When to do this? In cases you can't boot in Windows and don't have a Windows bootable repair disc.
Saturday, February 7, 2015
How to fix a corrupt HDD in Linux
How to fix a corrupt HDD in Linux
When to do this? In cases you can't boot in Windows and don't have a Windows bootable repair disc.
When to do this? In cases you can't boot in Windows and don't have a Windows bootable repair disc.
.png)
Thursday, January 29, 2015
How to Uninstall Shadow Defender without a password.
·
Boot with a Live CD/DVD/USB
·
Rename all files named diskpt0.sys located at the root
directory of all HDDs (ex. diskpt0.sys.bak)
 |
| Rename diskpt0.sys |
·
Rename Shadow Defender folder (ex. Shadow Defender 2)
 |
| Rename Shadow Defender folder |
·
Reboot the PC
·
Rename Shadow Defender 2 back to Shadow Defender
·
Uninstall and reboot
·
Delete all diskpt0.sys.bak
·
Delete all left over Shadow Defender folders
·
Run CCleaner and Scan for Issues
Please join me at Pinoy Tech RAMBO
Monday, January 12, 2015
Advanced SystemCare Pro
Advanced System Care 8 Pro (3 months)
Convert ASC 8 from Free to Pro.
Instructions:
- Download ASC 8 Free using the above link
- Install
- Try to Uninstall ASC 8. It will give you an offer to try ASC 8 Pro for three months.
 |
| Click Get Advanced SystemCare Pro for FREE |
 | |||
| Click OK |
- Now you have a 3 month license of the Pro Version
 |
| ASC 8 Pro |
Tuesday, January 6, 2015
Ultimate Guide in Removing VBS Worms
Ultimate Guide in Removing VBS Worms
In this tutorial, I'll be talking about a quick way of removing computer malware specifically the VBS worms. Removal involves the following steps:
- Terminating the malicious process
- Removal of the startup entries associated with the worm
- Deletion of the VBS file including its drop files
VBS worms comes in different shapes and sizes. Some are easy to read while most of the strains now are encripted so it's content are not easily readable. Some strains are simply annoying like infecting all external drives inserted in an infected system, to creating shortcuts. Some are even written to steal passwords. Whatever the strain is, disinfection and removal can be performed using the above three steps mentioned above.
How I arrived on which files other than the VBS worms are to be deleted are based my quick analysis. I simply reverse the effect the worm may have on an infected system. There's no need for me to do a very comprehensive analysis since majority of the worms are already detected by commrcial antivirus solutions. There's no need to reinvent the wheel. My approach is to make your scanning effective by terminating any malicious process there is before doing a full scan since most AVs available can repair whatever a VBS worm may have done in the Windows registry.
Specifics in removing known or unknown strains will be covered in future tutorials.
Terminating the malicious process
Majority of the VBS worms I encountered i.e. about 98% I've analyzed can be stopped by killing the wscript.exe process. Less than a handful of samples assembles an executable file when first run and execute that file instead everytime Windows starts.Using Windows Task Manager
Assuming that Task Manager is not disabled by the worm, the easiest solution is to use it to terminate the malicious process.
 |
| Using taskman to terminate the vbs worm process |
Highlight wscript.exe process and click on the End Process button.
Using taskkill
Another approach is to use taskkill.exe at the CMD prompt.
taskkill /f /im wscript.exe
 |
| Using taskkill to terminate the vbs worm process |
Using a 3rd party alternative to Windows Task Manager
So far, this is the best solution since these utilities have a lot more to offer compared to the plain vanilla taskman. There are many great alternatives, both commercial and freeware. Since I'm familiar with System Explorer and DTaskmanager, I'll be using either of the two in my manual removal instructions. Both tools are freeware by the way. |
| Using System Explorer to terminate the vbs worm process |
 |
| Using DTaskmanager to terminate the vbs worm process |
Just like in taskman, highlight wscript.exe and terminate the process. Notice that you have more options with DTaskmanager. Unlike taskman, you can see the VBS file name and its path within System Explorer.
Removal of the startup entries associated with the worm
There are more than one way to skin a cat. Same with malware removal. You can use regedit or use a registry script to delete the startup sntries used by the VBS Worm or use other tools to make the job easier, especially if you are not familiar with regedit. Here is a list of some of the tools:- msconfig (there are better alternatives)
- HijackThis
- Hijack Hunter
- Autoruns
- CCleaner
- System Explorer, etc.
