Tag Archives: removal

A Lesson In Malware Removal Using Kaspersky Rescue Disk

This past Sunday, I posted an article on the benefits of regular scanning with a “live CD” – Stay Malware Free (Hopefully!) – Scan With A “Live CD” Regularly. Which, reminded me of an excellent article (previously posted here), by my good buddy and fellow blogger, Mark Schneider, on working with Kaspersky Rescue Disk to eradicate malware.

There are some great pointers here, and I encourage you to re-read this terrific article. It’s well worth a re-read.

 

image You find your computer getting slower and slower to boot, and when it finally does boot it’s so slow everything runs at a crawl. So you try running the antivirus you have and just get a message that says the definitions are out of date and you can’t connect to the update server.

Or you may find an annoying pop-up coming up every time you boot telling you PC Antivirus has found 70,278 infections and for $49.99 they will remove them for you. Well my friend, you are hosed! Your machine is so badly infected that you have to try desperate measures.

At this point you can try pulling your hard drive out of the machine and putting it in another mounting it as a slave, and using your other machine to try to clean it.

Another way to get this thing up and running is to try some kind of bootable rescue disk to clean it. Bootable rescue disks are bootable CD’s/DVD’s that contain small operating systems, with some preinstalled tools contained for repairing your computer.

When you turn on your computer hit F10 or F12, select your CD/DVD drive and your computer boots into an operating system contained on that CD. There are a lot of great rescue disks out there, the problem is most are very complicated, and some take forever to boot.

I found one great exception to this though. Kaspersky Labs, creator of the very capable Kaspersky Antivirus line of products has built a great free bootable rescue CD that is simple to use.

image

Unlike many other bootable rescue disks it has one purpose, to clean your system. To create a Kaspersky Rescue Disk, download the ISO image from this link , then burn the image to a CD.

Depending on what operating system you are using you may need to download a CD burning program if you don’t already have one. If you are running Windows 7 it has a built in, burning program that’s simple to use and works great. If you are running XP or Vista, I like Image Burn, or CD BurnerXP – both do a great job of burning .ISO images, and are free.

Once you have your rescue CD built, start your infected machine pushing F12/F10 to get it to the boot selection screen. Boot to the CD Rom drive as I stated earlier and relax, although faster than most rescue disks it’s hardly fast.

Follow the prompts and when it boots into the Kaspersky Rescue system you first need to update the virus definitions. Once updated do a scan, and go read the newspaper or get some coffee, it takes a while.

Once it completes the scan go ahead and let it remove or quarantine all the files it has found. I’ve never had it delete anything that caused the machine it was fixing not to boot. But of course before you do anything like this, BACK UP YOUR DATA!!!!! But you already did that so proceed.

Do the scan, remove the junk and log off Kaspersky. Just turning off your computer with the power button won’t hurt anything when you are running a rescue CD.

The reason rescue CD’s are so effective is, you’re not trying to disinfect a computer with an infected OS. When you boot to the hard drive of an infected machine, you’re playing on the bad guy’s home turf. They control the machine and in many cases they’ve hidden the infected files so your antivirus can’t see them.

There are other rescue disks out there and many are very complicated and take a very long time. The Kaspersky Rescue Disk is the fastest and easiest I’ve found to clean an infected machine enough to allow me to boot back into Windows and complete the process by adding my favorite automated antimalware tools to keep the system clean going forward.

Note: Kaspersky Rescue Disk 10 can be run from a USB device.

This is a guest post by Mark Schneider of the Techwalker Blog, who brings a background as a high level techie, to the blogging world.

Why not pay a visit to Mark’s site today.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Comments

Filed under Anti-Malware Tools, Antivirus Applications, downloads, Free Anti-malware Software, Freeware, Guest Writers, Kaspersky, Linux, Malware Removal, Portable Applications, Scareware Removal Tips, Software, USB, Virus Repair Tools, Windows Tips and Tools

Norton Security Scan – Easy to Install But Just Try To Get Rid Of It!

