Geeks in Phoenix

Geek Blog


Easily remove adware and malware with the Junkware Removal Tool

Doing virus removal I get allot of calls from people who believe their computer is infected. It's usually a program or browser toolbar that they don't know where it came from, it just showed up one day. And sometimes it turns out to be adware / malware. One of the best tools I've found for removing programs like these is the Junkware Removal Tool by Malwarebytes.

Junkware Removal Tool main screen
The main screen for the Junkware Removal Tool

Junkware Removal Tool (JRT) is no frills, bare-bones program for removing some of the more popular and notorious junkware / adware programs out there. JRT uses just a command prompt window for a user interface, no features or options here. It first creates a backup of the registry and then scans the system processes / services, files / folders, registry keys / values and browser plugins. And when done, it creates a text report on the desktop and opens it up.

Here are just a few of programs JRT removes:

24×7 help, Advanced System Protector, Ask Toolbar, Blekko, Browserprotect, Browsersafeguard, Conduit, Driver Pro, Driver Cure, Inbox Toolbar, Incredibar, MoboGenie, MyPC Backup, MyWebSearch, NewTab, Omniboxes, OoVoo Toolbar, PC MightyMax, PC Optimizer Pro, PC Performer, PC Speed, Maximizer, PC Speed Up, PCFixSpeed, PCSafeDoctor, Search Protection, Strongvault, SysTweak, TopArcadeHits, Visualbee, Wajam and Yontoo.

JRT requires no installation, just download and run. And it automatically checks for a new version every time you run it, so you will always have the latest version.

For more information on JRT, just follow the link below.

Junkware Removal Tool

Remove malware, viruses and spyware with Malwarebytes Anti-Malware

Virus removal can be a tricky thing, so a good anti-virus program is a must. And remember that you can only have one anti-virus program installed at a time because they will conflict with each other and degrade system performance. But did you know that there are programs that work as companions to your existing anti-virus software? One of my favorites is Malwarebytes Anti-Malware.

The main screen inside of Malwarebytes Anti-Malware
The main screen inside of Malwarebytes Anti-Malware

Malwarebytes Anti-Malware looks for items that may otherwise be overlooked by anti-virus software, like keystroke / password loggers, rootkits and spyware. It works great for finding PUP's (probably unwanted program), PUM's (potentially unwanted modifications) and P2P (peer to peer) software.

The settings screen inside of Malwarebytes Anti-Malware
The settings screen inside of Malwarebytes Anti-Malware

Malwarebytes Anti-Malware comes in four (4) versions; Free, Pro, Small Business and Enterprise.

Malwarebytes Anti-Malware Free features include:

  • Advanced malware detection and removal
  • Industry proven clean-up technologies eradicate existing malware infections
  • Rapid response malware database and heuristics updates
  • Access to expert community and knowledgeable support teams through e-mail and forums
  • Chameleon technology gets Malwarebytes running on infected systems
  • Multi-language support

Malwarebytes Anti-Malware Pro, Small Business and Enterprise features include:

  • All of the features of the free version
  • Real-time active malware prevention engine blocks known threats
  • Heuristic protection prevents new zero day malware infections
  • Malicious website protection blocks access to known and zero day malicious web content
  • Automatic priority updates and scheduled scanning
  • Fast flash scans

Here's a quote from Malwarebytes website:

Detect and Protect with Byte

Malware is big and malware is bad. Your computer is constantly at risk from infection by malware including viruses, worms, trojans, rootkits, dialers and spyware. Malwarebytes specializes in fighting malware.

If viruses are mischief, malware is mayhem. Malware doesn't just want to disrupt your network, it wants your keystrokes, logins, passwords, address book, data, credit card information, favorite t-shirt and possibly your cat.

Malware is not going away any time soon. Malware is growing, developing, constantly evolving. Malware is becoming more difficult to detect, and even harder to remove.

Only the most sophisticated anti-malware techniques can detect and remove malicious programs from your computer. Malwarebytes Anti-Malware PRO combines powerful new technologies designed to seek out, destroy, and prevent malware.

