Frequent Windows maintenance is very important to keep our computer running in tip top shape. One of the first thing you should do in Windows maintenance is removing temporary junk files. Most of your Windows applications create temp files on your hard disk when they are running. These files are supposed to be removed but not all programs do it automatically. The temp files may have been accumulated to megabytes since you have begun using your PC, and they can waste large amounts of your hard drive space without you knowing it! This will lead to the reducing of free space on your hard disk, fragmentation and reduction of the system performance.

Even when a computer is being infected by virus of spyware, the first thing you should do before running a scan is to delete all temp files. Without a doubt that CCleaner is one of the best free program to clean up junks and it supports cleaning many third party applications temp files.

Here’s another great temporary file cleaner which is very small in size (49.5 KB) and widely recommended by malware cleaners.


ATF (A Temporary File) Cleaner is a free temporary file cleaner for Windows Windows 98/ME/2K/XP and Vista, Internet Explorer, Firefox and Opera with a simple, easy-to-use interface. This tool is commonly recommended by malware cleaners in forum to clean the temporary files in your computer before running a scan with HijackThis.

The main screen allows the user to either clean all temporary files, or select files for cleaning. The program also knows if Firefox and or Opera is being used, and gives the option of cleaning the temporary files associated with those applications. ATF Cleaner provides the user with a window showing the total bytes freed upon completion. The program is small (49.5 KB), quick to run and no installation required.

Note for Vista users: On Windows Vista that “Windows Temp” is disabled, to empty “Windows Temp” ATF-Cleaner must be “Run as an Administrator”.

[ Download ATF-Cleaner ]

My favorite and I believe it’s also majority’s favorite BitTorrent client, µTorrent version 1.7 stable is finally here!

The biggest changes were full Vista support and the removal of the 65,536 piece limit for torrents. Also added was support for finding local peers (peers on the same LAN) and optionally not having any upload restrictions for them. It is also possible to turn on automatic updating for betas now, found in the “Other” section of the preferences.

If you’re interested in seeing what has been fixed and changed from utorrent version 1.6 to version 1.7, see here. uTorrent changelog shows a lot of changes and fixes from v1.6 to v1.7. It’s a major update, so make sure you download and use the latest version for better support when downloading torrents.

If you didn’t know about uTorrent or have not used it, please give it a chance. It is only 218KB in size and it is known as the lightweight and efficient BitTorrent client.

Note: Also, check out this post on protecting yourself when downloading using bittorrent if you’ve missed it.

[ Download uTorrent v1.7.1 ]

Firefox hit its second major milestone Tuesday with the release of version 1.5, arriving just over a year after the alternative browser debuted at 1.0. The update sports Mozilla’s new Gecko 1.8 rendering engine to speed up Web surfing, along with a myriad of other fixes and improvements.
Notable changes in Firefox 1.5 include the ability to reorder tabs, faster back and forward buttons, a feature to clear personal data, improved accessibility and popup blocking, along with support for more Web standards such as SVG, CSS 2 and CSS 3, and JavaScript 1.6. Firefox 1.5 is available now for Windows, Mac OS X and Linux.

Mozilla Firefox project (formerly Firebird, which was formerly Phoenix) is a redesign of Mozilla’s browser component, written using the XUL user interface language and designed to be cross-platform. It includes a popup blocker, tabbed browsing, a smarter search, hassle free downloading, and improved privacy and security.