As well as writing a great Blog (What’s On My PC),  popular guest writer Rick Robinette, often jumps in to help his readers with techno issues.

Here’s how Rick diagnosed, and solved, one reader’s problem with Norton Security Scan removal.

Hey Rick, there’s this Norton Security Scan thing that’s dug in like a tick and I can’t get rid of it… My computer is running dog slow!

Norton Security Scan

This was a recent subject in an email I received. Of course, my first thought and instinct as a techie, was malware…

The Good… I started researching Norton Security Scan and from what I found is that Norton Security Scan is a free legitimate app (by Symantec), that provides on-demand scanning and removal or repair of viruses, spyware and other malware. The virus definitions are updated when your computer is connected to the internet.  Ok, that did not sound too bad.

The bad… Further research indicates that Norton Security Scan has a tendency to piggyback onto your PC via other software installs (such as Adobe Shockwave Player).

From what I am reading you can opt out installing Norton Security Scan, via these other software installs, but through (in my opinion) trickery the check box to opt out is already checked. Most computer users will not know the difference; therefore, they continue the install of the app and Norton Security Scan comes along for the ride.  As a result, Norton Security Scan runs alongside your other installed security software and the end result is slow PC (and the potential for problems).

The bad… Once on your PC, this app really does dig in like a tick, is very difficult to remove through normal uninstall channels, will keep coming back; AND from what I am reading will use scare tactics to encourage you to buy other Symantec security products. Hmmmm… Sounds like the tactics used in a malware scareware attack…

A Possible Solution… Getting back to the problem at hand with removing Norton Security Scan… I emailed the person back and had them run the latest version of the Norton Removal Tool and the report I received back was that “I believe we got it…”.

This tool is engineered to remove various Norton products and hooks from your PC. During my research, I did find instances where registry edits and manual deletion of files/folders associated with Norton Security Scan may also be required.

Lessons Learned…

First Lesson: During any software install make sure you read everything closely during the installation steps to ensure you are installing only what you want to install. Being a seasoned software installer and tester, I have been finding more and more instances, during installation routines, where other second party apps are being installed and coming along for the ride. Sometimes the “opt out” for these apps are cleverly camouflaged.

Second Lesson: Any security apps that you have installed and you decide to uninstall them, make sure you visit the software products site to determine the removal process. Security apps, when installed (such as antivirus, antispyware, antimalware), are very complex and often require special tools to take them off of your PC. The normal uninstall process, built into Windows, typically will not do a thorough job.

This is a guest post by Rick Robinette, who brings a background as a security/police officer professional, and as an information technology specialist to the Blogging world.

Why not pay a visit to Rick’s site at What’s On My PC. Like me, you’re sure to become a frequent visitor.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

11 Comments

Filed under Anti-Malware Tools, Geek Software and Tools, Guest Writers, Slow Computer, Software, Symantec, Uninstall Tools, Utilities, Windows Tips and Tools

Download SUPERAntiSpyware Free – New True 64 Bit Edition

The long awaited 64 bit version of SUPERAntiSpyware is here. According to Director of Business Development, Mike Duncan –

“Version 4.38.1004 includes a blended 32/64-bit installer and true NATIVE 64-bit support. Our 64-bit support is the result of careful development and will allow SUPERAntiSpyware to remove actual 64-bit infections. Many other products claim to remove actual 64-bit infections, but will only remove 32-bit infections on 64-bit systems.

Additionally, version 4.38 includes our new “SUPERSetup” installer for lightening quick installations in Normal OR Safe Mode.  We’ve also built in command line switches for auto-deployment/registration and silent deployment.  In the spirit of continually improving SUPERAntiSpyware’ overall performance, the new version will also yield faster load times and faster definition parsing/updating times.”

The free version of this award winning program, is used by millions of people worldwide (30 Million at last count), to protect their computers. And why not? SUPERAntiSpyware is well known for its high malware detection rate.

A simple, intuitive, and easy to use interface makes SUPERAntiSpyware straightforward to setup, customize, and run, for both less experienced and expert users alike.

