Simon & Jun life journey

icthis.exe trojan/backdoor

Today one of my customer PC infected lot of spyware and most of it can be removed using spyware doctor as this software is really pro in cleaning spyware. The system is extremely slow and the system keep popping up those advertisement pop-up on the screen plus the task bar there have an icon displaying info box said “your computer is infected with a lot of spyware and download this software to clean your pc” but the program itself is a spyware… so nice it.

I check the task manager to see any  unknown program running beside those normal program that we seen running on win XP, then i spotted 2 misc program running called “icthis.exe” and “icmnrt.exe”. It does not look familiar to a clean system, so i do a Google search to find what is this little program do and it come out is a trojan/backdoor program then i find for solution to clean/remove it from the system since spyware doctor doesn’t get rid of it.

Get into techguy forum where someone had request for a solution to get rid of the program and one of the Distinguished Member have solution for it and it really works with very simple steps written there. The following is the guide that i copy out for reference:-

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Next, please reboot your computer in Safe Mode by doing the following :

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, a menu with options should appear;
• Select the first option, to run Windows in Safe Mode, then press “Enter”.
• Choose your usual account.

Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press “Enter” to delete infected files.

You will be prompted: “Registry cleaning - Do you want to clean the registry?”; answer “Yes” by typing Y and press “Enter” in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer “Yes” by typing Y and press “Enter”.

The tool may need to restart your computer to finish the cleaning process; if it doesn’t, please restart it into Normal Windows.

A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.

The report can also be found at the root of the system drive, usually at C:\rapport.txt

Warning: running option #2 on a non infected computer will remove your Desktop background.

This SmitFraudfix not only fix this trojan/backdoor as it can fix others, please refer to this website.

  Source : TechGuy | SmitFraudFix

Firefox 3 beta 1

Firefox 3 releasing beta version 1 is for testing purpose only and can’t wait to try it out as the version 2.0 really lag my system down. Beside low memory usage they have gain a lot of improvement on the security, ease of use and make it more personal.

More Security

• One click site info: Click the site favicon in the location bar to see who owns the site. Identity verification is prominently displayed and easier to understand. In later versions, Extended Validation SSL certificate information will be displayed.
• Malware Protection: malware protection warns users when they arrive at sites which are known to install viruses, spyware, trojans or other malware. You can test it here (note: our blacklist of malware sites is not yet activated).

 Easier to Use

• Easier password management: an information bar replaces the old password dialog so you can now save passwords after a successful login.
• Simplified add-on installation: the add-ons whitelist has been removed making it possible to install extensions from third-party sites in fewer clicks.
• New Download Manager: the revised download manager makes it much easier to locate downloaded files.
• Resumable downloading: users can now resume downloads after restarting the browser or resetting your network connection.

Improved Performance

• Reliability: A user’s bookmarks, history, cookies, and preferences are now stored in a transactionally secure database format which will prevent data loss even if their system crashes.
• Speed: Major architectural changes (such as the move to Cairo and a rewrite to how reflowing a page layout works) put foundations in place for major performance tuning which have resulted in speed increases in Beta 1, and will show further gains in future Beta releases.
• Memory usage: Over 300 individual memory leaks have been plugged, and a new XPCOM cycle collector completely eliminates many more. Developers are continuing to work on optimizing memory use (by releasing cached objects more quickly) and reducing fragmentation.

You can download from this link or more on the release notes.

Source :  Mozilla |  Softpedia

Firefox 2 takes up memory

Did you guys notice that Firefox 2.0 released a lot of upgrade and it still consume a lot of memory usage. I open 2 tab to surf and it already takes up 75 mb memory, sometimes it takes up more and make my system lag.

Because of that, I plan to test the Firefox 3 beta 1 and a lot of people mention is faster and does not takes up more memory. I go ahead to Google and search for the installer and get it downloaded from here , then install straight after downloaded and everything run smoothly with all the bookmark and setting imported from earlier version. Good thing is it does not overwrite the previous version, that’s mean you will have 2 copy of Firefox on your rig.

Here is the memory usage on the Firefox 3 beta 1 after i open 5 tabs browsing, compare to previous version if I have open 5 tabs it takes about 100 ++ Mb memory.

Source : Mozilla

PrimoPDF v3.1

FREE! Convert to PDF from any application by simply ‘printing’ to the PrimoPDF® printer - it couldn’t be easier! Within minutes, you can create high-quality PDFs by converting from Word, Excel, and virtually any other printable file type.

• Completely FREE PDF Converter - not just a trial version.
• Print to PDF from virtually any Windows® application.
• Create PDF output optmized for print, screen, ebook, or prepress.
• No annoying pop-up ads, no registration requirement - no catch!
• High-quality, easy to use PDF creator for all users.
• New! Ability to merge PDF files upon conversion.
• New! Now supports Windows Vista.

Source : PrimoPDF

FileZilla 3.0.2.1 released

FileZilla, the free FTP client solution for Windows and Linux. It also have FTP Server solution for window platform and the current client version support Vista too.

Source : FileZilla