The professional solution to great protection

avast! 4 Professional Edition represents the best antivirus protection available and can be downloaded and used free of charge for a 60-day trial period. At the end of the trial period, a license key must be purchased, which will be valid for a further 1, 2, or 3 years. avast! 4 Professional Edition comes with anti-spyware, anti-rootkit and strong self-protection built-in. It is designed to protect your valuable data and programs, as well as keep itself up-to-date and has the kind of built-in features that many vendors charge for additionally, or don’t include at all.

All-inclusive, comprehensive protection avast! 4 Professional Edition includes ANTI-SPYWARE protection, certified by the West Coast Labs Checkmark process, to protect against the latest spyware threats and ANTI-ROOTKIT DETECTION based on the best-in class GMER technology, built into the scan engine.

Simple to use and fully automated - Automatic incremental updates provide real-time protection of your system, including web surfing. We’ve made avast! antivirus as simple to use as possible, while allowing full control of your security.

Tried and Trusted - With over 60 million users of avast!, you can rest assured that you are using one of the most tried and trusted antivirus products in Windows security. avast! supports more MS Windows versions (from Windows 95 to Vista 64-bit) than any other anti-malware product.
Features overview:
Anti-spyware built-in     Automatic updates
Anti-rootkit built-in     PUSH updates
Strong self-protection     Virus Chest
Antivirus kernel     System integration
Simple User Interface     Command-line scanner
Enhanced User Interface     Integrated Virus Cleaner
Resident protection     Support for 64-bit Windows
Script blocker     Internationalization
P2P and IM Shields     Network Shield
Web Shield

* Recommended by experts and editors around the world as the reliable Anti-Spyware.
* FREE customer support for everybody.
* Frequent advanced updates ensure that you are always protected.
* Easiest to use with intelligent automatic protection.
* Detects, removes and blocks all types of Spyware and Adware threats.
* 100% Money Back Guarantee.

Spyware Doctor has consistently been awarded Editors’ Choice, by leading PC magazines and testing laboratories all over  the world, including Sweden, UK, Germany, US and Australia. Besides, after leading the market in 2005, Spyware Doctor was awarded the prestigious Best of the Year at the end of 2005 and then in 2006.
Spyware Doctor has been downloaded over 125 million times with millions more downloads every week. People worldwide use and trust Spyware Doctor to protect their PCs from spyware, adware and other online threats.

Spyware Doctor continues to be awarded the highest honors by many of the world’s leading PC publications such as PC Magazine, PC World, PC Plus, PC Pro, PC Utilities, PC Authority, PC Advisor, Microdatorn, PC Choice, Computer Bild and PC Answers Magazine.

Did you know that numerous programs tested against Spyware Doctor detected only small fraction of Spyware and completely removed an even smaller amount? Also most of them were unable to effectively block Spyware in real time from being installed on users PC in the first place.
When you are choosing Anti-Spyware make sure you choose one that is proven and has genuine awards from one or more world leading research labs such a PC World, CNET, PC Magazine, PC Authority, PC Pro Magazine, PC Answers and other trusted labs. More importantly do not use ratings from unknown review websites, as often these are designed to mislead you into purchase of affiliated, inferior or rogue product.
Screenshot [+] Click to Enlarge

Detects, removes and blocks all types of Spyware.

Spyware Doctor is advanced technology designed especially for people, not just experts. That is one reason why it won the People’s Choice Award in 2005, 2006, 2007 and 2008. It is automatically configured out of the box to give you optimal protection with limited interaction so all you need to do is install it for immediate and ongoing protection.
Spyware Doctor has the most advanced update feature that continually improves its Spyware fighting capabilities on daily basis. As Spyware gets more complex to avoid detection by AntiSpyware programs Spyware Doctor responds with new technology to stay one step ahead.
Easiest in Using

