A friendly forum to get help and support
 
PortalPortal  HomeHome  GalleryGallery  FAQFAQ  SearchSearch  RegisterRegister  Log in  

Share | 
 

 Repeated warning

View previous topic View next topic Go down 
AuthorMessage
novice61
Royal Geek
Royal Geek
avatar

Number of posts : 52
Location : Nebraska
Registration date : 2009-05-02

PostSubject: Repeated warning   5/25/2009, 11:11

I'm quite sure that this subject has been hashed out in my absence, but it deserves another heads-up.

I spent more hours than I wanted to recently clearing a nasty Trojan from my niece's laptop. It was the "My Web Search" toolbar and the "Personal Anti-virus" that comes with it. Her IE browser had SIX TOOL BARS and very little viewing screen left. These install themselves when people don't uncheck those little boxes that offer up add-ons to downloaded programs and games. Even legitimate boxed programs often have these items as extra offerings that must be refused manually. Examine every screen during any installation for crapware add-ons. This particular nasty rode in with a game bundle that was downloaded for her kids, although I question letting little ones play on a new laptop.

I wouldn't mention this to the experienced group here except that it is so invasive and so difficult to remove. It is a "false positive" virus detector that reports numerous infections and demands expensive registration to fix them. It also has the ability to block removal by normal anti-virus programs and even block the downloading of additional tools from anti-virus web sites. Every security website that I tried was redirected to "about.blank" in the browser and it stopped McAfee and Trend Micro in their tracks. Since the toolbar is added to the browser, even working in safe mode didn't help.

The working fix seems to be loading a virus detector on a disk or thumb drive with a Linux application that can run from the disk. Even those who aren't Linux fans should have one of these handy for just such a task.
Back to top Go down
View user profile
wwe9112
Royal Geek
Royal Geek


Number of posts : 532
Age : 24
Registration date : 2008-10-23
Mood : mellow

PostSubject: Re: Repeated warning   5/25/2009, 11:17

I remeber when I had first joined I had my web search virus or what eve ryou call it, they are a true pain in the boo-tay!
Back to top Go down
View user profile
Repa
Site Administrator
Site Administrator
avatar

Number of posts : 2378
Location : North Carolina
Humor : Age: Older than Dirt!
Registration date : 2008-09-19

PostSubject: Re: Repeated warning   5/25/2009, 12:13

novice61 wrote:

The working fix seems to be loading a virus detector on a disk or thumb drive with a Linux application that can run from the disk. Even those who aren't Linux fans should have one of these handy for just such a task.

Keith, would you mind going into some detail as to how to set this up and do this, and what Linux and virus detector applications you used? Thanks.

I have posted warnings previously about the "add-ons" that frequently come with downloads now, and to look for them and uncheck them if you must do the download. I also try to find sites that provide downloads where this is less likely to occur and suggest using those sites. This is certainly one reason why any applications having automatic updates should have the automatic update feature disabled and do manual updates, with the exception of the well-known and trusted anti-virus and anti-spyware programs.

_________________
Repa
Back to top Go down
View user profile
pepperpot
Site Administrator
Site Administrator
avatar

Number of posts : 715
Age : 50
Location : Venezuela
Humor : I think I have one
Registration date : 2008-09-19
Mood : pensive

PostSubject: Re: Repeated warning   5/25/2009, 19:11

Repa wrote:
novice61 wrote:

The working fix seems to be loading a virus detector on a disk or thumb drive with a Linux application that can run from the disk. Even those who aren't Linux fans should have one of these handy for just such a task.

Keith, would you mind going into some detail as to how to set this up and do this, and what Linux and virus detector applications you used? Thanks.

I have posted warnings previously about the "add-ons" that frequently come with downloads now, and to look for them and uncheck them if you must do the download. I also try to find sites that provide downloads where this is less likely to occur and suggest using those sites. This is certainly one reason why any applications having automatic updates should have the automatic update feature disabled and do manual updates, with the exception of the well-known and trusted anti-virus and anti-spyware programs.

I am just as curious!!

And thanks to Repa I have made it a habit to check what are piggy backing on the progams I am downloading. Just the other day I downloaded CCleaner and it has goggle toolbar among other things.