Using CCleaner
Launch CCleaner and go to Tools | Startups. Highlight the entry and click the Disable or Delete button.
 | ||
| Using CCleaner to delete or disable the vbs worm startup entry |
Click OK.
Using System Explorer
 |
| Using System Explorer to delete the vbs worm startup entry |
Launch System Explorer. Go to the Autoruns tab. Right click on the Windows Script Host entry and select Delete Item.
Watch the video on how to remove a vbs worm
How to manually remove a vbs worm
To be continued...
Thursday, July 22, 2010
How to uninstall remove Antivir Solution Pro (Virus Removal Guide)
The Antivir Solution Pro virus is, in its great part, a “standard” rogue (fake) anti-spyware (just like the Security Master AV virus we talked about in one of our previous removal guides) that has only one goal: making you believe that your computer is infected so that you pay for the full program. As Antivir Solution Pro virus is a scam, the only thing you should do is remove the Antivir Solution Pro virus using the removal guide below.
But before we reach the main part of this article, you should be aware that Antivir Solution Pro got on your computer when you visited an infected website and came across some malware or some exploit kits that installed Antivir Solution Pro on your computer. Obviously enough, if you don’t make sure that you computer is protected when surfing the web, there is a big chance that Antivir Solution Pro or a similar rogue will install itself on your computer again in the future.
What does the Antivir Solution Pro virus do ?
Basically, Antivir Solution Pro is a fake anti-spyware program that will always state that your computer is infected so that you buy the software (don’t buy Antivir Solution Pro as it is a scam). In addition, it will block some applications from running and mess up your Internet Explorer settings so that you might not be able to get your computer online.
How to protect your computer against Antivir Solution Pro and other similar viruses / rogues:
Well, first of all, it would be great if you had an updated antivirus suite installed on your computer (suck as Kaspersky Internet Security, Nod 32, or the free Avast Antivirus or MSE).
It is also very important that your Windows operating system has all the security patches installed and that Adobe Flash, Adobe Reader and similar software are also up to the current, updated version. For a more detailed list of the software installed on your computer that needs an update, you can run the Secunia Online Software Inspector.
Try using a more secure web browser such as Mozilla Firefox or Google Chrome.
How to remove the Antivir Solution Pro virus
Ok, so I had to edit the steps a little, because Antivir Solution Pro seems to be very active and we’ll have to close the process before anything else can be done. You will need to download iExplore.exe on another computer (iExplore is a great tool developed by Lawrence Abrams from bleepingcomputer.com. It will stop the Antivir Solution Pro process, so that we’ll be able to remove it.) and then transfer it on the desktop of the infected computer (use an USB stick or a CD/DVD).
1. Ok, now that we are set to go, we should stop the Antivir Solution Pro process so that we can remove it. To do this, run iExplore until Antivir Solution Pro is gone. Try to run it multiple times simultaneously if you feel like you’re getting nowhere. But don’t worry, iExplore will get the job done eventually.
2. If you only have Internet Explorer installed, you will have to undo the changes this virus did in your Internet Explorer settings so that you can surf the Internet once again. To do this:
* Open Internet Explorer and go to Tools->Internet Options.
* Now click the “Connections” tab, then the LAN Settings button in the bottom half of the window.
* Now uncheck the “Use a proxy server for your LAN” option.
3. Now that you are able to connect to the Internet, you should download a few files and apps that will help us down the road. Just download the files linked to below on your desktop
Malwarebytes Anti-Malware – We will use MBAM for actually removing this virus from your computer.
SuperAntiSpyware – This will be our secondary option if MBAM does not do the job
4. Many people don’t give this as much importance, but I feel like it’s a needed step. Just to make sure, you should delete all temporary files from your computer (click for a tutorial on that).
5. Now that Antivir Solution Pro is no longer running, we should be able to remove it using MBAM. Just follow these steps:
* Run the MBAM setup from your desktop.