Spyware Doctor’s advanced IntelliGuard technology only alerts users on a true Spyware detection. This is significant because you should not be interrupted by cryptic questions every time you install software, add a site to your favorites or change your PC settings. Such messages can be confusing and lead to undesirable outcomes such as inoperable programs, lost favorites or even Spyware being allowed to install on the system. We’ve done the research so you do not have to.
Spyware Doctor Full Version Information
Current Version:    6.0.0.383
File Size:    13,278 KB
Operating System:    Designed for Windows® Vista™ 32-bit, XP and 2000. Windows® 98 users .
Release Date:    September 1, 2008
Protection Against:    Adware, Spyware, Keyloggers, Spyware Trojans, Hijackers, Identity Theft, Tracking Threats, Unwanted Software, Phishing, Rogue Anti-Spyware, Popups and Bad Websites.
Add-ons:    Free optional plug-ins are available for Spyware Doctor including Site Guard, Email Guard and Behavior Guard
Trial Limitations:    The trial offers time unlimited real-time protection (free spyware blocking), but does not remove threats detected during on-demand scans, updates may also differ to those supplied to registered users.
Starter Edition:    The Starter Edition offers full scan and removal of threats, and basic real-time protection, is available for free as part of the Google Pack.

Advantages of Avira AntiVir:

AntiVir protection from viruses, worms and Trojans,
AntiDialer protection against expensive dialers,
AntiRootkit protection from hidden rootkits ,
Faster Scanning up to 20 per cent faster,
New User Interface,
AntiPhishing protection from phishing,
AntiSpyware protection from spyware and adware,
WebGuard protection from malicious websites,
RescueSystem creates a bootable rescue CD,
Enhanced email protection for POP3 and SMTP,
Fast Premium update server,
5 euro donation to the Auerbach Foundation,
AntiSpam filters out unwanted and phishing emails,
FireWall protection from hackers,
GameMode uninterrupted game play,
Backup-System saves your important data,
AntiBot prevents dangerous bot networks,
AntiDrive-by stops surfing malware downloads.

Description added       Aug 29 2002
Behavior                    TrojanDownloader
Technical details:
Apher is malware virus in the wild that spreads as an attachment to spoofed e-mails using a legitimate Microsoft address. The email text is disguised as a Kaspersky Labs Anit-virus software update.
Below is a screen shot of a spoofed e-mail message infected with Apher:

Technical details:
This Trojan is a Windows PE EXE file. The file is 61 440 bytes in size.
Payload:
During installation, the Trojan creates a file and saves its configuration to this file:
%WinDir%\cchost.ini
This Trojan is designed to send spam from a victim machine. When launched, it attempts to download, in encrypted form, the spam that will be sent:
http://www.smalltool.net/remotewatch/send_****.php
It also downloads a list of email addresses from the following address:
http://www.smalltool.net/remotewatch/user****.php
The Trojan will then send the spam it downloaded to the addresses on the list.
Removal instructions:
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
Use Task Manager to terminate the Trojan process.
Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
Delete the following file:
%WinDir%\cchost.ini
Update your antivirus databases and perform a full scan of the computer (download a new version of Panda Internet Security 2007).

Description added    Mar 30 2007
Behavior                 PSW Trojan
Technical details:
This Trojan is designed to steal confidential data. It is a Windows PE EXE file. The file is 7,680 bytes in size. It is not packed in any way. It is written in C++.
Installation:
When launched, the Trojan copies itself to the Windows system directory:
%System%/ .exe
It then creates a file in the same place called .cfg.
The Trojan also adds the following parameter to the system registry:
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
” .task” = “%System%/ .exe”
This ensures that the Trojan will be launched each time Windows is booted on the victim machine.
Payload:
This Trojan tracks the user’s actions on the victim machine.
It can:
log keystrokes;
record windows opened;
provides the option to indicate a specific window within which activity will be tracked.
The Trojan opens a random TCP port. It will attempt to connect to a mail server and send the harvested data.
Removal instructions:
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
Use Task Manager to terminate the Trojan process.
Delete the following files:
%System%/ .exe
%System%/ .cfg
Delete the following registry value:
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
” .task”
Update your antivirus databases and perform a full scan of the computer (download a new version of Panda Internet Security 2007).