As Rike says... "I am very reserved on giving up my brower's real-estated!"

lol!
Back to top Go down
View user profile
novice61
Royal Geek
Royal Geek
avatar

Number of posts : 52
Location : Nebraska
Registration date : 2009-05-02

PostSubject: Re: Repeated warning   5/25/2009, 22:11

I use DSL (damnsmall Linux) which is a complete OS that runs from removable media (CD, DVD, thumbdrive, etc). It can be downloaded free with no restrictions for use or distribution. The download is 50 mgb ISO that self extracts into 128 mgb of system RAM. Some included features are:
XMMS (MP3, CD Music, and MPEG), FTP client, Dillo web browser, Netrik web browser, FireFox, spreadsheet, Sylpheed email, spellcheck (US English), a word-processor (Ted), three editors (Beaver, Vim, and Nano [Pico clone]), graphics editing and viewing (Xpaint, and xzgv), Xpdf (PDF Viewer), emelFM (file manager), Naim (AIM, ICQ, IRC), VNCviwer, Rdesktop, SSH/SCP server and client, DHCP client, PPP, PPPoE (ADSL), a web server, calculator, generic and GhostScript printer support, NFS, Fluxbox and JWM window managers, games, system monitoring apps, a host of command line tools, USB support, and pcmcia support, some wireless support. I think the calculator in Windows probably takes more space than this entire OS.

Before thumb drives became dense enough to hold the OS and a virus detector, I used a mini CD that I carried in my wallet. Booting from this CD gave me complete access to any 32 bit FAT Windows system and many other OS's. Since Windows never boots, passwords and security are non existent and the files are open game. This is why physical security is as important as software security. Unless one has a need to boot from CD, DVD, or USB on a regular basis it is wise to disable boot from removable media in the system bios. It doesn't stop a pro, (or the average 12 yr old) but it adds a couple of steps that might make them think twice. Linux doesn't see NT files without an add on, but that is now easily incorporated on many thumb drives.

Even if the virus detector won't clean the system while in Linux, most will list the infected files so that you can delete or modify them as required. This is quite tedious and can be dangerous to the system, so it should be used as a last resort after Windows safe mode fails. It is also strongly suggested that one rename files with a standard convention that can be searched, such as ".old" instead of deleting them.
Back to top Go down
View user profile
Repa
Site Administrator
Site Administrator
avatar

Number of posts : 2378
Location : North Carolina
Humor : Age: Older than Dirt!
Registration date : 2008-09-19

PostSubject: Re: Repeated warning   5/26/2009, 00:29

Thanks, Keith. I take it that the virus detector has to be on the removable media as well? Which one(s) did you use that will run on Linux?

_________________
Repa
Back to top Go down
View user profile
fay47
Royal Geek
Royal Geek
avatar

Number of posts : 1480
Registration date : 2008-10-17
Mood : none

PostSubject: Re: Repeated warning   5/26/2009, 09:37

Keith,

You said Linux doesn't see NT files without an add on. So in order for the virus detector to work would I need the add on? How do I get the add on.

I don't have a thumb drive and was looking at some online. The ones I looked at didn't list Linus as a supported OS, so do I have to get a certain type thumb drive?

Fay
Back to top Go down
View user profile
novice61
Royal Geek
Royal Geek
avatar

Number of posts : 52
Location : Nebraska
Registration date : 2009-05-02

PostSubject: Re: Repeated warning   5/26/2009, 11:14

Re-reading my own post, I realize that I probably should start over. I must have been having an oldtimer's moment.

The Linux OS can be downloaded from here:

http://www.pendrivelinux.com/all-in-one-usb-dsl/

The site has full instructions for installing the OS on your media (min 64mgb). Any media that is, or can be, formatted to FAT32 will work. Many new drives ship with utilities installed for Windows. The utilities can be left if there is sufficient space. Otherwise, simply format the drive to a blank FAT32 state.

The virus scan must be done while booted in Windows. Placing the scanner on the drive with DSL is just convenient, but not necessary. Once the infected files and the problematic registry keys are identified a print out should be made. The system is then rebooted into the Linux OS where one can manipulate or delete the files listed by the scanner. THIS OFTEN REQUIRES EDITING THE WINDOWS REGISTRY KEYS. Stop here if you are not comfortable navigating and making changes to critical system files.