Latest Changes:


• Automated update to streamline product upgrades
• Faster browser navigation with improvements to back and forward button performance
• Drag and drop reordering for browser tabs
• Improvements to popup blocking
• Clear Private Data feature provides an easy way to quickly remove personal data through a menu item or keyboard shortcut
• Answers.com is added to the search engine list
• Improvements to product usability including descriptive error pages, redesigned options menu, RSS discovery, and “Safe Mode” experience
• Better accessibility including support for DHTML accessibility and assistive technologies such as the Window-Eyes 5.5 beta screen reader for Microsoft Windows. Screen readers read aloud all available information in applications and documents or show the information on a Braille display, enabling blind and visually impaired users to use equivalent software functionality as their sighted peers.
• Report a broken Web site wizard to report Web sites that are not working in Firefox
• Better support for Mac OS X (10.2 and greater) including profile migration from Safari and Mac Internet Explorer
• New support for Web Standards including SVG, CSS 2 and CSS 3, and JavaScript 1.6
• Many security enhancements

[ Download Mozilla Firefox for Windows 1.5 ]

First of all I’d like to apologize for not being able to announce the winners of the Christmas Giveaway which I did three days ago. There are just too many problems that I had to go through in randomly picking the winners. First of all, I got caught up with my job, then it’s tough separating the requests on 13 different type of licenses, and finally the latest WordPress 2.7 cannot list all comments in one page for a post in the admin area. It can only display 20 posts in one page so you can image I had to go through 72 pages to screen through cheaters and putting the request in the correct categories.

The good news is I will be announcing the winners now. I have the license codes for most of the products with me except for RISING Antivirus, BitDefender and F-Prot which I have to send your name and email to the respected party so they’ll send the license to you.

I will be sending an email to the winners and you MUST reply before I send the license to you. This is to ensure that the winner actually receives the license. If your name appears in the list that you won but did not receive my email in a few hours, please check your junk or spam folder. Here are the lucky winners of the Raymond.CC Christmas Giveaway 2008!

1 x VirusBuster Professional v6

Ryan Ma

---

1 x 1 Year IKARUS virus.utilities v1

Luke Smith

---

3 x 1 Year F-Prot Antivirus v6

Glen Carr

-Talan-

Laurent-Charles

---

3 x 1 Year BitDefender Total Security 2009

E. Ewing

Quan

Keyur

---

3 x 1 Year BitDefender Internet Security 2009

Gary

Adrian Christopher Miller

wutzup

---

6 x 1 Year BitDefender Antivirus 2009

Kim, Kiseong

alex

Ammar

Zoe Iepure

Prasad Johannessen

Raymond Truong

---

5 x 1 Year eScan Internet Security Suite v9

ashle t

Tylicia Tchel

Michael M

Belinda wong

John McNeilly

---

8 x 125 Days BolehVPN Subscription

Muhammad Muaz

Keithyan

ng hui ya

dino

myariff

Jun

Yu Meng

Ng Phooi Hoong

---

30 x 1 Year Kaspersky Internet Security 2009

Andriy suhanyak

Jose

Li

vamsi

kenn

Bill Bumbarger

jamie

Dave Hart

Eugene

Ken Saigo

Suresh

Odie

webcadre

blackrose

Jose Jacob

Norman

Steve Tomas

Rush

ricardo

hy

Juan De Leon

Carlos Hernandez

Chris

sndymny3

Darryl Duke

Nick C

Michelle Marsh

Walt Roth

Gary in TN

Hardy Lim

---

30 x 1 Year Norton Antivirus 2009

Mike Lewandowski

Da Cozzy

Tony (Comment #256)

Amy Robbins

David Weber

Armando

Rick H

Darryl Duke

Matt

Philip Newcomer

S.Lee

Frankie Zacharias

Travis Jackson

CyberTails

fx

danglee

Anthony Desouza

MZ

Braedon

Jan

Moneypenny

Chooky

NAV09

John Smith

John Wong Ging EE

Naushadali Rangoonwala

David (Comment #210)

Lee (Comment #72)

bahirzaheri8

kefekoto

---

10 x 1 Year Norton Internet Security 2009

xje4bv

heart reaper

utkarsh30june

ismailtahir

Solaris

Mark (Comment #82)