SuperAntispyware 1

One extra feature in this anti-malware product is particularly appealing; a repair function, which allows the user to recover settings frequently wrecked by malware, and which are often not recoverable despite removal of the malware process.

These settings include Internet connections, lost desktops, the ability to edit the registry and  access to the task manager which is often knocked out by a malware attack.

SuperAntispyware 2

I’ve been using SUPERAntiSpyware as a secondary scanner for years, and I have no hesitation in stating that this application deserves its reputation as a first class security application. SUPERAntiSpyware is fast, efficient, and effective, and I highly recommend that you add it to your security toolbox, as a secondary line of defense.

Note: Be sure to manually update the definition database, before running a scan.

SuperAntispyware 3

Fast facts:

Quick, Complete and Custom Scanning of Hard Drives, Removable Drives, Memory, Registry, Individual Folders and More! Includes Trusting Items and Excluding Folders for complete customization of scanning!

Detect and Remove Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, Hijackers and many other types of threats.

Repair broken Internet Connections, Desktops, Registry Editing, Task Manager and more with our unique Repair System! Spyware applications often disable system components to prevent removal – SUPERAntiSpyware resets and restores these items in seconds.

Quarantine items detected and removed for complete protection. Items in the quarantine may be restored to your computer if desired.

Detailed scan logs with complete information about detected and removed threats and their locations within your computer. Scan logs allow you to review scheduled scan results at any time.

Multi-Dimensional Scanning – SUPERAntiSpyware is a next generation scanning system that goes beyond the typical rules based scanning methods. Our Multi-Dimensional Scanning system detects existing threats as well as threats of the future by analyzing threat characteristics in addition to code patterns.

Process Interrogation Technology – SUPERAntiSpyware features our unique Process Interrogation Technology (PIT) that allows threats to be detected no matter where they are hiding on your system. Many new types of threats utilize “Rootkits” or “Kernel Drivers” to hide themselves to avoid detection by standard anti-spyware applications. SUPERAntiSpyware’s Process Interrogation Technology locates even the toughest of threats.

Frankly, I wouldn’t be without SUPERAntiSpyware in my anti-malware arsenal. This application kills tough malware – dead.

System Requirements: Windows 2000, XP, Media Center, Vista, Windows 2003, Windows 7.

Download at: Download.com

BTW, if you are currently running an older version of SUPERAntiSpyware it’s important to update to version 4.38.1004.

Important note: As a full fledged security application, with all of its features unlocked; real-time protection, scheduled scanning, and scheduled updating, SUPERAntiSpyware Professional Edition is very well priced at $29.95 USD.

On purchase, SUPERAntiSpyware offers a 30-day unconditional money back guarantee, if you are dissatisfied for any reason.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under Anti-Malware Tools, Don't Get Scammed, Don't Get Hacked, downloads, Free Anti-malware Software, Freeware, Software, Software Trial Versions, SUPERAntiSpyWare, Windows 7, Windows Vista, Windows XP

FreeFixer Revisited – Another Powerful Tool to Add to Your Anti-Malware Removal Arsenal

imageI’m a big fan of applications that have the power to dig into areas of the operating system including drivers, registry startups, registry keys, running programs, processes, browser plug-ins, and home page settings, etc.

This type of application can be expressly designed to search for malware infections, or, if  not designed to specifically do this, can be used creatively to effect the same result.

Experienced, and advanced computer users, are almost sure to be familiar with HijackThis, a very popular tool that does just that. There are alternatives however, and if you are an experienced or advanced computer user, and you’re looking for a free program as an alternative to HijackThis, then FreeFixer (last update April 28, 2010), is a free application that’s worth taking a look at.

The program operates as a detailed system analysis tool that can help you in the detection and removal of Hijackers, Spyware, Adware, Trojans, Worms, and other malware.

FreeFixer setup is simple, following which you will be taken to the start scan screen which explains in clear language, what the program does and equally as important; what it does not do.

The following screen shots are from my test system:

FreeFixer 1

On completion of the scan the results will be presented, broken down into categories, and you will then have the opportunity to remove entries that you consider unwanted, or malware.