For more information on Malwarebytes Anti-Malware, just follow the link below:

Malwarebytes Anti-Malware

Virus removal guidelines for Windows

(*** Disclaimer: If you don’t feel comfortable working on your own computer, please ask someone who is familiar with computers to assist you. Sometimes it is best to seek professional assistance with this type of procedure. You will need a second computer connected to the internet for the following. Proceed at your own risk! ***)

Signs you may be infected:

  • You get ‘Pop Ups’ alerting you that your computer may be infected from software you do not remember installing.
  • You may have new software icons you did not have before on your desktop.
  • You may find your anti-virus software alerts you of a threat, but is no longer working.
  • You may not be able to get to a particular web site or not even be able to get on the internet at all.

The following is a general guideline to detecting and removing a virus from your computer. As always, have a good working backup before attempting any of these procedures.

  1. Isolate the suspected computer by disconnecting the network cable or turning off the wifi adapter. This will stop anything from getting on your network to infect other systems and getting to the internet to make connection with its author and/or server.
  2. Turn off ‘System Restore’ on all hard drives. Find a ‘My Computer’ icon and right click on it. Choose ‘Properties. Then select the tab named ’System Restore’. Select the check box ‘Turn off System Restore on all drives’ and click ‘Apply’

You now have stopped the ability to get outside of the computer and the ability to be restored from a ‘restore point’. It’s now time to get to work.

Depending on the severity of the infection, I will use either USB drives or finalized cd-r’s to install software. With the newer infections that can write across networks and to any writable media (floppy, memory card, USB drives, etc.), it's best just to grab a bunch of cd-r’’s and write all of the different software you’ll need to cd.

First thing, go over to Malwarebytes’ http://www.malwarebytes.org/ and download a copy of their Anti-Malware program. Put it on your choice of media and install on the suspected computer. Then select ‘Perform quick scan’ and click ‘Scan’.

Allow the program to take what ever actions required (which may include a reboot). Once the program has finished, let’s proceed to scan for viruses.

(***Disclaimer: Never install more than one anti-virus program on a system.***)

If you have anti-virus software, check it to find out if it is still working. A lot of infections will disable your anti-virus. If this is the case, reinstalling it may get it to work again. If this doesn’t work, you will need to uninstall it completely, so you can reinstall a new copy of the antivirus software. Once this is done do a complete scan of the system.

If you do not have any anti-virus, go over to AVG Free http://www.avgantivirus.com and download a copy. Also download the latest definition files. Put all of the files on media and install the anti-virus. Once installed, you can upgrade the definitions by selecting ‘Update from file’ when you have the program open. Then do a complete scan of the system.

(***Disclaimer: Before installing a firewall in Windows XP / Vista, disable the Windows Firewall in the Control Panel first. Also, never install more than one software firewall on a system.***)

Once you have run both Malware and an anti-virus scan on the system, you should have a good hand on the situation.

(*** If you are still having issues that you’re anti-virus and/or spyware software cannot remove, please seek professional assistance. ***)

Before attempting to reconnect the suspect system to the internet, make sure that you have a software and/or hardware firewall in place. I use both a hardware firewall behind my internet connection and software firewalls on the servers / workstations.

For more information on Free Internet Security Software, check out this blog entry:
//www.geeksinphoenix.com/blog/post/2009/02/06/Free-Internet-Security-Software.aspx

And for a detail description of one of the worst cases of infection I have seen yet, check out this blog entry:
//www.geeksinphoenix.com/blog/post/2009/02/05/Virus-Removal.aspx

Till later,
Scott

Virus Removal

I am hearing more and more of new computer users getting severely infected with Malware, Spyware, Trojans, etc.. I am currently working on a system that is, by far, the worst one I have ever seen. I have the system back running and am going to document the procedures I followed in the next couple of days. I’m also going to include links to the free (yes free!) software you can download and use to prevent this from happening to you.

Till then,
Scott

*** Update 02/08/2009 ***

Link to Free Internet Security Software //www.geeksinphoenix.com/blog/post/2009/02/06/Free-Internet-Security-Software.aspx

'Note: I took on this client as I felt he really needed the assistance. He’s an older veteran who just graduated from school. He bought a used computer and then connected it to a high speed connection.  Without any knowledge of what he needed for security software, he quickly got infected. The story does end happily (should I tell you now or make you go to the bottom of the page).  Alright, I built a new system for him from my spare parts and loaded all of his old software on to it. System cost: $0. Good feeling: Priceless (sorry MasterCard, I had to use it).'