Alan Martin

Sarah

Robin Edwards

Yehuda Alexander

---

50 x 1 Year Dr.Web Anti-virus v5

thathagat

Robin Edwards

gavin

Indranil Maulik

Danny

Jason

Mar

marioncas

petre paltin

sanford john

zanes

Shinod P George

KeKe

Mihai Iepure

flashkidz

Alexa

Chang Chung Hon

Tony Rogers

Evgenii

Karim G Daiah

em

Sony

Ann

aamirullah

leofelix

Aaron

seeyaseb

Ginette Basile

Jerry Chance

dron

Richard Jongeling

Ali Eram

shaheen

Budy Sasongko

Hugo Santos

nk

trashmem

scottrade

ben Smith

next2222

王鑫

Hell Noire

Gladwell

Hong Meng

Justin Chen

Dean Gordon

Ken

S.Jaafar N. Ahmed

imran

Alex

---

100 x 1 Year RISING Antivirus 2008 + Firewall

Ishaan

Omar Shraim

blackcobra

Morpheus

Cat

gurmi

Syed

Devi

Bob

Suanne

f1tzy

Kees

Ernest Lang

Danilo

Erfan jok

Poosy

Joshua Kisorio Mutai

Bruno

kash

Brendan McMullan

Radu

MerleOne

Nathan4

nivek_hcerg

Jason Andrews

Andrew

clydeman

kris

labin

steve

nawarudin

zuraidah

Ross Fortune

Nicolas Velasquez

Harsh Gupta

draemdonck

Xeekder Novaritus

Muhammad

Tanju Engin

adigantengs

Phyllis

ankit pasi

chuy

helloakhtar

Matt Maltby

joeffrey

aircave

Andy Hayes

ACMPS

Akash

Joseph M. Nelson

Leland Whitlock

Steve Mills

Nick

Grant

Rico R. Palallos

Guseppe Luis Rumpaddi

iki

Kor Kats

David D

jana

Jason

denis

Safan

Piotr Nowacki

kevzz

Kirk James

Vikram Shivkumar

karel

sugang

Teri Hermans

eleuterio

swk_myy

dino (Comment #1408)

WJM

I am still in the midst of compiling the winners list. So do check back in a few hours to see if your name appears in the list 🙂 OK I’ve learned my lesson not to post all giveaways in one because I know that I will not be able to handle it. I roughly checked the lists and there should be leftovers license for RISING Antivirus 2008 + Firewall and Dr.Web Antivirus v5. I will reveal later how many are left and will be given away on first come first serve basis. Thank you all for your patience and happy holidays!

I bet everyone would like to play the latest games that comes with really nice graphics and animation but unfortunately not all of us have a computer configuration that is good to support modern games. Moreover those games are really huge and comes with multiple DVD discs. Even though you are able to find the download source, it will probably take you a couple of days to finish downloading it. If you would like to play games that are free and yet they don’t take too long to download, you can easily do so by using Game Downloader. Game Downloader saves you the trouble of searching for free games yourself from Google as it currently lists over 200 (207 to be exact) games that are free and open source while allowing you to easily download the game by clicking a button.


Game Downloader is a portable and very easy to use. All you need to do is run it, select the Category of the game that you would like to play, and the list of Games will be shown at the box. Selecting the game name will give you more information on the game at the About box. The icon shows if the game is for single player, multi player, playable online, requires an account with a short description, version number, file size and a small screenshot. From what I noticed, the game can be as small as 0.5MB to as big as 500MB. Game Downloader requires an active internet connection in order to refresh the latest list of games and categories directly from SourceForce’s servers.

If you have an interest on a particular game, you can click on the YouTube button to try to search if there are any video demo for the game. The Game Website button launches your default web browser and brings you to the official game website. Ready to play? Click on the Download Game button and Game Downloader will automatically download the game for you.

By default Game Downloader saves the downloaded game into the Downloads folder located at the same directory as the Game Downloaded.exe. If you want the game to automatically run when it has finished downloading, click on the Settings button and select Open Download File.