The scanner, Malwarebytes anti malware, is available here, with full instructions for "automated" recovery.

http://www.bleepingcomputer.com/virus-removal/remove-personal-antivirus

I found that more recent versions of the virus have mutated and now are seen by Windows as critical "system" files that are protected from deletion or change. This makes automated recovery impossible while Windows is running and the application will stop or hang. This is why one should have the Linux OS available. If the automated recovery works for you then use it by all means, and count yourself among the blessed. If not, print or manually copy the list of infected files detected by the application and reboot into the Linux OS.

If you are going to be working with NTFS formatted volumes you should include this utility on the removable media as well.

http://www.jankratochvil.net/project/captive/

The problem Linux has with NTFS is not in reading the files, but rather in "mounting" the volume that contains the files. Linux sees all devices and folders as "files", quite similar to early DOS versions. This utility simply mounts the NT volume into Linux OS's for use. There is a bit of command line work involved, but most here probably have the required experience from our old days of DOS and Basic. The commands are available for "copy / paste" at the download site also.

Each of the infected files should be renamed or deleted. I always rename the file extension to ".old" and run the system for a few days before deleting them. This assures that the file is available should it be required for the OS or an application. If this is the case, one can Google the file using the original extension and copy / paste it into the parent folder from the net. Never restore the original file back to it's folder using the original extension as it will likely reinfect your system.

Registry entries and keys should be changed to render them harmless. I do this by placing an "O" before the HKEY entry name. This stops Windows from recognizing the entry without deleting it. Use the same caution mentioned above and run the system a few days to check for adverse results before deleting the keys.
Back to top Go down
View user profile
Repa
Site Administrator
Site Administrator
avatar

Number of posts : 2378
Location : North Carolina
Humor : Age: Older than Dirt!
Registration date : 2008-09-19

PostSubject: Re: Repeated warning   5/26/2009, 16:12

Thanks for that explanation, Keith.

_________________
Repa
Back to top Go down
View user profile
angelface1961
Royal Geek
Royal Geek
avatar

Number of posts : 579
Location : Iron Range
Registration date : 2009-01-10
Mood : fine

PostSubject: Re: Repeated warning   5/26/2009, 20:52

Ok so from the elementary row...
1. the disk we are talking about are the kind you can burn for cds or a special kind?

2. Does this work with Vista? Since nothing seems to work easily with Vista

I have a friend who is now using Linux on his computer so am learning some from him, but it makes my head spin yet.
Back to top Go down
View user profile
fay47
Royal Geek
Royal Geek
avatar

Number of posts : 1480
Registration date : 2008-10-17
Mood : none

PostSubject: Re: Repeated warning   5/26/2009, 23:00

Keith,

You said
Quote :
Any media that is, or can be, formatted to FAT32 will work.

How would I know if a thumb drive could be fomratted to FAT32?

Fay
Back to top Go down
View user profile
novice61
Royal Geek
Royal Geek
avatar

Number of posts : 52
Location : Nebraska
Registration date : 2009-05-02

PostSubject: Re: Repeated warning   5/27/2009, 04:01

fay47 wrote:
Keith,

You said
Quote :
Any media that is, or can be, formatted to FAT32 will work.

How would I know if a thumb drive could be fomratted to FAT32?

Fay

I think all thumb drives will accept the formatting. It's best to clear all data from the drive before loading the ISO. You don't want some crapware app running in the background when loading an OS. The FAT32 probably isn't important and you can simply hook up the thumb drive while running Windows and right click it under "My Computer" to get to the format option. XP Pro should give you the option of formatting to FAT or NTFS, but Vista will only format NTFS.