* Proceed with the standard install settings
* Make sure the software update itself once it has been installed
* When MABM is up and running, go to the Scanner tab and perform a full scan
* Wait for MBAM to scan your computer for Antivir Solution Pro, as well as for any other malware your computer might be infected with
* When the scan is complete, remove all detected infections
6. Although you should have removed the Antivir Solution Pro virus from your computer, if this routine doesn’t do the trick, I guess you could try the same steps, only that instead of using MBAM, you use SuperAntiSpyware this time.
Source: http://free-pc-guides.com/
But before we reach the main part of this article, you should be aware that Antivir Solution Pro got on your computer when you visited an infected website and came across some malware or some exploit kits that installed Antivir Solution Pro on your computer. Obviously enough, if you don’t make sure that you computer is protected when surfing the web, there is a big chance that Antivir Solution Pro or a similar rogue will install itself on your computer again in the future.
What does the Antivir Solution Pro virus do ?
Basically, Antivir Solution Pro is a fake anti-spyware program that will always state that your computer is infected so that you buy the software (don’t buy Antivir Solution Pro as it is a scam). In addition, it will block some applications from running and mess up your Internet Explorer settings so that you might not be able to get your computer online.
How to protect your computer against Antivir Solution Pro and other similar viruses / rogues:
Well, first of all, it would be great if you had an updated antivirus suite installed on your computer (suck as Kaspersky Internet Security, Nod 32, or the free Avast Antivirus or MSE).
It is also very important that your Windows operating system has all the security patches installed and that Adobe Flash, Adobe Reader and similar software are also up to the current, updated version. For a more detailed list of the software installed on your computer that needs an update, you can run the Secunia Online Software Inspector.
Try using a more secure web browser such as Mozilla Firefox or Google Chrome.
How to remove the Antivir Solution Pro virus
Ok, so I had to edit the steps a little, because Antivir Solution Pro seems to be very active and we’ll have to close the process before anything else can be done. You will need to download iExplore.exe on another computer (iExplore is a great tool developed by Lawrence Abrams from bleepingcomputer.com. It will stop the Antivir Solution Pro process, so that we’ll be able to remove it.) and then transfer it on the desktop of the infected computer (use an USB stick or a CD/DVD).
1. Ok, now that we are set to go, we should stop the Antivir Solution Pro process so that we can remove it. To do this, run iExplore until Antivir Solution Pro is gone. Try to run it multiple times simultaneously if you feel like you’re getting nowhere. But don’t worry, iExplore will get the job done eventually.
2. If you only have Internet Explorer installed, you will have to undo the changes this virus did in your Internet Explorer settings so that you can surf the Internet once again. To do this:
* Open Internet Explorer and go to Tools->Internet Options.
* Now click the “Connections” tab, then the LAN Settings button in the bottom half of the window.
* Now uncheck the “Use a proxy server for your LAN” option.
3. Now that you are able to connect to the Internet, you should download a few files and apps that will help us down the road. Just download the files linked to below on your desktop
Malwarebytes Anti-Malware – We will use MBAM for actually removing this virus from your computer.
SuperAntiSpyware – This will be our secondary option if MBAM does not do the job
4. Many people don’t give this as much importance, but I feel like it’s a needed step. Just to make sure, you should delete all temporary files from your computer (click for a tutorial on that).
5. Now that Antivir Solution Pro is no longer running, we should be able to remove it using MBAM. Just follow these steps:
* Run the MBAM setup from your desktop.
* Proceed with the standard install settings
* Make sure the software update itself once it has been installed
* When MABM is up and running, go to the Scanner tab and perform a full scan
* Wait for MBAM to scan your computer for Antivir Solution Pro, as well as for any other malware your computer might be infected with
* When the scan is complete, remove all detected infections
6. Although you should have removed the Antivir Solution Pro virus from your computer, if this routine doesn’t do the trick, I guess you could try the same steps, only that instead of using MBAM, you use SuperAntiSpyware this time.
Source: http://free-pc-guides.com/
Antivirus Live Removal
The Best Registry Cleaner Tool For Windows XP
Antivirus Live is a fake anti-spyware program that belongs to the same family as Antivirus System Pro. If your computer is infected with this malware, you will receive frequent notifications of exaggerated security threats and virus infections. The catch is that you have to buy the full version of the program in order to fix the problems.
Getting rid of this fakeware is not easy. This malware can hijack your browser and blocks certain processes that prevents manual uninstall procedures. And once the malware loads, it will consume 100 percent of your computer’s resources which will prevent you to perform effective system clean-up and troubleshooting.