[ Download Game Downloader ]

Yesterday I went to one of my friend’s house to help him check on a problem with connecting to Windows Live Messenger. He was unable to connect to Windows Live Messenger for a few days already. All he got was an error message that says “Signing in to Windows Live Messenger failed because the service is temporarily unavailable. Please try again later. Error Code: 8100030d“. I really hate the error messages given by Windows Live Messenger because it is very unclear and there are no proper documentation for us to check.

I checked .NET Messenger Service Status and it said “All systems are stable and running.” Then I ran Connection Troubleshooter to conduct a series of tests to try to determine the cause of connection problem and it passed all basic Internet connectivity tests. I have a list of solution and one of it worked for my friend. So if you’re unable to connect to Windows Live Messenger and get the error code 8100030d, you can try the solutions.


1. First of all, make sure you have the latest version of Windows Live Messenger. Download the latest version here.

2. Check the date on your computer. 8100030d can be caused by wrong date on your computer.

3. Disable any firewall program such as ZoneAlarm, Norton Internet Security and etc. Reboot and try connecting again. Sometimes even after disabling firewall, it will still block your connection. Try uninstalling to verify that firewall isn’t causing the problem.

4. Check your Internet Explorer LAN settings. Open Internet Explorer, go to Tools > Internet Options > Connections tab > LAN Settings. If you’re not connecting using proxy, make sure that use proxy server is unchecked.

5. Check your Internet Explorer Security settings. Open Internet Explorer, go to Tools > Internet Options, Advanced tab, scroll to the Security section, and verify that “Check for server certificate revocation” is unchecked. Also verify that ‘Use SSL 2.0′ and Use SSL 3.0′ is checked.

6. Make sure Windows Live Messenger DLL are registered. Click Start, then Run, and enter the following command one by one and click OK.

regsvr32 softpub.dll
regsvr32 wintrust.dll
regsvr32 initpki.dll
regsvr32 MSXML3.dll

7. Delete the cache for Windows Live Messenger. Browse to the folder below and delete all files and folder inside them:

For Windows XP
C:\Documents and Settings\Username\Contacts\Messenger email
C:\Documents and Settings\Username\Local Settings\Application Data\Microsoft\Windows Live Contacts\Messenger Email

For Windows Vista
C:\Users\Username\Contacts\Messenger email
C:\Users\Username\AppData\Local\Microsoft\Windows Live Contacts\Messenger email

8. Reset your router. Power it off, wait for 2 minutes and turn it back on.

9. Try to connect to the Internet using another router, modem or even try to use cellular GRPS/3G connection to connect to the Internet. Then try to connect to Windows Live Messenger again.

10. Scan your computer for virus and spyware. It might be some nasty virus hijacking your Windows Live Messenger.

My friend’s Windows Live Messenger was able to connect from his computer after I’ve changed the existing router. I’m not sure why can a router be causing 8100030d error during Windows Live Messenger sign in… but if it is, you can try updating your router’s firmware first before throwing it away. Hope one of the solution above is able to help you connect to Windows Live Messenger without getting 8100030d error.

I really appreciate people who provide screenshot together with an explanation of the problem that they are experiencing when they get help from our forum. This enables everyone at the forum to understand the problem better and provide a more accurate solution to solve the problem. Since ImageShack is one of the most popular image hosting website where anyone can upload images for free, most of the time the screenshot ended up being uploaded there. You may have noticed that there are times you see an image of a frog being stuck in an ice cube with the message Domain Unregistered. To view, register at: bit.ly/imageshack-domain. Even if you copy the direct link and try to open it on your web browser, the same image will appear and auto forwarding you to the blocked_login.jpg image.

In order for ImageShack images to be displayed when embedded to a website, the domain will have to be registered with ImageShack for manual review and approval. I registered long ago and the restriction has been lifted on raymond.cc. I just tried visiting the ImageShack domain registration page and all I see is 403 Forbidden error. For a normal user, if someone sends you an ImageShack image in direct link, you will have to be a registered user in order to view it or else you’ll be redirected to the blocked_login.jpg image. Good news is I’ve discovered a simple trick to bypass this restriction so that you can view ImageShack direct link images without an account.