For anyone interested in playing with Linux, the thumbdrive with DS Linux is an excellent way to get your feet wet. It doesn't require any changes to your hard drive or altering Windows. Just remember that it is extremely stripped down and not a good representation of a full Linux load. You can also load the OS to your hard drive and use it in a dual boot configuration. Once loaded, it will give you the opportunity to update and add to it's apps and features from the net. The guy that invented it is Swedish, so don't expect to see anything named in a logical manner and looking at 1000+ apps with foreign names is a challenge. Google is your friend.
Back to top Go down
View user profile
fay47
Royal Geek
Royal Geek
avatar

Number of posts : 1480
Registration date : 2008-10-17
Mood : none

PostSubject: Re: Repeated warning   5/27/2009, 08:54

HI Ketih,

I don't have thumb drive. I was thinking about getting one of the smaller ones just to try out the DS Linux. It is just that when I was looking at some thumb drives on the Intenet, where it listed the OS's, Linus was not mentioned. Now I am thinking that maybe that was becuase they were formatted in NTF - so maybe reformatting it in FAT32 - would make it so that LINUX would run on it. Does that sound correct?

But then I am a little confused. You said
Quote :
FAT32 probably isn't important
So then, are you saying the drive does not have to be formatted in FAT32? - So why would the jump drives I looked at not list Linux as a supported OS?.

Sorry but I am confused.

Fay
Back to top Go down
View user profile
novice61
Royal Geek
Royal Geek
avatar

Number of posts : 52
Location : Nebraska
Registration date : 2009-05-02

PostSubject: Re: Repeated warning   5/27/2009, 10:30

fay47 wrote:
HI Ketih,

I don't have thumb drive. I was thinking about getting one of the smaller ones just to try out the DS Linux. It is just that when I was looking at some thumb drives on the Intenet, where it listed the OS's, Linus was not mentioned. Now I am thinking that maybe that was becuase they were formatted in NTF - so maybe reformatting it in FAT32 - would make it so that LINUX would run on it. Does that sound correct?

But then I am a little confused. You said
Quote :
FAT32 probably isn't important
So then, are you saying the drive does not have to be formatted in FAT32? - So why would the jump drives I looked at not list Linux as a supported OS?.

Sorry but I am confused.

Fay

I seem to have developed a habit of offering too much information to the subject at hand and it is biting me on this. Very Happy I apologize for any confusion I may have interjected.

DSL resides on the thumb drive as an ISO image, which is universal to formatting. The compressed image is expanded into the system RAM upon boot up, from which it runs independent of the resident OS of the hard drive. The formatting of the drive only comes into play when one wishes to search or edit the contents of a NTFS volume, such as deleting infected files or registry keys. To edit NTFS files one would require a utility to make the files readable to DSL. If you just want to navigate the OS as a trial there is no need to worry about compatibility.

Many software and hardware suppliers don't "support" Linux even though they work perfectly well with the OS. Support, in this instance, indicates a lack of desire to hire and train personnel qualified in an OS that has so many variations and can be modified by the end user at it's core. This is a drawback to the acceptance of Linux in the non-techie market and has frustrated even seasoned Linux users at times.

If you are using Vista you have even more incentive to add a thumb drive to your system. Vista can use the blank area of the drive as RAM, which can greatly add to the speed of the system. I would advise at least a 2 gig thumb drive as the prices have dropped considerably in this area. This feature is carried over into Windows7 and I fully expect to see advances in USB speeds and capacity as the USB thumb drive has now morphed into solid state hard drives with no moving parts and access speeds that leave IDE drives in the dust..
Back to top Go down
View user profile
fay47
Royal Geek
Royal Geek
avatar

Number of posts : 1480
Registration date : 2008-10-17
Mood : none

PostSubject: Re: Repeated warning   5/27/2009, 20:05

Feel free to move this discussion to wherever it belongs.

I got a 2GB flash drive, went to:
http://www.pendrivelinux.com/all-in-one-usb-dsl/
;and tried following the instructions there.

Thought things were going ok. But when I tried the reboot, I got a message:
could not find kernel image: linux

What did I do wrong?

Fay
Back to top Go down
View user profile
novice61
Royal Geek
Royal Geek
avatar

Number of posts : 52
Location : Nebraska
Registration date : 2009-05-02

PostSubject: Re: Repeated warning   5/27/2009, 23:18

fay47 wrote:
Feel free to move this discussion to wherever it belongs.

I got a 2GB flash drive, went to:
http://www.pendrivelinux.com/all-in-one-usb-dsl/
;and tried following the instructions there.

Thought things were going ok. But when I tried the reboot, I got a message:
could not find kernel image: linux

What did I do wrong?

Fay

Did you extract the files to the thumb drive with an zip utility, or did you place the ISO image directly onto the drive?

