Rescue Your PC With Free Kaspersky Rescue Disk 10

Much of today’s malware is expert at hiding or camouflaging itself – making it both hard to detect, and obviously more difficult to remove. But, if you can get to malware before it has a chance to run live within the installed operating system – you have a real chance of detecting and eradicating the varmint.

This is where a Rescue Disk (Live CD), which I like to think of as the “SWAT Team” of antimalware solutions – comes into play. More often than not, a Live CD can help you kill malware DEAD!

It’s important to know though, not all antimalware Live CDs are in fact, “Rescue Disks”. And, not all “Rescue Disks” are in fact – antimalware Live CDs.

Kaspersky Rescue Disk 10, by far and away my antimalware tool of choice,  combines the best of both genres. Not only is is superb at identifying and removing malware but, with it’s onboard tool kit it, definitely qualifies as a Rescue Disk.

Note: Kaspersky Rescue Disk 10, is designed to scan, and disinfect, both 32 bit and 64 bit machines. As well, Kaspersky Rescue Disk 10 can be run from a USB device.

The following is a quick walkthrough using Kaspersky Rescue Disk 10 in both malware scanning and “tool kit” capacities.

Kaspersky Rescue Disk 10 is available for download as an ISO file only, which means – you must burn the ISO image file to a CD/DVD, and then boot the application from your CD/DVD drive. If you’re unsure as to how to setup your machine to boot from your CD/DVD drive, PC Support at About.com has an easy to follow tutorial – How To Boot From a CD, DVD, or BD Disc.

If you don’t know how to burn an ISO image, you’ll find instructions below.

At boot-up, Kaspersky Rescue Disk 10 runs through a fairly large number of routines so be patient until the main menu screen appears.

From the menu screen, run the update task which will update the anti-virus databases. Following which, you can then go to “Scan your computer” or….

Click on graphic to expand to original size.

…….. you can choose to configure the scan settings to your specific requirements.

Click on graphic to expand to original size.

As the application is scanning, you will be reminded of both the percentage of objects scanned and, an estimated time to completion.

Click on graphic to expand to original size.

The bonus features bolted on to Kaspersky Rescue Disk 10 include:

Konqueror Web Browser

The Konqueror web browser integrated into Kaspersky Rescue Disk can view websites and save the pages you have visited. You can view all visited pages after exiting Kaspersky Rescue Disk. By default, the Kaspersky Lab website is displayed in the browser.

Click on graphic to expand to original size.

Integrated File Manager and Registry Editor

The Integrated file manager will allow you to access the Hard Drive/s. As a last resort (if it comes to that),  you will be able to save your important files (any file for that matter), using this tool.

As well, using the Registry Editor, you will be able to view and change settings in your system registry,

Click on graphic to expand to original size.

Kaspersky Rescue Disk 10 is an extremely powerful tool, with many more capabilities than I’ve been able to cover in this short review. I’m more than a little surprised that it can be downloaded at no cost. A serious computer user would do well to have this application ready to go when faced with one of those –  O No!!, moments.

To read a blow-by-blow description of Kaspersky Rescue Disk vs. Malware, checkout guest writer Mark Schneider’s – A Lesson In Malware Removal Using Kaspersky Rescue Disk, here on this site.

System requirements: Windows XP (Service Pack 2 or higher), Vista, Windows 7  (32/64 bit support for all).

Download the ISO image file at: Kaspersky

If you’re unsure as to how to burn an ISO image file to a CD/DVD in order to create a bootable disk, here’s an easy method. In this illustration I’m using a freeware application CDBurner XP.

1)  Activate  CDBurner XP.

2)  Insert a blank CD/DVD into the CD/DVD drive.

3)  Click on “Burn ISO image”, which will open the write screen.

4)  Select kav_rescue_10.iso which will reside in the location in which you saved the file.

5)  Click on “Burn disc”

6)  Sit back and relax until the job is complete (2/3 minutes).

With Kaspersky’s Free TDSSKiller You’ll Have A Fighting Chance To Kill Rootkits

There’s malware, and then – there’s MALWARE. In other words, all malware is not created equal. For example, Rootkits are not your common everyday piece of malware.

Rootkits are often designed to overwrite the Hard Drive’s MBR (master boot record), the first sector – Sector 0 – where the code to boot the operating system following BIOS loading, resides.

As a consequence, Rootkit files and processes will be hidden in Explorer, Task Manager, and other detection tools. It’s easy to see then, that if a threat uses Rootkit technology to hide, it is going to be difficult to find.

And yes, I’m aware that major AV application developers are fond of pointing out that their products will flag and remove Rootkits. Users are expected to believe those claims – DON”T!