Description added    Feb 16 2007
Behavior                 TrojanClicker

Technical details:
This Trojan opens a variety of links without the knowledge or consent of the user. It is a Windows PE EXE file. It is 40,960 bytes in size. It is written in Visual Basic.

Payload:
Once launched, the Trojan will periodically open the following links without the user’s knowledge or consent:

http://www.mp3.com/****seuq
http://artists.mp3s.com/artist_stats/239/****seuq.html
http://artists.mp3s.com/artist_calendar/239/23****.html
http://play.mp3.com/cgi-bin/play/play.cgi/****

Removal instructions:
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
1.Use Task Manager to terminate the Trojan process:
2.Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
3.Update your antivirus databases and perform a full scan of the computer (download a new version of Panda Internet Security 2007). 
 

Description added Feb 19 2007
Behavior TrojanProxy
Technical details:This Trojan program turns the victim machine into a proxy server. It is a Windows PE EXE file. It is 27,136 bytes in size. It is packed using UPX. The unpacked file is approximately 60KB in size.
Installation:
The Trojan adds the following parameter to the Window system registry in order to ensure that its executable file will be launched automatically:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“UsbD” = ”

Payload:
The Trojan creates a SOCKS proxy server on a randomly chosen TCP port. The number of the open port and the victim machine’s network address will then be sent to the remote malicious user’s site. The remote malicious user will then be able to use the victim machine without the user’s knowledge or consent.
The Trojan will also periodically send an HTTP request to o.cjdra.com. In response it will get a URL to which it will then attempt to connect.
Removal instructions:
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
Use Task Manager to terminate the Trojan process.
Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
Delete the following key from the system registry:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“UsbD” = ”
Update your antivirus databases and perform a full scan of the computer (download a new version of Panda Internet Security 2007).

Technical details:
This Trojan program makes it possible for a remote malicious user to use the victim machine as a proxy server. It is a Windows PE EXE file. The file is approximately 17KB in size. It is packed using UPack. The unpacked file is approximately 258KB in size.

Installation:
Onced launched, the Trojan drops the file shown below to %Documents and Settings%\%All Users%\Common Documents%\Settings.

arm32.dll — the attribute ‘hidden’ is assigned to this file
The Trojan ensures that its library will be loaded when the Winlogon process starts (on system boot):

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\arm32reg]
 ”Asynchronous”=”dword: 0×00000001″
 ”DllName”=”%Documents and Settings%\%All Users%\%Common Documents%\Settings\arm32.dll”
 ”Startup”=”arm32reg”
 ”Impersonate”=”dword: 0×00000001″
The Trojan constantly checks that this key is present in the registry, and will restore it if the key is manually deleted.

Payload:
The Trojan downloads a configuration file from the remote malicious user’s site, and saves it to the following folder:

%Documents and Settings%\%All Users%\%Common Documents%\Settings\desktop.ini
The Trojan launches the iexplore.exe process and injects its code into this process. This process will open a random TCP port. The remote malicious user will then be notified of the open port number.
This enables the remote malicious user to work as if from the victim machine within a network.

Removal instructions:
Use Kaspersky Anti-Virus 6.0 to delete the Trojan. Update your antivirus databases and perform a full scan of the computer (download a new version of Panda Internet Security 2007).

Technical details:
This Trojan program uses spoofing technology, and is a fake HTML page. It is designed to steal confidential information from clients of Bank of America.
It arrives as an email which appears to be an important message:

The email contains a link which uses the Frame Spoof Vulnerability in Internet Explorer.
The Frame Spoof Vulnerability is detailed in Microsoft Security Bulletin(MS04-004) and is present in versions 5.x and 6.x of Microsoft Internet Explorer. Microsoft published a document describing the vulnerability and how to recognize such fake links.
Once the user enters the site, and enters his/ her account details, they will be sent to the remote malicious user, who may then have full access to the user’s account.