If you want to try using Linux you should extract the files to the thumb drive and you will need "syslinux" on your hard drive. This is the basic core of Linux and it is universal to all the different flavors. Those instructions are on the Pendrive linux page you visited.

If you want to use the thumb drive for emergency repair and boot up you need the ISO image transferred to the drive in it's raw state. Windows actually creates an ISO image in RAM of every file it copies or moves and then extracts it to it's chosen location when you paste, discarding the ISO from RAM. Making an ISO image of an ISO image destroys the formatting and makes it unbootable, so the simple copy / paste or move to commands don't give the desired results. If you don't have a burner utility program that handles ISO images correctly Vista has "burn disk image" as an option in the right click context menu. It only appears when a "disk image" (ISO) is selected. In the subsequent screens you should find target choice dropdowns where you can select the thumb drive. The ISO will be copied in the raw to the drive and should be bootable.

A more complete (and probably more accurate) explanation and instructions can be found here;

http://www.damnsmalllinux.org/wiki/index.php/Install_to_USB_From_within_Windows
Back to top Go down
View user profile
fay47
Royal Geek
Royal Geek
avatar

Number of posts : 1480
Registration date : 2008-10-17
Mood : none

PostSubject: Re: Repeated warning   5/30/2009, 19:58

Hi Keith,

I followed the instructions at the website or at least I did what I thought they were saying. I down loaded 7-zip as they instructed and used it to extra the files to my thumb drive. I also installed syslinux on my hard drive.

My BIOS was already set to boot from USB and it apparently tried to boot because when I had the thumb drive inserted - I got the error I posted in my prior message.

I don't know anything about iso files I have never done anything with them. I don't remember seeing any file with a .ISO extension. About all I know about them is what little I read, that says they are normally a complete copy of a disk. I believe the file I downloaded had a .zip extension. The instructions said to extract to the the drive with 7-zip. So I downloaded 7-zip and did that.

Since I had to put syslinux on my hard drive - does that mean that I could only boot the thumb drive on a computer that had syslinux on it?

But, I got the error message trying to boot on my computer which did have syslinux.

I really just wanted to play with this a little bit and see if I could do it. I should have know it would not be that easy. My motto is NIES (nothing is ever simple) Hehe

I know you didn't start this thread to teach people about linux - so it is ok if you don't want to continue. I don't know how much time I'll have to play around with it anyway. Right now work is keeping me pretty stressed out. I just thought it might be nice to know how to boot up under linux and then play with it a little.


Fay
Back to top Go down
View user profile
novice61
Royal Geek
Royal Geek
avatar

Number of posts : 52
Location : Nebraska
Registration date : 2009-05-02

PostSubject: Re: Repeated warning   5/30/2009, 20:52

The problem we are running into is that our present objective isn't aligned with the original. It happens all the time and the best way to resolve it is to address the secondary objective individually.

If you are only wanting to try Linux a much better route would be a "live" CD or DVD. The thumb drive Linux distros were developed with severe size restrictions and are not a good example of the robust qualities of Linux. I think that Knoppix Linux would be a better choice and it runs from a CD or DVD. If you have a DVD burner I would suggest the DVD format. The download includes more features and is more user friendly to run.

With a live CD or DVD there is nothing more to do than to boot to the media. You can download Knoppix or order the DVD for under $2 here.

http://www.knoppix.net/
Back to top Go down
View user profile
fay47
Royal Geek
Royal Geek
avatar

Number of posts : 1480
Registration date : 2008-10-17
Mood : none

PostSubject: Re: Repeated warning   5/30/2009, 23:24

I may just put this aside for now and come back to it at a later time.

Thanks,
Fay
Back to top Go down
View user profile
Sponsored content




PostSubject: Re: Repeated warning   

Back to top Go down
 
Repeated warning
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» Are Tokens Afflicted by Solemn Warning?
» Machine Emperor vs Solemn Judgement/Warning
» Solemn Warning vs Delta Crow
» GB VS Warning
» Article #4 [Solemn Judgment and Solemn Warning]

Permissions in this forum:You cannot reply to topics in this forum
Geeks, Geeks and More Geeks :: Windows Computer Help :: Computer Security-
Jump to: