Archive
Tag "antivirus"

A lovely fire­wall prod­uct that hogs lesser resources than the ubiq­ui­tous Zone Alarm, pro­vides bet­ter report­ing and pro­tec­tion options, and is still com­pletely free.

Fire­walls are dime a dozen these days. When the con­cept of a fire­wall first became impor­tant on home com­put­ers, with the advent of real high-speed broad­band, Tiny Per­sonal Fire­wall was the best. It even had the approval of experts. Unfor­tu­nately, CA stepped in and gob­bled up the company.

Zone Alarm was already a strong con­tender, but with Tiny gone, it soon became the de-facto fire­wall on the machine of users who knew bet­ter than to let this com­puter floun­der under the bloat­ware of Mcafee or Symantec.

Unfor­tu­nately, of late, Zone Alarm has been a bit of a hog on my machine. It's a Core2Duo, which means soft­ware such as Zone Alarm should cheer­fully work in par­al­lel with no fuss. AVG for instance scans my entire machine for an hour with­out my so much as both­er­ing about it.

It is in this con­text that I came across Comodo Fire­wall, one that is rec­om­mended by more than a few techies. Being a born tin­kerer, I was off in a jiffy to down­load the thing. And short story: it rocks.

Below's a screen­shot. It looks more pro­fes­sional than even Zone Alarm Pro. There are more options, explained more clearly.

Read More

Want to try AVG but just can­not get rid of Norton's per­sis­tent antivirus that itself behaves like a worm? Here are some instruc­tions that have worked.

So you want to use Grisoft's AVG Free as your antivirus, but had Nor­ton antivirus installed before, which is now prov­ing more per­sis­tent than a flat­u­lent release in a bath, with Symantec's whole con­vo­luted she­bang only com­pound­ing your woes? Well below is a sim­ple sureshot way to get rid of Nor­ton for good.

  1. First, from Start –> Cpanel –> Add/Remove pro­grams, remove every trace of Nor­ton and its asso­ci­ated pro­grams, which means scan through the list of installed pro­grams for any item that says "Nor­ton" or "Syman­tec" or "Live­Up­date" — for exam­ple "Syman­tec Live­Up­date" or "Nor­ton AntiVirus 2003".
  2. When you are absolutely sure that these ver­mins are gone, it is VITAL that you reboot the com­puter. When you are back into XP, delete the fol­low­ing fold­ers man­u­ally — if they don't exist that's fine:
    	c:\Program Files\Symantec AntiVirus
    	c:\Program Files\Norton
    	c:\Program Files\Symantec
    	c:\Program Files\Common Files\Symantec Shared
    	

    Do a SHIFT DELETE if pos­si­ble, the fold­ers don't go into your Recy­cle Bin in that case, so they are gone from your com­puter for sure.

  3. After the above, I usu­ally clean the Win­dows Reg­istry for any entries that are lying around stray. Get a Reg­istry Cleaner like HoverDesk's RegSeeker (zipped down­load) and use the "Clean the Reg­istry" option.
  4. Once that is done and you have SELECTED ALL and deleted the stray items, reboot again. To be sure.
  5. Nor­ton should be gone when your machine is back up. If not, Syman­tec has a brute force util­ity called RNAV2003 — get it here, which ought to do the rest of the scav­eng­ing, but it shouldn't come to that.
Read More

Inad­ver­tently hit by the Net­sky fam­ily, and been hav­ing trou­bles get­ting rid of it? Check this step by step removal pro­ce­dure out.

Sud­denly get­ting *.pif attach­ments in your emails or a bunch of very per­sonal and real­is­tic sound­ing mails from peo­ple you don't even know? That's because the Net­sky fam­ily has gone prime­time and spawned a mil­lion and one vari­ants: I-Worm.Netsky.A, I-Worm.Netsky.B, I-Worm.Netsky.C, I-Worm.Netsky.D, and now even I-Worm.Netsky.E. Many peo­ple have tried updat­ing their anti virus def­i­n­i­tions for their respec­tive tools, but Net­sky is clever (it stores info in the Win­dows reg­istry, and deletes some vital keys as well!)

Pls print these instruc­tions as you will even­tu­ally have to close Out­look as well as the browser that you will presently use for downloads.

I use Grisoft's won­der­ful AVG tool, which is great if you had it BEFORE the Net­sky virus (but then I also use a com­bi­na­tion of Spam Assas­sin and Cla­mav)

IMPORTANT NOTE: DISABLING AND ENABLING SYSTEM RESTORE

Win­dows Me/XP uses the Sys­tem Restore fea­ture (enabled by default) to restore the files on your com­puter in case they become dam­aged. If a virus, worm, or Tro­jan infects a com­puter, Sys­tem Restore may back up the virus, worm, or Tro­jan on the com­puter as well.

Win­dows pre­vents out­side pro­grams, includ­ing antivirus pro­grams, from mod­i­fy­ing Sys­tem Restore. There­fore, antivirus pro­grams or tools can­not remove threats in the Sys­tem Restore folder. As a result, Sys­tem Restore has the poten­tial of restor­ing an infected file onto your com­puter, even after you have cleaned the infected files from all the other loca­tions. Also, a virus scan may detect a threat in the Sys­tem Restore folder even though you have removed the threat. SO it's best to dis­able it and then re-enable it after the dele­tion process.

HOW TO DISABLE SYSTEM RESTORE

  • Click Start > Set­tings > Con­trol Panel.
  • Double-click the Sys­tem icon.
  • Click on the Sys­tem Restore tab and dis­able the Sys­tem Restore:
    System Restore disable in Windows XP Control panel
  • Click Yes, when you are prompted to restart Windows.

Now that you know how to dis­able and enable Sys­tem Restore, let's get cracking.

OPTION 1: THE MCAFEE WAY (STINGER)

McAfee has made a very nifty tool called Stinger avail­able which auto­mat­i­cally scans your com­puter for 39 viruses and deletes them. It's pretty sim­ple to use, just down­load and execute.

  • Down­load Stinger.
  • Dis­able Sys­tem Restore as described above. This will take your sys­tem into a reboot.
  • When the com­puter is back again, wun Stinger from your desk­top by double-clicking it. Wait, get some cof­fee, etc etc. This takes time.
  • Reboot.
  • Optional but rec­om­mended if the first run above found some virii: Run Stinger again to make sure your PC is clean.
  • Reboot.
  • Re-enable Sys­tem Restore from the Con­trol Panel > Sys­tem > Sys­tem Restore (checkbox).

On my machine with 120GB hard disk, 57% used, 1 GB RAM, this tool took about an hour to scan through all files. Which is prob­a­bly a wor­thy price to pay
for the con­ve­nience of automa­tion. Worth a shot for sure.

If and only if this doesn't work, try the next and some­what more con­vo­luted tool from Symantec.

OPTION 2: THE SYMANTEC WAY

Roll up your sleeves as this is can get a bit involv­ing for peo­ple who don't know MS-DOS prompts or some Win­dows sys­tem func­tion­al­ity (although there are screen­shots to boot below when­ever possible)

  • Down­load the FxNetsky.exe file. Save the file to a con­ve­nient loca­tion, e.g.,
    c:\netsky_remove
  • Down­load the file chktrust.exe. IMPORTANT: Save this file as the same loca­tion as above:
    c:\netsky_remove
  • Now close all pro­grams, includ­ing the browser from which you down­loaded the above appli­ca­tions. Then, START –> RUN, and type
    cmd

    This will start the MS DOS PROMPT. Here, type:

    cd c:/netsky_remove
    chktrust -i FxNetsky.exe

    Press Enter after typ­ing each com­mand. If the dig­i­tal sig­na­ture is valid, you will see the following:

    "Do you want to install and run "FxNetsky.exe"
    signed on 3/1/2004 10:33 PM and distributed by:
    Symantec Corporation?"
  • If you are on a net­work or if you have a full-time con­nec­tion to the Inter­net, dis­con­nect the com­puter from the net­work and the Internet.
  • Dis­able Sys­tem Restore.
  • Double-click the FxNetsky.exe in your c:\netsky_remove folder to start the removal tool.
  • Click Start to begin the process, and then allow the tool to run. Sit back and enjoy the ride. This takes time.
  • When the tool has fin­ished run­ning, you will see a mes­sage indi­cat­ing whether W32.Netsky@mm infected the com­puter. In the case of a removal of the worm, the pro­gram dis­plays the fol­low­ing results:
    Total number of scanned files
    Number of deleted files
    Number of repaired files
    Number of terminated viral processes
    Number of fixed registry entries
  • Reboot the computer.
  • If virii were found, then run the removal tool again to ensure that the sys­tem is clean.
  • If you had dis­abled Sys­tem Restore, then re-enable it.

Let me know if this doesn't work as desired!

Read More