Here is an image which I’ve uploaded to ImageShack.

http://img525.imageshack.us/img525/8056/logobwu.png

Opening the link above directly on your web browser will show you the frog stuck on ice cube image. However if you login to ImageShack, you will be able to see the following image.

If you don’t want to register with ImageShack but still want to view the image hosted in ImageShack, the simple trick is to “reupload” the image to ImageShack or imgur using the URL or Web method.

Reupload to ImageShack
1. Go to www.ImageShack.us
2. Select url
3. Paste the ImageShack link to the box where it says “Paste image url here”.
4. Click Upload Now button and you should see the image

Reupload to imgur
1. Go to www.imgur.com
2. Click the Web button
3. Paste the ImageShack link to the box and click Upload.

imgur is a much better image hosting website compared to ImageShack. It’s simpler, fast and doesn’t have all those restriction in viewing direct link images. I would advice everyone to switch to imgur.

The only reason you need to update your BIOS is when your computer is having compatibility issues with other hardware or experiencing problems that are caused by a buggy version of BIOS. The saying “If it ain’t broke, don’t fix it” applies to updating BIOS and drivers. Downgrading BIOS is hardly what normally people do but there are times when the older BIOS version works better than the newer/current one and you need to downgrade.

I recently bought an OEM laptop battery for my Acer notebook and has been experiencing problems with it. First of all Windows 7 shows an error “No battery is detected” and the battery LED keeps on blinking orange in color. I sent the battery back and got a new replacement but still getting the same problem. Finally the battery seller/manufacturer told me that it is caused by the newer versions of Acer BIOS and I need to send my laptop back to the manufacturer to reset it back to the default factory version. The latest version BIOS for Acer TravelMate 6293 is v1.41 and the Acer support website allows me to download 4 versions that are older than the current version.


Fortunately flashing of BIOS is way easier now because you can do it directly in Windows. Many years ago you will need to use a boot disk such as DrDOS with NO drivers loading up in config.sys or autoexec.bat. Anyway I downloaded the older version of Acer BIOS that is made for my Acer TravelMate 6293 notebook and ran the Phoenix WinPhlash tool (WinPhlash.exe). By default the “Backup BIOS and Flash BIOS with new settings” is selected and all I need to do is click the Flash BIOS button.

The process of Load new BIOS, Analyze old and new BIOS compatibility, Read old BIOS, Save old BIOS to backup file has passed but upon reaching the final stage “Flash new BIOS”, an error message “The current system BIOS is the same version (or newer) than the version you are trying to flash, so the BIOS will not be changed” appears.

This is actually the extra security check by Phoenix WinPhlash tool to prevent users from downgrading BIOS. If you still want to downgrade, here is the trick.

1. Open the folder where the WinPhlash tool is located and edit the PHLASH.INI file with a text editor.

2. Look for the line Advanced=0 which is normally at the second line, change it to Advanced=1 and save.

3. Now run WinPhlash.exe and you will notice an extra “Advanced Settings” button at the top right of the program. Click on the Advanced Settings button.

4. Uncheck “Flash only if BIOS version is newer than system” and click OK.

Now you can successfully flash your BIOS with an older version without getting the error message. Again I would like to stress that normally you do NOT need to upgrade or downgrade your BIOS if everything is working fine on your computer.

It has been a long time since I have posted something about Kaspersky. This 6 months KAV2010 license promotion which I am about to post is not from any CD magazine promo but a legitimate collaboration between Kaspersky and Microsoft for Windows Live Messenger users. As long as you have a Hotmail or Live account, you are eligible for the free Kaspersky 6 months trial license.