From a previous article (June 2011) –

Microsoft is telling Windows users that they’ll have to reinstall the operating system if they get infected with a new rootkit that hides in the machine’s boot sector. A new variant of a Trojan Microsoft calls “Popureb” digs so deeply into the system that the only way to eradicate it is to return Windows to its out-of-the-box configuration.

Scanning for Rootkits occasionally, is good practice and by scanning with the right tools, Rootkits can be hunted down and eradicated (maybe) – but  personally, I would never trust that any detection/removal application has successful removed a Rootkit.

If you have detected that your system has become infected by a Rootkit, I recommend that you first wipe the drive –  using a free tool such as Darik’s Boot And Nuke, reformat, and only then – reinstall the operating system.

Rootkit detectors can be difficult to work with and consequently, my good buddy Michael C., following the last post on Rootkit detection – Got A Rootkit Infection? – Find Out With These Four Free Rootkit Detectors – posed the following question: “Just wondering if there is a rootkit detector for us “average users” that doesn’t require a MIT degree.”

And, there is.

Kaspersky Labs has developed the free TDSSKiller utility which is designed to detect and remove common Rootkits. Specifically, Rootkits in the Rootkit.Win32.TDSS family (TDSS, Sinowal, Whistler, Phanta, Trup, Stoned) – in addition to regular Rootkits (now, there’s a misnomer), as well as Bootkits.

Usage instructions:

Download the TDSSKiller.zip archive and extract it into a folder on the infected (or possibly infected) computer with an archiver (free 7-Zip, for example).

Run the TDSSKiller.exe file.

The utility can detect the following suspicious objects:

Hidden service – a registry key that is hidden from standard listing.

Blocked service – a registry key that cannot be opened by standard means.

Hidden file – a file on the disk that is hidden from standard listing.

Blocked file – a file on the disk that cannot be opened by standard means.

Forged file – when read by standard means, the original content is returned instead of the actual one.

BackBoot.gen – a suspected MBR infection with an unknown bootkit.

The interface (as shown below) is clean and simple. Click on any of the following graphics to expand.

A scan in progress.

The completed scan shows the system is clean and free of Rootkit infections. You’ll note that the scan finished in 10 seconds.

Following the scan, you will have access to a full report – if you choose.

System requirements: Win 7, Vista, XP (both 32 and 64 bit systems).

Download at: Kaspersky

Since the false positive issue is always a major consideration in using tools of this type, you should be aware that tools like this, are designed for advanced users, and above.

If you need help in identifying a suspicious file/s, you can send the file/s to VirusTotal.com so that the suspicious file/s can be analyzed.

To read a blow by blow description of just how difficult it can be to identify and remove a Rootkit, you can checkout this Malwarebytes malware removal forum posting.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Using Kaspersky Rescue Disk 10 – A Quick Walkthrough

Much of today’s malware is expert at hiding or camouflaging itself – making it both hard to detect, and obviously more difficult to remove. But, if you can get to malware before it has a chance to run live within the installed operating system – you have a real chance of detecting and eradicating the varmint.

This is where a Rescue Disk (Live CD), which I like to think of as the “SWAT Team” of antimalware solutions – comes into play. More often than not, a Live CD can help you kill malware DEAD!

It’s important to know though, not all antimalware Live CDs are in fact, “Rescue Disks”. And, not all “Rescue Disks” are in fact – antimalware Live CDs.

Kaspersky Rescue Disk 10, by far and away my antimalware tool of choice,  combines the best of both genres. Not only is is superb at identifying and removing malware but, with it’s onboard tool kit it, definitely qualifies as a Rescue Disk.

Note: Kaspersky Rescue Disk 10, is designed to scan, and disinfect, both 32 bit and 64 bit machines. As well, Kaspersky Rescue Disk 10 can be run from a USB device.

The following is a quick walkthrough using Kaspersky Rescue Disk 10 in both malware scanning and “tool kit” capacities.

Kaspersky Rescue Disk 10 is available for download as an ISO file only, which means – you must burn the ISO image file to a CD/DVD, and then boot the application from your CD/DVD drive. If you’re unsure as to how to setup your machine to boot from your CD/DVD drive, TechPaul has an easy to follow tutorial – How to boot from a CD.

If you don’t know how to burn an ISO image, you’ll find instructions below.

At boot-up, Kaspersky Rescue Disk 10 runs through a fairly large number of routines so be patient until the main menu screen appears.

From the menu screen, run the update task which will update the anti-virus databases. Following which, you can then go to “Scan your computer” or….

Click on graphic to expand to original size.

you can choose to configure the scan settings to your specific requirements.

Click on graphic to expand to original size.

As the application is scanning, you will be reminded of both the percentage of objects scanned and, an estimated time to completion.

Click on graphic to expand to original size.

