CaSIR and do so with all your infected computers one by one!

What is "CDS Jobs" button? and why is it there?

CDS is short for "CaSIR Deep Scanner". This is the part of CaSIR which uses the classic method of searching for malware; By the binary signature. We have added this new section of CaSIR starting from v2.0 because we lately noticed that some CaSIs' authors have developed a new method of making identifying their malware more difficult, that is to make the CaSI spread using random file names, random registry keys, random registry values and random running processes names, so that any algorithm based on the malware File/Folder/RegKey/RegVal/Running Modules/Processes/Threads names would fail and be of no use!

If CaSIR detected any such a nasty CaSIs (those with random techniques), he will analyze the situation first and kill the active parts of the CaSI, then invoke the CDS which will scan all your hard disks/floppy disks/flash disks/memory cards/iPod/MP3/WMA Drivers available on your system to clean them, then he will restart your computer in Pre-$hell mode to continue removing the other CaSIs, after finishing it's job, CaSIR will restart your computer in normal mode with a "Congratulations" message!

Please note that you can cancel those processes at any time, but we strongly don't recommend that, because by doing that, you will put your computer in a dangerous situation as the CaSI will come back again when you restart your computer, so please be patient and let CaSIR finish it's job.

Does CaSIR generate a log report?

Yes, after every phase of work, CaSIR will automatically generate a report file and saves it in same folder where CaSIR is. The report file always has the name: casirrpt.txt! This file is needed by us when you have any problem or inquiry and need to contact us, so please don't forget to attach this file with your inquiry.

How to update CaSIR definitions?

There's two methods of getting updates, offline and Online:

1. The Online method:
Simply press "Update" button and follow the instructions on screen.

2. The Offline method:
Visit www.sergiwa.com and go to downloads section, under Security software, you'll find CaSIR Definitions file. Download it. The definitions file is a very small zipped file that contains the CaSIs signatures. All you have to do is to download casirdef.zip, extract its contents and replace it with the old one!

What are those RNP, GFL, SFL, GFD, SFD, RKM, RKD, RKA, RSO?

When CaSIR find an infection on your computer, it shows up the infection in the following way :

XXX - YYY

XXX: is the type of the infection found
YYY: is the infection itself

XXX has 9 different keywords

RNP : Running Process
GFL : Group of Files
SFL : Single File
GFD : Group of Folders
SFD : Single Folder
RKM : Registry Key to be Modified
RKD : Registry Key to be Deleted
RKA : Registry Key to be Added
RSO: Regular System Optimization

How to buy CaSIR?


The Demo-version only detects the infection but doesn't remove them. To fully remove the infections you have to buy the Pro-version. If you are currently using the DEMO version of CaSIR, you will be automatically taken to this page whenever an infection found in your computer.


Buy from Plimus (Recommended)
This is the recommended authorized reseller of our products, they accept almost any type of payments methods, CC, PayPal, Wire transfer, pay by fax ...etc, they have an excellent customer support 24/7 an live assistance, you can buy in a secured place and enjoy the discounts and the special promotions, and the most great thing is that you don't have to wait to get your product activated as the activation process is fully automated. To buy CaSIR from Plimus click here

Buy from Avangate
If you do not have a Credit Card or you want to pay by PayPal or you want enjoy the discount options for bulk orders, you may purchase CaSIR from Avangate by clicking here

Buy from CNET
If you have your Credit Card ready and you need to buy only one unit, you may purchase CaSIR from CNET by clicking here


Notes for CNET buyers:

Once you purchase CaSIR, you'll receive a confirmation asking you to send your CaSIR ID to sales@sergiwa.com. CaSIR ID is the number CaSIR shows up when it starts up, it's usually a number of 8 or 9 digits, once you send your CaSIR ID, you'll instantly get your activation code!

Didn't get the activation code by email?

Below are some of the most common reasons you might not be getting the activation code by email.

* First, be patient, sometimes it takes a while for the email to arrive.
* Check to ensure you entered your email address correctly when you purchased the software. If it's wrong, contact us and provide a valid email.
* Check your junk email box, the email might have been filtered as junk.
* If you can't still get the email, post here and we'll help you to sort it out.
More Interesting Blogs!