In my opinion, CaSIR has worked for me many times and never once created problems. If you are willing to try CaSIR in cleaning your computer, then please go ahead and purchase from Issam. If somehow it doesn’t work or created some problems, I am sure Issam is willing to go the extra mile to help you out.

This post will no longer accept any new comments.

#51: \”I intentionally hide such details for many reasons\”… See, I don\’t buy this. Every reputable AV vendor puts details on malware/virii on their website and/or their virus database. These details include what the malware alters in registry, which files does it create, which processes does it spawn, what else does it alter on your system, what kind of damage it can produce and what kind of information it might send out etc. OTOH, you tell the users *nothing*.

Your reason #1 is essentially bogus as it applies only to undocumented malware unknown to everyone else. How many such cases does you product cover? Honestly… I\’d say none.

Your reason #2 is a complete misunderstanding of what I\’ve said. I didn\’t want technical details on how your product changes registry entries or delete files or kill processes or whatever, thanks I know how to do that myself, and so do the malware authors apparently. I just want at least basic information about what\’s going to be done. And see – I\’d even have the information if you provided some more useful description of an issue rather than broad, nondescriptive claims. Security by obscurity is a completely broken concept that plain doesn\’t work.

Ad #3 – see above. I won\’t trust a product which says me \”Windows Firewall Disabled\” and the only thing it offers is a big \”Fix\” button. The above is NOT an infection per se, there\’s zillion of valid reasons why users disable it intentionally. \”Disabled Show System Files/Folders restriction\” is also no infection. And yet your product detects these and \”fixes\” them, without even telling anyone any details and explaining why this is a *real* problem as opposed to *legitimate* user configuration? Uh huh…

Your users are too computer-illiterate and wouldn\’t understand it? Fine, then do what everyone does, make it possible to run the thing in Basic and Advanced modes, with the former being the default… But don\’t treat your users like idiots who should trust blindly whatever your products tells.

So in short,the program tells you about infections,won’t tell you what and where,you pay 15 bucks for it to fix it.And you still don’t know what is fixing.I am still not calling it “rogue” because because Issam will take it personal.
Great tools for “n00bs with money”,so they can fix what is not broken.For people with little knowledge,I suggest we stick with the “not so effective” Anti Viruses.

@TeMerc,I have known you since sometime and I respect your guts calling a cat a cat.

I just pray to God,that “Winantivirus” won’t fix any of Raymond’s infections one day,and he will end up writing about it.If you know what i mean.

Regardless of who made it or what product it is for, it’s wrong, but if you’re a developer, it’s something you have to live with.

RKD – W32/SillyFDC-G

Am I supposed to give more details for every virus CaSIR detect? you can find more information about W32/SillyFDC-G worm if you just google it, even Kaspersky and other big Avs don’t give details about a detection, just the name of the virus and the path of the file but when you go search their website for the infection you usually face the “No more details about this threat”

Anyway, one of the activities this worm do is to put itself in startup with two registry entries, you can see that CaSIR reported this infection as RKD, if you follow the legend in CaSIR help page, you will see that it’s a “R-egistry K-ey to be D-eleted”, it’s one of of the two leftovers of W32/SillyFDC-G your AV doesn’t deal with, obvious, your AV had removed the worm body other wise CaSIR would report it as SFL (Single File to be deleted) too, your AV (like all AVs) do not remove the worm registry entry, CaSIR does!

Your log doesn’t seem to be that dangerous, If you have some experience with windows registry you can manage to remove those infections manually (but please be careful, backup your registry database before altering any thing), but if you are too lazy to do so, or you don’t know how to do so, you can purchase CaSIR and he will take care of them for you, that’s it.

Thank you dear sir very much for your real feedback

@Doktor Notor

#1
Again, and for the millionth time, you are using CNET version of CaSIR, I did my update days ago and CaSIR now (Sergiwa.com version) doesn’t give more than only one pop up screen to advice you to buy it, the reason why CaSIR opens an IE window is first to take you to the purchasing page, and second to at least give my website a hit if the you decided not to buy so I can then do my statistics and see how many users used the demo version of CaSIR, not only how many of them downloaded it from my website because I have a download counter of CaSIR on my website. The only ones I can’t know if they are using CaSIR are the ones who purchased CaSIR, the PIRATES, and the users who use PIRATED versions of CaSIR, because once you purchase (or crack) CaSIR, no pop ups or IE windows appear at all, isn’t that a fair enough?