Let me first outline the situation. I got a call from a gentleman whom had purchased a used computer and it got infected. It was so bad that it would not even boot into Safe Mode. When I got it, I immediality went to back it up. It was then I discovered the system would not boot to a cd-rom (red flag). This was my first issue.

The system had a floppy drive, so I installed a network card I knew worked and had DOS drivers for. I then created network boot disks and was able to backup across the network. The data being transmitted from the client was different in size to what the server was receiving (red flag).

I now had a good, working image of the hard drive. It was apparent that a system driver was failing to load and causing the crash. I wanted the check the hard drive for errors first. Since this drive was FAT 32, I used a Windows 98 SE boot disk with support tools and ran scandisk on the hard drive. The surface scan indicated a bad cluster on the drive (drive failure!). A quick download of the diagnostic software from the hard drive manufacturer confirmed the hard drive failure.

Luckily I had a hard drive of equal size and cloned the drive image back to a new drive. A quick Scandisk to check for errors and away I went, but I still was getting errors when booting. I changed boot options and was able to get the error screen to stay up. I took a photo to do more research. Turns out the error is coming from the on-board IDE controller (controller failure for sure, possible mother board failure). This would explain the issue with the cd-rom.

I happen to have a spare PCI IDE controller card from when I had to have eight drives in one of my systems (opposed to the standard four at the time). I’ll tell the story of the system that I built that I had to disabled all on board devices to kept running at a later time. What I did to keep that 486 running was amazing.

I installed the controller card and almost immediately discovered the BIOS were coming up scrambled. I couldn’t boot strap the bios. That was it, motherboard failure. The project now was now to rebuild the computer. The motherboard failure made me leery of using any of the old hardware. You just don’t know what else may be damaged (we know the hard drive was).

So I went around the home to see what I could find. A Pentium-D 805, ECS P4M800, a 256 mb stick of PC-3200 memory, cd-rom, floppy drive, hard drive, power supply and case. A little modification to the case to allow clearance for the power connector to the motherboard and I was off and running.

I assembled the system and got the original image loaded on it. I was still getting boot errors, but it did boot. Of course Windows found all sorts of new hardware. But the ‘Pop Ups’ were coming on hard and fast. And so were the system errors.

So I went and opened the hard drive image file and it was there I found a couple hundred of infections. I made a copy of the image and then proceeded to manually edit the contents of it.

I was able to remove about three hundred (300) or so infected files. I then pushed the revised image to the new system. I was then able to get the ‘Pop Ups’ and errors to come down quite a bit. I turned off ‘System Restore’, installed Malware and started a scan. It found several infections and removed all on reboot.

I then installed AVG, updated definitions by file and ran a complete scan. It was then that I found out that this system was beyond repair. It had an infection that attaches itself to every executable file on the hard drive. AVG found over seven thousand (7,000) of these infections. At this point it is time to completely wipe the hard drive and do a clean install of Windows.

That’s where the story ends. I reloaded all of the applications, user files, etc. The computer is in place and running beautifully. It’s again hooked up to high speed internet, but this time with protection.

 

Customer service is #1

Here at Geeks in Phoenix, we take pride in providing excellent customer service. From computer repair, virus removal and data recovery, we aim to give the highest quality of service.

Bring your computer to us and save

Our in-shop computer repair service  is based on the time we work on your computer, not the time it takes your computer to work!

Contact us

Geeks in Phoenix
4722 East Monte Vista Road
Phoenix, Arizona 85008
(602) 795-1111

Like Geeks in Phoenix on Facebook

Follow Geeks in Phoenix on Twitter

Watch Geeks in Phoenix on YouTube

Geeks in Phoenix is an IT consulting company specializing in all aspects of Computer Repair / PC Repair / Laptop Repair. Since 2008, our expert computer repair technicians have been providing outstanding Computer Repair, Virus Removal, Data Recovery, Photo Manipulation and Website Support.

Geeks in Phoenix have the best computer repair technicians providing computer repair and service in Phoenix, Scottsdale and Tempe Arizona. We offer In-Shop, On-Site and Remote (with stable Internet connection) computer repair service.

Copyright © 2016 Geeks in Phoenix LLC