The bonus features bolted on to Kaspersky Rescue Disk 10 include:

Firefox

The Firefox web browser integrated into Kaspersky Rescue Disk can view websites and save the pages you have visited. You can view all visited pages after exiting Kaspersky Rescue Disk. By default, the Kaspersky Lab website is displayed in the browser.

In the following usage example, I have chosen to search Google for “malware help”. Let’s hope you’ll never have to do this but, if you need to you can – without having to boot back into Windows.

Click on graphic to expand to original size.

Internet configuration

By default, the web browser works with system proxy server. You can specify the proxy server settings when configuring the web browser. Since malware can often affect Internet settings, this feature can be an invaluable assist.

Click on graphic to expand to original size.

Integrated file manager

The Integrated file manager will allow you to access the hard drive/s – as the following screen capture shows. As a last resort (if it comes to that),  you will be able to save your important files (any file for that matter), using this tool.

Click on graphic to expand to original size.

Heuristic analyzer

Threat detection technology for threats that cannot be detected using Anti-Virus databases. It allows detecting objects suspected of being infected with an unknown virus or a new modification of the known viruses. This mechanism is fairly effective, and very rarely leads to false positives.

Kaspersky Rescue Disk 10 is an extremely powerful tool, with many more capabilities than I’ve been able to cover in this short review. I’m more than a little surprised that it can be downloaded at no cost. A serious computer user would do well to have this application ready to go when faced with one of those –  O No!!, moments.

To read a blow-by-blow description of Kaspersky Rescue Disk vs Malware, checkout guest writer Mark Schneider’s – A Lesson In Malware Removal Using Kaspersky Rescue Disk, here on this site.

System requirements: Windows XP (Service Pack 2 or higher), Vista, Windows 7  (32/64 bit support for all).

Download the ISO image file at: Kaspersky

If you’re unsure as to how to burn an ISO image file to a CD/DVD in order to create a bootable disk, here’s an easy method. In this illustration I’m using a freeware application CDBurner XP.

1)  Activate  CDBurner XP.

2)  Insert a blank CD/DVD into the CD/DVD drive.

3)  Click on “Burn ISO image”, which will open the write screen.

4)  Select kav_rescue_10.iso which will reside in the location in which you saved the file.

5)  Click on “Burn disc”

6)  Sit back and relax until the job is complete (2/3 minutes).

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Experts Galaxy – Kaspersky and Bitdefender License Giveaway

My good buddy Neeraj Rawat, over at the Experts Galaxy web site, is currently running a number of license giveaway contests. Checkout the site for more details.

From the site:

One More License Giveaway For Bitdefender Antivirus 2011 (1 Year)

Exclusive Kaspersky Internet Security 2012 One Year License Giveaway

Neeraj tells me that he has two more license giveaways scheduled in the coming weeks for Superantispyware and Zemana AntiLogger –two superb applications which I highly recommend.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Be Prepared – Japan Earthquake, Tsunami Spam, And Malware, On The Way

Experts Warn Of Japan Earthquake, Tsunami Spam

As the Pacific Rim braces for deadly Tsunami’s spawned by today’s magnitude 8.9 earthquake in Japan, the SANS Internet Storm Center says users should be on the lookout for a different kind of Tsunami: scam e-mail and Web pages looking to turn curiosity about the events in Japan into illicit gain.

The Internet Storm Center (ISC) issued a warning on its Web page Friday morning warning reader to expect “emails (sp) scams and malware circulating regarding the recent Japanese earthquake.”Examples of Tsunami-related spam have already shown up in spam filters, according to the Web site spamwarnings.com.

You can read more at Kaspersky’s ThreatPost here.

A Lesson In Malware Removal Using Kaspersky Rescue Disk

This past Sunday, I posted an article on the benefits of regular scanning with a “live CD” – Stay Malware Free (Hopefully!) – Scan With A “Live CD” Regularly. Which, reminded me of an excellent article (previously posted here), by my good buddy and fellow blogger, Mark Schneider, on working with Kaspersky Rescue Disk to eradicate malware.

There are some great pointers here, and I encourage you to re-read this terrific article. It’s well worth a re-read.

 

You find your computer getting slower and slower to boot, and when it finally does boot it’s so slow everything runs at a crawl. So you try running the antivirus you have and just get a message that says the definitions are out of date and you can’t connect to the update server.

Or you may find an annoying pop-up coming up every time you boot telling you PC Antivirus has found 70,278 infections and for $49.99 they will remove them for you. Well my friend, you are hosed! Your machine is so badly infected that you have to try desperate measures.

At this point you can try pulling your hard drive out of the machine and putting it in another mounting it as a slave, and using your other machine to try to clean it.

Another way to get this thing up and running is to try some kind of bootable rescue disk to clean it. Bootable rescue disks are bootable CD’s/DVD’s that contain small operating systems, with some preinstalled tools contained for repairing your computer.