#2
Please kindly read the explanation in my reply to TeMerc bellow, hope this will help

Thank you very much for your sincere feedback

@TeMerc
Again, if you just hadn’t included a technical question on your post I wouldn’t comment as (pardon me) I don’t feel ok when I talk with you and you KNOW why!

You still saying that I want pity? Have I ever asked you (or any one else) to donate for me? (you do, I can see that “make a donate” button on top of your home page) Have I ever beg you to buy my program? Have I ever ask you for alms for my kid? NO SIR, it’s only one thing as stated clearly earlier but you don’t seem to want to get it…

PLEASE DO NOT USE PIRATED VERSIONS OF MY PROGRAMS

It’s my RIGHT to ask you such a thing, you do NOT pity me when you do what I’m asking you, you have to, it’s the morality, the law, the religion, the humanity and all what make us humans makes you do so, and not the pity!

Yes I saw that log, but I thought it wasn’t yours (as the username says), there are three persons in there, are they all YOU with different usernames? I’m confused!

Anyway, as an MVP, you should tell what “Windows Firewall Disabled Infection” means, and as your Microsoft profile says (Your current computing activities focus primarily on malware) you should at least know how could a malicious object disable Windows Firewall or how to pass malicious files say through Windows Update? But I don’t want you to tell as there are many ways of disabling Windows Firewall. CaSIR is not for MVPs sir, it’s for normal users, engineers, architects, doctors, dentists, lawyers..etc who have no knowledge (or no time to have the knowledge) about computer science, set aside the most complicated branch of it; Malware, all they need is a program that can resolve their problem by only one single click! they should stick to the known application? Yes, they sometimes got cheated by new cheap developers? yes, but sir, not all new developers are that cheap!

As an MVP, you should know that a registry script (I’m not going to mention it and I guess you know why) of only three lines could disable your windows firewall in few milliseconds and allows malicious files to pass through windows update, your log shows that such a registry script (or an exe file) had previously applied such a script in your system registry, CaSIR doesn’t care who applied that script (either because your AV removed the script body, or your AV itself is the one that applied it to use it’s one firewall instead), CaSIR only informs you that the script had been applied and it’s still applied and you have to fix this problem and restore the registry entries to their default values, your AV doesn’t care to do that for you, CaSIR does!

So you got asked and you gave your opinion? okay, I’ll tell you what you (and your two friends if there are any) did and wrote on your own website and other websites which was far far away from being “only giving a honest opinion”

The topic started by a user who has a website that is devoted to promoting freeware and asked your opinion about CaSIR and you said that you didn’t read much into it yet but you will.

Another user came after that and stated this:
“The trial is a detect but not remove program. You have to purchase it to remove infections so it doesn’t class as freeware.“

At this point, and after this clear, objective and honest statement, the first person (the freeware guy) got his answer because I guess he just wanted to know whether CaSIR is freeware or not (as an owner of a website that is devoted to promoting freeware).

But you came (or one of your friends) and said: “That’s one strike against this thing.”

Oh God, What a hostile and irrational start!!! I’ve just known that if a program (any program) is not freeware then it is a strike against it!!!

lets see what was the “second strike”… you said:
“See any sort of details as to where exactly these infections are? Registry keys, files, folders?Hello?” and you posted the following log:

RKA – Disabled Windows Firewall Infection
           Buy to remove infection!
RKA – Disabled Windows Firewall Infection
           Buy to remove infection!
RKA – Disabled Windows Firewall Infection
           Buy to remove infection!
RKM – Disabled Show System Files/Folders restriction
           Buy to remove infection!
RKM – Disabled Show System Files/Folders restriction
           Buy to remove infection!
RKD – Default startup folder infection
           Buy to remove infection!
SFL – Trojan.Win32.Small.wv
           Buy to remove infection!
RKM – Worm.Win32.AutoRun.dkk (Ahsan Virus)
           Buy to remove infection!
RKA – Security Center Corrupted Settings
           Buy to remove infection!
RKA – Security Center Corrupted Settings
           Buy to remove infection!

You forgot to take a minute or two to read the software help page to know that…

RNP means Running Process
GFL means Group of Files
SFL means Single File
GFD means Group of Folders
SFD means Single Folder
RKM means Registry Key to be Modified
RKD means Registry Key to be Deleted
RKA means Registry Key to be Added
RSO means Regular System Optimization

Now you may ask me why you don’t see more details as to WHERE exactly these infections are? Ok I’ will answer you…

I intentionally hide such details for many reasons:

1. To prevent the other new developers from harvesting my own work and include them in their products (this happened to me many many times in the past without my permissions).
2. To prevent the sick people who name themselves “malware authors” from learning how to do the trick, because if you taught a malware author what and how to DISINFECT, he can easily reverse the process and use it to INFECT.
3. Normal users (whom CaSIR is intended for) don’t usually like programs that give too much details, they like the one who fix their problems with only one click and then shut up, they don’t even have time to read all that details, if they have, they would fix their problems manually why purchasing CaSIR!!!

Now lets move to the “third strike”, you said:
“Third strike, not much of a very large target list now is there“

This has been explained to you before, but you don’t seem to want to get it, those 155 targets are NOT how many malicious object CaSIR can remove, in fact, every one single target of them means thousands of malicious objects

I’ll give you an example: The “illegitimate System service Infection”, it’s counted by you as only one target right? No sir, I want to ask you, how many malicious objects in the wild use the trick of naming itself svchost.exe? of course thousands of them may be more, now take lsass.exe, services.exe, winlogon.exe, csrss.exe, smss.exe, inetinfo.exe, spoolsv.exe…..
CaSIR database has only 155 records but Kaspersky database has 1,001,351 records, does that mean that Kaspersky removes much much more than what CaSIR does? Of course yes, but not that too much you imagine, Kaspersky database includes thousands of records for malicious objects whose names are svchost.exe, lsass.exe, services.exe, winlogon.exe, csrss.exe, smss.exe, inetinfo.exe, spoolsv.exe… CaSIR briefs that huge number by only ONE TARGET! That is “illegitimate System service Infection” And that’s what makes CaSIR different!

Kaspersky uses the classic binary signature method, CaSIR uses the file names method beside the classic binary signature method (only when necessary), this gives CaSIR a huge advantage over Kaspersky in the scan speed, in few seconds CaSIR can detect any malicious object of these thousands because it goes DIRECTLY to them, Kaspersky needs hours to full scan your computer to detect them.

I’ll give you a practical example, lets take a NEW virus that is not included neither in Kaspersky database nor in CaSIR database, and lets say that the virus puts itself on system startup and creates it’s body in C:\whatever\ whatever\whatever\svchost.exe and it’s running and currently active.

Now do a full scan with Kasperksy, wait for bloody hours (depends on how huge your file system is) and then what? Oops! nothing detected!

Now run CaSIR, wait for two or three seconds (no matter how huge your file system is) and then what? BINGO! illegitimate System service Infection DETECTED, and REMOVED!

Now suppose that this virus is one of the nasty malware type that disable tens of Avs, Kaspersky will say buh-bye, and when you try to reinstall it, Oops! ERRORS, ERRORS!

Now run CaSIR, wait for a second or two, restart your computer and then try to install Kaspersky, BINGO!, the installation process started normally!

Lets now move to the “forth strike”, you (or one of your professional friends) said:
—————————–
Wtf are:
Disabled CCleaner Infection
Disabled RegClean Product Infection
Disabled SkyNet FireWall Infection<<<from Terminator movie?
Since when have infections begun to target utilities like this? I’ve not seen one.
SkyNet FireWall is from Terminator movie? Where do Jackie Chan come from then? What a low level of objectivity you have and and what a new type of professionals you are! Ok Forget the professional thing, couldn’t you just like any normal user google Sky NET Personal Firewall? To at least be honest and take your time to test, you would came up with this link:
http://www.matousec.com/projects/firewall-challenge/product-list.php
Scroll down or search for sky.net, you will find what I’m talking about!!! go download it and give it a try, it may be helpful, but oh, my mistake, it’s a Chinese product and I guess you don’t speak a word of Chinese, so leave it alone!

Have you ever heard about a worm called Win32.delf.cc and what it does to your computer? I guess not, this worm when infects your computer you will NEVER be able to RUN/INSTALL/REMOVE/REINSTALL any of more than 80 different security process that belong to the most well-known Avs (Symantec, Kasperksy, McAfee….) and other security tools and utilities like CCleaner, RegClean, HijackThis…. this worm is very old, and I wonder how come you don’t know it disables Ccleaner and RegClean and other utilities like this, all you did is to say: “I’ve not seen one!!!”, really? Ok I’ll make you meet one, I have that worm isolated here in my lap pc, if you want a copy of it for your tests just let me know, but be aware, this is very nasty one, it will even prevent you from booting in safe mode because once you attempt to do so the ugly face of the BSD will shows up. So if you want to remove it manually in safe mode I advice you not to do so, you will have nothing to do but booting in normal mode and looking at the worm stealing your private data and submits them to the worm author! you have nothing to do but to unplug yourself from the net until you find a solution, do you know what’s the solution, it is not one of that well-known Avs because the worm wont let you install any of them! YES sir, the solution is in the top of this page of raymond.cc; CaSIR! In only one minute your computer will be 100% free of this nasty!

Lets now move to the Fifth strike, you said:

“Take a look at some of the comments at Rays blog, Most are not very good.”

Most? Are you sure? Is that the honesty of the MVP? I don’t think so!

Lets move to the sixth strike, you (or one of your friends) said:
“It’s getting added to hpHosts with the FSA classification.”

Is this your way of judging any new program? you add the website of it’s developer to hpHosts thing with the FSA classification before even contact him to ask for more details? (forget that you’re too professionals to contact a fresh developer like me), before you even read the software instructions and help page? forget that, before you even think you might be dealing with something you have no idea about, Is that your professionalism?

Do you think that adding Sergiwa.com to hpHosts with the FSA classification affect my website reputation? Are you smarter than CNET team who hosted and tested my programs and found it free of malware? Are you smarter than Mcafee http://www.siteadvisor.com/sites/www.sergiwa.com team how had their tests of my website and found SAFE? Are you smarter than Kaspersky and all other well-known Avs that don’t use the FUD term who found my program free of malware!

Lets move to the seventh strike, you said:
“It would appear 9\33 av engines call this a number of different things I think he needs to recode that ^%$@# so’s it’s not flagged”

You know that’s because you scanned the CNET version which is packed and protected by ACProtect which appear to some Avs as suspicious, but when you knew you should scan Sergiwa.com version and you found that both VT and Jotti show low detection for it, you said:

“He’s obviously been pretty quick to re-pack/modify it to evade detection …..”

God, how could you say that? Where’s the objectivity? Where is the facts, the evidences!

At last the topic starter (who TRUST your judgment) came and read all what you said, what would he think and what would he say based on your lies about CaSIR?

He of course said:
“Thank you so much TeMerc. I hate it when they do that. It stinks!”

And I bit he didn’t even make his tests because he trusts you did it for him and you gave him the results of your “inventing the atomic bomb”!

And then he left!

What you call this TeMerc? Is it spitting venom on a new developer? I don’t think so, you are not that cheap, you’re professionals, but I can’t find a real reason of that “shower of the lies against CaSIR”, other wise it would be just an ignorance, but you (and your friends) are “REAL” professionals, you are far far away from being a bunch of ignorants, is it the venom thing sirs? Is it? no no it can’t be, I am just a fresh developer, you can’t envy a frsh developer, you are professionals, It must be something I have no idea about, Is it my race? Is it my religion? I don’t think so, it must be something else because race and religion has nothing to do with software developing! SIGH!

Anyways, you know what TeMerc guys? do you know how did you make me feel? I have being dreaming to be an MVP (for Microsoft) one day, it’s just a dream, we all dream, yes I have being dreaming to be an MVP one day, but an MVP that does not only means “Most Valuable Professional”, but also means a person who has the morality, the care about the other’s feelings, the objective way of using the facts to seek the truth, but after what you said and what you did, I thank God I am not an MVP, and I don’t want to be!

Thank you, and thank you all for reading and being patient