Why you need to Get Rid of Antivirus Live Immediately?
You should scan your computer and remove all the infected files as soon as possible. This virus will not only trick you to buy a bogus program but it will also expose your computer to more security threats. Take note that the malware disables the installed antivirus program of your machine. This means that more viruses, Trojans, worms, and spyware can sneak inside your computer.
Worse, this spyware program has the potential to steal your private banking information. If you buy the full version, you will be asked to provide your credit card number. Rogue software developers therefore will be able to use your information for their criminal activities. Don’t take this threat lightly, such rogue software are developed by highly skilled software developers and they know how to steal the information.
How To Get Rid of Antivirus Live
If you want to remove this threat effectively from your computer, you should use a legit software which is capable of scanning your computer and removing this threat. This is a proven approach that can completely clean all traces of the virus from your system.
It is true that you can remove Antivirus Live manually. However, this approach is not recommended if you are not familiar with your computer’s system folders and registry. Manual removal requires modifications of registry entries and deletion of all files associated with Antivirus Live. If you delete just a single legitimate file in your system, your machine will never boot again.
Automatic Antivirus Live removal is the safest approach. All you need to do is to download a trusted anti-malware program. Reboot your computer and start it in safe mode. You can now install the anti-malware so that it can perform a full system scan. The software will catch all traces of the malware. You just have to delete them all in order to restore your computer’s integrity.
The next time you receive fake notifications from Antivirus Live, you must delete the virus immediately by using automated malware removal tool.
You should follow this guide if you want to Remove Antivirus Live quickly and effectively without leaving any trace of it on your computer. When you receive fake security threat notifications urging you to buy Antivirus Live, you have to act swiftly by deleting this virus from your computer. Use a reliable anti-malware program because it can remove all traces of Antivirus Live Virus and will protect your system form further infections.
Source: http://www.booshnews.com/
Antivirus Live is a fake anti-spyware program that belongs to the same family as Antivirus System Pro. If your computer is infected with this malware, you will receive frequent notifications of exaggerated security threats and virus infections. The catch is that you have to buy the full version of the program in order to fix the problems.
Getting rid of this fakeware is not easy. This malware can hijack your browser and blocks certain processes that prevents manual uninstall procedures. And once the malware loads, it will consume 100 percent of your computer’s resources which will prevent you to perform effective system clean-up and troubleshooting.
Why you need to Get Rid of Antivirus Live Immediately?
You should scan your computer and remove all the infected files as soon as possible. This virus will not only trick you to buy a bogus program but it will also expose your computer to more security threats. Take note that the malware disables the installed antivirus program of your machine. This means that more viruses, Trojans, worms, and spyware can sneak inside your computer.
Worse, this spyware program has the potential to steal your private banking information. If you buy the full version, you will be asked to provide your credit card number. Rogue software developers therefore will be able to use your information for their criminal activities. Don’t take this threat lightly, such rogue software are developed by highly skilled software developers and they know how to steal the information.
How To Get Rid of Antivirus Live
If you want to remove this threat effectively from your computer, you should use a legit software which is capable of scanning your computer and removing this threat. This is a proven approach that can completely clean all traces of the virus from your system.
It is true that you can remove Antivirus Live manually. However, this approach is not recommended if you are not familiar with your computer’s system folders and registry. Manual removal requires modifications of registry entries and deletion of all files associated with Antivirus Live. If you delete just a single legitimate file in your system, your machine will never boot again.
Automatic Antivirus Live removal is the safest approach. All you need to do is to download a trusted anti-malware program. Reboot your computer and start it in safe mode. You can now install the anti-malware so that it can perform a full system scan. The software will catch all traces of the malware. You just have to delete them all in order to restore your computer’s integrity.
The next time you receive fake notifications from Antivirus Live, you must delete the virus immediately by using automated malware removal tool.
You should follow this guide if you want to Remove Antivirus Live quickly and effectively without leaving any trace of it on your computer. When you receive fake security threat notifications urging you to buy Antivirus Live, you have to act swiftly by deleting this virus from your computer. Use a reliable anti-malware program because it can remove all traces of Antivirus Live Virus and will protect your system form further infections.
Source: http://www.booshnews.com/
Subscribe to:
Posts (Atom)