FreeFixer 2

FreeFixer 4

The real benefit in running FreeFixer rather than HijackThis is; the option you have of following a “more info” link to FreeFixer’s database for information on a specific item. Available information includes,  digital signature data, and other users’ experience with the specific item, and more.

Known software and trusted Windows components are excluded from the scan, which reduces the workload substantially. You can now focus on the potential nasties.

As an added benefit, you can turn for advice to an active FreeFixer Group or online forum, where skilled users’ will analyze your submitted log file, and then guide you accordingly.

The graphic below, illustrates the type of help you can expect from the user group.

FreeFixer 6

Fellow security pros will recognize, that this user has been infected by the notorious rogue software application, Internet Security 2010, which has, amongst other things, disabled Windows Task Manager.

Recommendation: If you are an experienced, or an advanced computer user, and you’re looking for a program to strengthen your anti-malware resources, then FreeFixer is one that’s worth taking a look at.

System requirements: Windows 2000/XP/2003/20008/Vista/7. Runs on both 32- and 64-bit Windows.

Download at: Download.com

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

8 Comments

Filed under Anti-Malware Tools, Don't Get Hacked, Free Anti-malware Software, Freeware, Geek Software and Tools, Malware Removal, Software, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Download SUPERAntiSpyware Free Edition – Kill Tough Malware

malware 5 Yesterday, I mentioned that I run Malwarebytes’ Anti-Malware every day, as a secondary malware scanner, since there is no one anti-malware tool that is likely to identify and remove all of the Trojans, Spyware, Viruses, and other threats, we now face.

I also mentioned – there’s no harm in installing more than one antimalware application to be used as a secondary scanner, and that doing so, can be advantageous.

In addition to running a daily quick scan with Malwarebytes’, I run a daily quick scan using the free edition of SUPERAntiSpyware. The free edition of SUPERAntiSpyware ( updated February 18, 2010), is an excellent choice, as a (primary or additional), secondary malware scanner.

The free version of this award winning program, is used by millions of people worldwide to protect their computers. And why not? SUPERAntiSpyware is well known for its high malware detection rate.

A simple, intuitive, and easy to use interface makes SUPERAntiSpyware straightforward to setup, customize, and run, for both less experienced and expert users alike.

SuperAntispyware 1

One extra feature in this anti-malware product is particularly appealing; a repair function, which allows the user to recover settings frequently wrecked by malware, and which are often not recoverable despite removal of the malware process.

These settings include Internet connections, lost desktops, the ability to edit the registry and  access to the task manager which is often knocked out by a malware attack.

SuperAntispyware 2

Since SUPERAntiSpyware (Free Edition), does not provide real time protection against infection, I don’t recommend that you use this free version of as a stand alone security application since it simply will not offer you adequate protection. Instead, use it only as an on-demand scanner.

I’ve been using SUPERAntiSpyware as a secondary scanner for years, and I have no hesitation in stating that this application deserves its reputation as a first class security application. SUPERAntiSpyware is fast, efficient, and effective, and I highly recommend that you add it to your security toolbox, as a secondary line of defense.

Note: Be sure to manually update the definition database, before running a scan.

SuperAntispyware 3

Fast facts:

Quick, Complete and Custom Scanning of Hard Drives, Removable Drives, Memory, Registry, Individual Folders and More! Includes Trusting Items and Excluding Folders for complete customization of scanning!

Detect and Remove Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, Hijackers and many other types of threats.

Repair broken Internet Connections, Desktops, Registry Editing, Task Manager and more with our unique Repair System! Spyware applications often disable system components to prevent removal – SUPERAntiSpyware resets and restores these items in seconds.

Quarantine items detected and removed for complete protection. Items in the quarantine may be restored to your computer if desired.

Detailed scan logs with complete information about detected and removed threats and their locations within your computer. Scan logs allow you to review scheduled scan results at any time.

Multi-Dimensional Scanning – SUPERAntiSpyware is a next generation scanning system that goes beyond the typical rules based scanning methods. Our Multi-Dimensional Scanning system detects existing threats as well as threats of the future by analyzing threat characteristics in addition to code patterns.

Process Interrogation Technology – SUPERAntiSpyware features our unique Process Interrogation Technology (PIT) that allows threats to be detected no matter where they are hiding on your system. Many new types of threats utilize “Rootkits” or “Kernel Drivers” to hide themselves to avoid detection by standard anti-spyware applications. SUPERAntiSpyware’s Process Interrogation Technology locates even the toughest of threats.

System Requirements: Windows 2000, XP, Media Center, Vista, Windows 2003, Windows 7. (According to the developer, SUPERAntiSpyware will work in 32-bit mode under 64-bit versions of Windows. A native 64-bit edition will be available later this year).

Download at: SUPERAntiSpyware

A free SUPERAntiSpyware Portable Scanner is also available.

Download at: SUPERAntiSpyware

Important note: Virtually all free security applications are programmed to autostart after installation, so be aware of this, and make the necessary adjustments using MSConfig.

As a full fledged security application, with all of its features unlocked; real-time protection, scheduled scanning, and scheduled updating, SUPERAntiSpyware is very well priced at $29.95 US.

On purchase, SUPERAntiSpyware offers a 30-day unconditional money back guarantee, if you are dissatisfied for any reason.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

11 Comments

Filed under Anti-Malware Tools, cybercrime, Don't Get Scammed, Don't Get Hacked, downloads, Free Anti-malware Software, Free Security Programs, Freeware, Portable Applications, Software, System Security, USB, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

FastStone Image Viewer – Browser, Converter and Editor – Supports All Major Graphic Formats (and then some)!

FastStone Image Viewer (updated November, 2009), is one of my favorite photo applications, with good reason. It’s not just a viewer, but an image browser, converter, and an editor as well. You’ll find the interface intuitive and very easy to use.

This program is loaded with features including, renaming, cropping, color adjustments, lossless JPEG transformation, drop shadow effects, image frames, scanner support, histogram and much more.

image

With FastStone installed you’ll have support for all major graphic formats including (BMP, JPEG, JPEG 2000, animated GIF, PNG, PCX, TIFF, WMF, ICO and TGA) and popular digital camera RAW formats (CRW, CR2, NEF, PEF, RAF, MRW, ORF, SRF and DNG).

image image

Quick Facts:

True Full Screen viewer with image zoom support and unique fly-out menu panels

Crystal-clear and customizable one-click image magnifier

Superior Red-Eye effect removal/reduction with completely natural looking end result

Image modification tools: Resize/resample, rotate/flip, crop, sharpen/blur, brightness/contrast, etc.

Eleven resampling algorithms to choose from when resizing images

Image color effects: gray scale, sepia, negative, Red/Green/Blue adjustment

Image special effects: watermark, annotation, drop shadow, framing, bump map, lens, morph, waves

Draw texts, lines, highlights, rectangles, ovals and callout objects on images

Multi-level Undo/Redo capability

One-touch best fit/actual size image display support

Image management, including tagging capability, with drag-and-drop and Copy To/Move To Folder support

Histogram display with color counter feature

Compare images side-by-side (up to 4 at a time) to easily cull those forgettable shots

Image EXIF metadata support (plus comment editing for JPEGs)

Configurable batch processing to convert/rename large or small collections of images

Slideshow creation with 150+ transition effects and music support (MP3, WMA, WAV…)

Create efficient image attachment(s) for emailing to family and friends

Print images with full page-layout control

Create fully configurable Contact Sheets – just like the pros (and save $$$ on ink)

Create memorable artistic image montages from your family photos for personalized desktop wallpapers (Wallpaper Anywhere)

Acquire images from a scanner

Versatile screen capture capability

Powerful Save As interface to compare image quality and control generated file size

Run favorite programs with one keystroke from within Image Viewer

Offer portable version of the program which can be run from a removable storage device

Configurable mouse wheel support

Support multiple program skins

Support dual-monitor configurations

System requirements: 32 bit Windows – XP, Windows Vista, Windows 7

Download at: Download.com

This really is an incredible application and I often wonder why it’s still free. The author does ask for a donation, if you find the application useful. This is an application that’s worth supporting so please, consider doing so.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

6 Comments

Filed under Digital Media, downloads, Free Photo Applications, Freeware, Graphic Software, Image Editors, Multimedia Tools, Software, Windows 7, Windows Tips and Tools, Windows Vista, Windows XP

Kaspersky Rescue Disk – The Ultimate Malware Solution?

Guest writer Mark Schneider gives you some very important pointers on how to kill malware dead, with a great free tool – Kaspersky Rescue Disk.

image You find your computer getting slower and slower to boot, and when it finally does boot it’s so slow everything runs at a crawl. So you try running the antivirus you have and just get a message that says the definitions are out of date and you can’t connect to the update server.

Or you may find an annoying pop-up coming up every time you boot telling you PC Antivirus has found 70,278 infections and for $49.99 they will remove them for you. Well my friend, you are hosed! Your machine is so badly infected that you have to try desperate measures.

At this point you can try pulling your hard drive out of the machine and putting it in another mounting it as a slave, and using your other machine to try to clean it.

Another way to get this thing up and running is to try some kind of bootable rescue disk to clean it. Bootable rescue disks are bootable CD’s/DVD’s that contain small operating systems, with some preinstalled tools contained for repairing your computer.

When you turn on your computer hit F10 or F12, select your CD/DVD drive and your computer boots into an operating system contained on that CD. There are a lot of great rescue disks out there, the problem is most are very complicated, and some take forever to boot.

I found one great exception to this though. Kaspersky Labs, creator of the very capable Kaspersky Antivirus line of products has built a great free bootable rescue CD that is simple to use.

image

Unlike many other bootable rescue disks it has one purpose, to clean your system. To create a Kaspersky Rescue Disk, download the ISO image from this link , then burn the image to a CD.

Depending on what operating system you are using you may need to download a CD burning program if you don’t already have one. If you are running Windows 7 it has a built in, burning program that’s simple to use and works great. If you are running XP or Vista, I like Image Burn, or CD BurnerXP – both do a great job of burning .ISO images, and are free.

Once you have your rescue CD built, start your infected machine pushing F12/F10 to get it to the boot selection screen. Boot to the CD Rom drive as I stated earlier and relax, although faster than most rescue disks it’s hardly fast.

Follow the prompts and when it boots into the Kaspersky Rescue system you first need to update the virus definitions. Once updated do a scan, and go read the newspaper or get some coffee, it takes a while.

Once it completes the scan go ahead and let it remove or quarantine all the files it has found. I’ve never had it delete anything that caused the machine it was fixing not to boot. But of course before you do anything like this, BACK UP YOUR DATA!!!!! But you already did that so proceed.

Do the scan, remove the junk and log off Kaspersky. Just turning off your computer with the power button won’t hurt anything when you are running a rescue CD.

The reason rescue CD’s are so effective is, you’re not trying to disinfect a computer with an infected OS. When you boot to the hard drive of an infected machine, you’re playing on the bad guy’s home turf. They control the machine and in many cases they’ve hidden the infected files so your antivirus can’t see them.

The rescue CD can scan your boot sector, and you hard drives from the outside looking in. The malware doesn’t have a chance to hide if it’s not running. It’s become the first step I now use when I’m dealing with an infected machine.

There are other rescue disks out there and many are very complicated and take a very long time. The Kaspersky Rescue Disk is the fastest and easiest I’ve found to clean an infected machine enough to allow me to boot back into Windows and complete the process by adding my favorite automated antimalware tools to keep the system clean going forward.

This is a guest post by Mark Schneider of the Techwalker Blog, who brings a background as a high level techie, to the blogging world.

Why not pay a visit to Mark’s site today.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

30 Comments

Filed under Anti-Malware Tools, Don't Get Scammed, Don't Get Hacked, downloads, Free Security Programs, Freeware, Malware Removal, Software, System Security, Viruses, Windows Tips and Tools, worms