When you turn on your computer hit F10 or F12, select your CD/DVD drive and your computer boots into an operating system contained on that CD. There are a lot of great rescue disks out there, the problem is most are very complicated, and some take forever to boot.

I found one great exception to this though. Kaspersky Labs, creator of the very capable Kaspersky Antivirus line of products has built a great free bootable rescue CD that is simple to use.

Unlike many other bootable rescue disks it has one purpose, to clean your system. To create a Kaspersky Rescue Disk, download the ISO image from this link , then burn the image to a CD.

Depending on what operating system you are using you may need to download a CD burning program if you don’t already have one. If you are running Windows 7 it has a built in, burning program that’s simple to use and works great. If you are running XP or Vista, I like Image Burn, or CD BurnerXP – both do a great job of burning .ISO images, and are free.

Once you have your rescue CD built, start your infected machine pushing F12/F10 to get it to the boot selection screen. Boot to the CD Rom drive as I stated earlier and relax, although faster than most rescue disks it’s hardly fast.

Follow the prompts and when it boots into the Kaspersky Rescue system you first need to update the virus definitions. Once updated do a scan, and go read the newspaper or get some coffee, it takes a while.

Once it completes the scan go ahead and let it remove or quarantine all the files it has found. I’ve never had it delete anything that caused the machine it was fixing not to boot. But of course before you do anything like this, BACK UP YOUR DATA!!!!! But you already did that so proceed.

Do the scan, remove the junk and log off Kaspersky. Just turning off your computer with the power button won’t hurt anything when you are running a rescue CD.

The reason rescue CD’s are so effective is, you’re not trying to disinfect a computer with an infected OS. When you boot to the hard drive of an infected machine, you’re playing on the bad guy’s home turf. They control the machine and in many cases they’ve hidden the infected files so your antivirus can’t see them.

There are other rescue disks out there and many are very complicated and take a very long time. The Kaspersky Rescue Disk is the fastest and easiest I’ve found to clean an infected machine enough to allow me to boot back into Windows and complete the process by adding my favorite automated antimalware tools to keep the system clean going forward.

Note: Kaspersky Rescue Disk 10 can be run from a USB device.

This is a guest post by Mark Schneider of the Techwalker Blog, who brings a background as a high level techie, to the blogging world.

Why not pay a visit to Mark’s site today.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Stay Malware Free (Hopefully!) – Scan With A “Live CD” Regularly

I’m regularly asked how often I scan my primary personal machine for malware. The answer is – as part of a layered security approach, I have a formal schedule which I stick to without fail.

Once a day, I quick scan the system drive with both Microsoft Security Essentials, and Malwarebytes’ Antimalware – making sure the databases are updated and current.

Running a quick scan with both these applications, takes less than 5 minutes. For example: Malwarebytes’ – 150,000 objects – 2 minutes and 30 seconds. Microsoft Security Essentials – 30,000 items – 1 minute and 18 seconds.

Much of today’s malware though, can be extremely difficult to identify and remove – despite a user relying on frontline antimalware applications to do the job. So, I don’t see any advantage in running full scans on a live system – instead, once a week I run a Linux-based antimalware application (a live CD), which scans from the outside looking in. Malware generally can’t hide if it’s not running.

I’ve come to rely on the following free live CDs, which I regularly alternate, to ensure (hopefully), I’m operating in a malware free zone.

Panda SafeCD

This useful utility comes in handy when you need to clean a malware infected machine. Or, as in my case, to ensure a machine is not infected. It is particularly useful for detecting and disinfecting malware infections which give regular AV products running within Windows a hard time.

Features include: Automatic detection and removal of all types of malware. Boot from CD or USB stick. Supports using updated signature files. Supports 13 languages. Supports both FAT and NTFS drives.

The download consists of an ISO. You can either burn this to a CD/DVD or alternatively, create a Boot USB stick by using something like the Universal Netboot Installer (UNetbootin).

Kaspersky Rescue Disk 10

Kaspersky Rescue Disk 10, is designed to scan and disinfect x86 and x64-compatible computers that have been infected. Particularly useful when the infection is at such level that it is impossible to disinfect the computer using anti-virus applications, or malware removal utilities, running under the operating system.

Note: Kaspersky Rescue Disk 10 can be run from a USB device.

Avira AntiVir Rescue System

Avira AntiVir Rescue System is a Linux-based application that allows you to access a system that cannot be booted anymore. Not only will this application scan the system for infections, but it can be used to repair a damaged system, or rescue data.

If you’re looking for an uncomplicated, reasonably quick booting alternative antimalware scanner/rescue CD, which will update the definition database automatically (assuming you’re connected to the Internet), any one of these freebies will do the job nicely.

In the constantly evolving world of cybercrime, all users are well advised to scan their computers regularly with an antimalware application that does not rely on the native operating system.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.