First of all, this Kaspersky Anti-Virus 2010 activation code is a trial license and not a commercial one. If you have previously activated a trial license before, you cannot use this key. Secondly, this license is meant to to activate the Chinese version of the installer. If you try to activate it on the English setup, you will get the error “Activation code is not compatible with this application. It is impossible to activate Kaspersky Anti-Virus using the activation code for another application. Please, check your product.”

1. Open Windows Live Messenger and sign in to your Live account.

2. Add this email msn.help@live.cn to your Windows Live Messenger contact.

3. Visit http://kaba.msn.com.cn/

4. Copy the line that I have circled in red and send it as a message to msn.help@live.cn in your Windows Live Messenger. You should instantly receive a reply with the Kaspersky Anti-Virus 2010 activation code.

So far I’ve researched a total of 3 methods on how to change the Chinese interface into English. The first and second method uses the Chinese installer but switching the interface skin to English. The third method is the latest one which I’ve discovered on how to use the Chinese key to activate the English setup.

Important Note: Before proceeding in making any changes on the registry based on the steps below, you will have to first disable the Self-Defense option. You can do that by double clicking the Kaspersky icon at system tray, click at the top right icon and a window will open. At the left pane, click on the icon that looks like this , uncheck the first option and press ENTER key to close the window.

First method: Install Chinese version of KAV2010 and activate using the license code. Then at the registry, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\AVP9\environment\ and change the SkinSwitchDisabled value from 1 to 0. At the Kaspersky program, press Shift+F12 to instantly switch the skin from Chinese to English.

Second method: Go to HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\AVP9\environment\ and change the Localization value from sch to en.

Third method: Install Chinese version of KAV2010 and when asked to activate, close the window. Go to registry, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\AVP9\environment\ and note down the InstallBasesID value data. Uninstall Kaspersky Chinese and restart computer. Now install Kaspersky English, click Activate Later and click Next. Click Finish to Start Kaspersky Anti-Virus. Disable Self-Defense and exit Kaspersky by right clicking on the system tray icon and select Exit.

Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\AVP9\environment\ , change the InstallBasesID value data to the one that you noted down and also the localization from en to sch. Run Kaspersky and a window will appear with no text, two buttons and one dialog box. Enter the activation code to the only box and hit enter. When you see a window with only ONE checkmark, right click the Kaspersky tray icon and click the lowest selection to Exit. Finally, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\AVP9\environment\ and change the Localization value data from sch back to en. Run Kaspersky Anti-Virus 2010 and you have a valid 183 days license subscription.

The third method is very long and troublesome but I am just sharing the possibility of activating a Chinese license key on an English installer. The second method is the easiest although I’ve got reports from some people that it reverts back to sch after a few updates.

Kaspersky Anti-Virus 2010 (9.0.0.736) Chinese Installer: kav9.0.0.736_CF2_sch.exe
Kaspersky Anti-Virus 2010 (9.0.0.736) English Installer: kav9.0.0.736en.exe

I know a few people swears by Sandboxie is the ultimate tool to analyze malwares but it is very common for crypters and remote administration tools nowadays to have anti-sandbox module meaning whenever it detected that it is being analyzed or ran in sandbox environment, it will automatically terminate itself to prevent from being analyzed. If you’ve missed my previous article on why I test and analyze software from real windows environment, then you should read it first.

Today I received an email from Jerry sharing with me on a very useful addition to Sandboxie called Buster Sandbox Analyzer. Basically it is similar to online file behavior analyzers such ThreatExpert, Joebox, Anubis but with the help of Sandboxie, you can have the same function on your computer without wait time. Buster Sandbox Analyzer is a tool that has been designed to analyze the behaviour of processes and the changes made to system and then evaluate if they are malware suspicious. In order to use Buster Sandbox Analyzer, you have to correctly set up Sandboxie first, then only Buster Sandbox Analyzer would work perfectly.


The good thing about using Buster Sandbox Analyzer is it includes countermeasures against malwares detecting Sandboxie’s presence. So even if the malware contains anti-sandboxie code, you can still get to analyze the malware in Sandbox. Here’s a simple guide on how I set up Buster Sandbox Analyzer.

1. Download and install Sandboxie.

2. Download Buster Sandbox Analyzer and extract the RAR archive into C:\bsa\

3. Run Sandboxie Control, click Configure at the menu bar, and select Edit Configuration.

4. Your default text editor will open with [GlobalSettings], [DefaultBox] and [UserSettings_xxxxxxx]. At [DefaultBox], at the end of the line, add the 2 lines below and save it.

InjectDll=C:\bsa\log_api.dll
OpenWinClass=TFormBSA

It should look like the screenshot below.

5. To analyze a malware, go to C:\bsa\ and run bsa.exe. The most important thing to fill up here is the “Sandbox folder to check”. This is the path of where the Sandboxie contents are dropped to. To get this location, run Sanboxie Control, right click at Sandbox Defaultbox and select Explore Contents. A window explorer will now open, copy the path and paste it to the “Sandbox folder to check”.

6. Click the Start Analysis button and click “Delete Sandbox Folder contents and continue“.

7. Now drag the file that you want to analyze and drop it to Sandboxie Control window. By default the “DefaultBox” is selected and just click the OK button.

8. Go to Buster Sandbox Analyzer and you should see a lot of information at the API Call Log. When the API Call Log has stopped, go back to Sandboxie Control window, right click on Sandbox Defaultbox and select Terminate Programs. Click Yes to confirm the termination.

9. Again go back to Buster Sandbox Analyzer and click Stop Analysis button.

10. Then click Malware Analyzer button. There are 2 tabs on the Malware Behavior Analyzer Module which is the Malicious Actions and Details. The malicious actions tab tells you if the file that you analyzed has performed any malicious actions. As for the details tab, it shows a more detailed report on where is the file dropped, auto startup addition, injection, keylogger, connection and etc.

The results above is the analysis of the Cybergate RAT public version with “Anti Sandboxie” enabled. As you can see, the anti sandboxie feature for Cybergate RAT no longer works, thanks to Buster Sandbox Analyzer.

Update: I’ve left out how to hide Sandboxie. Fortunately you can follow the easy step-by-step guide on this page on how to use HideDriver to hide Sandboxie’s process. It would also help if you rename the default LOG_API.dll file to another one. You should also have WinPCap installed in order to run Buster Sandbox Analyzer for a correct network activity reporting.

Have you got your free ZoneAlarm Pro 2009 license yet? If not, please do because the offer is still valid! Anyway, I got to be honest that I was never a fan of ESET products (NOD32 or Smart Security). It boast to be very light in system resources but in fact there are other even lighter antivirus software. It also boast about their ThreatSense which is able to detect unknown virueses but since early this year until today, it still couldn’t detect the private trojan that I have when other antivirus such as Kaspersky and Avira can detect it.

However, if NOD32 Antivirus works great on your computer, do continue using it because having an antivirus program installed is better than having none. Since February I’ve been posting a lot about freebies on how to get genuine license for softwares but ESET products are the toughest one to get. I am very happy to be the FIRST to share with you a method to get a genuine free nod32 username and password that is valid for 3 months.


ESET NOD32 Antivirus is built on the award-winning ThreatSense engine which proactively detects and eliminates more viruses, trojans, worms, adware, spyware, phishing, rootkits and other Internet threats than any program available. It’s the ideal antivirus for Windows XP, and also runs smoothly on Windows legacy systems, MS-DOS, file servers, mail servers, and more.

ESET NOD32 Antivirus provides:

Proactive Protection: The award winning ThreatSense technology combines multiple layers of detection protecting you from Internet threats before it is too late.

Precise Detection: ESET accurately identifies known and unknown threats. It consistently wins top awards from testing labs and is recognized for having zero false positives.

Lightweight Design: Requires less memory and CPU power, allowing your computer to run fast, making more room for games, web browsing, and emailing.

Fast Scanning Speeds: Highly efficient program ensuring fast file scanning and product updates. It runs quietly in the background.

To get your free NOD32 username and password valid for 3 months, just follow the simple steps below.
1. Go to this page http://www.notebookplatformu.com/index.php?yon=register

2. Fill up the form. Parola means password, Ad / Soyad means your full name, E-posta means E-mail. As for the rest, you can simply select anything from the drop down menu. Click “Kayıt ol !” button when done.

3. You will get the legit ESET NOD32 Antivirus serial number highlighted in yellow at the next page. Note down the serial key.

4. Now go to this page http://www.eset.com/register/index.php to register and activate your NOD32 Antivirus. Enter the serial number that you received in step 3 and fill up the rest in the form. Click Submit button when done.

5. You will get your NOD32 username and password at the next page.

6. Now download the latest NOD32 Antivirus if you don’t have one installed. You’ll be prompted to login. Just enter the username and password that you got from step 5.

7. During installation, you’ll be prompted to enter the NOD32 Antivirus username and password for automatic update. Use the username and password that you got in step 5.

After getting a free nod32 username and password using the method above, you have to clear your web browser’s cache in order to get the next one. Otherwise it’ll just forward you to their mainpage when you try to access the offer page.

During idle, egui.exe takes up 6236K and ekrn.exe takes up 36320K. The memory usage for ekrn.exe process increased during computer scan but never goes more than 40000K. NOD32 took only 3 minutes and 27 seconds to scan 47907 objects. I consider that as fast but not as fast as Norton Antivirus 2009 which took only a little more than a minute. Unfortunately, ESET NOD32 Antivirus still unable detect the private trojan that I have. They sure need to improve their ThreatSense technology. Enjoy the free NOD32 username and password that works for 3 months. If the offer page is still available after 3 months, you can get more codes to continue using NOD32 for free. Enjoy!

When I was giving out free Norton Antivirus 2008 courtesy of Michael, I’ve got emails asking me whether can they change to different brand of antivirus license if they win it. Unfortunately no because the Norton Antivirus 2008 genuine serial number is given by Michael and he got it from Symantec. Other than that, I know there are many of you that missed the chance of obtaining free Kaspersky Anti-Virus license from the leak that I found. So here’s your chance because this month I will be giving out Kaspersky Antivirus genuine license to ONE of my lucky subscriber. This license is bought with my own money and not the one that I got for free.

If you didn’t know, Kaspersky has superior proactive detection! In the latest tests, Kaspersky Anti-Virus 7.0 was awarded the highest certification—Advanced+, which confirms the program has the highest level of detection of new malicious programs with minimal false positives using the antivirus program’s heuristic analyzer. Some malicious programs are very hard to remove from the computer, because they use various methods to mask their presence in the system (including via rootkits) and to avoid detection and removal by antivirus programs. So we need really good antivirus to protect our computer from viruses.

Here’s how to win the free Kaspersky Anti-Virus 7.0 license to protect you from viruses for 365 days.


As usual, I’m giving this free Kaspersky Anti-Virus 7.0 license to one of my subscribers. If you’ve subscribed, you already stand a chance to win. If not, just enter your email at the top right hand side and hit the subscribe button.

Next, you need to enter the random text characters and hit the Complete Subscription Request button. Finally, you need to check your email inbox for a verification message from FeedBurner’s “confirmations@emailenfuego.com” and click a link listed in this message to activate your subscription. If you got it right, you should see a message that says “Email Subscription Confirmed!” at your web browser. The lucky winner will be picked and announced next month.

Kaspersky Anti-Virus 7.0 is an award-winning antivirus software which protects your PC from viruses, Trojans, spyware, rootkits and other malicious programs. Reactive detection methods are combined with proactive technologies to provide balanced and effective security, while automatic updates ensure uninterrupted protection and peace of mind.