Cleaning your Computer Of A Fake Anti-Virus Program

The number one problem I see in my computer repair business is of course, viruses and malware. No matter how well you think you are protected against them, you are probably still vulnerable. The worst offender in the virus war is the system manufacturers themselves. Most of the major players install a "trial" version of a program Like Norton Anti-virus. It expires after a short time and the user is left unprotected. They don't want to buy an anti-virus program so they click off the warnings and continue to surf the web. If just having Norton installed on your machine isn't enough to slow it to a crawl, than the malware and viruses you acquire will.

Most virii and malware/spyware programs are quietly stealing information in the background. key loggers and other malicious goodness steal your personal information and send it off to a scammer somewhere in Russia, or Nigeria, maybe Greenland? I don't know. There are however, a new breed of computer bugs out there that are adept at fighting dirty. These new binary bad guys have a two pronged approach aimed at forcing you to give up your personal information and your wallet. The Fake Anti-Virus..uhh...virus.

These sometimes convincingly real fake anti-virus programs are best known for their ability to give you a headache. After infecting your system they go to work making sure that your real anti-virus or anti-malware program stops working all-together. Then they go to work adding more malicious software to your machine. Now that your unprotected, and infected, they cleverly pop-up on your screen and tell you that...YOU HAVE A VIRUS!!! Dismissing the box only works for a short time before it pops up again.  If you have the good sense to know this is not your anti-virus program and you try to clear it out you are met with a massive roadblock.

Your anti-virus programs won't work. To make matters worse, they make changes to your connection settings that block or redirect any attempt to access a good portion of sites that contain real anti-virus or anti-malware programs. Should you not know what the cause is and decide to "Scan For Infections" as the increasingly annoying pop-up screen informs you to do. It will inevitably find a host of real and make-believe viruses to scare you out of your wits. So far, so good, right? It found the viruses, and there is this button that says click here to clean my system. So you click the button and it tells you that you need to go to 'websiteX' and purchase the full version of the program. So you miraculously manage to make it to this convincing looking website, where you input your credit card information and get to enjoy your bevy of viruses, and the phone call from your bank telling you your checking account is now empty. Probably over drawn, and you owe them a boatload of fees.

There is a way to save yourself, but it's going to take a lot of patience, and the ability to suppress the urge to throw your computer out of a window..into a fire, than hit with a baseball bat, dousing it in acid, than throwing it into the river with a rock tied around it. I'm going to give you a quick guide to possibly getting yourself back on the right track.

Since the virus/malware has disabled your anti-virus, you are going to need to find some more. The easiest way to get yourself a USB stick/key/drive/etc. and bring it to an uninfected computer. You will need a few tools to guarantee that you get the job done right. The three programs I use for clearing out malware are: Malwarebytes Anti-Malware, SuperAntiSpyWare, and Spybot-Search and Destroy. Why all three? Because even though Malwarebytes is usually good enough, it has a flaw, it doesn't store it's virus database in the same directory as it's installed, so until you can get past the roadblock the fake anti-virus put up, it's not going to do anything.Reboot the computer in Safe-Mode(Press F8 during startup and choose the safe-mode+networking support option.) Run Spybot, Than SuperAntiSpyware. This should clear out a good portion of the nasties on your machine.

Before I go any further let me give you the full list of things I keep on my USB virus fighter toolkit.

1.Malwarebytes AntiMalware
2.Spybot-Search and Destroy
3.SuperAntiSpyWare
4.ccleaner(Cleans out Temporary Files where viruses sometimes hide.)
5.Spyware Terminator(This program, along with Spybot have tools that will actually help protect you from reinfection by blocking access to harmful sites, and making sure changes don't get made to important settings.)
6.IObit 360(This is an anti-virus/Malware program that is not the best, but it is still under the radar enough, that the virus makers don't take the time to block it from internet updates.
7.Hijack This(Provides a list of information about running programs to help determine where the viruses are hiding.)
There are also a few defragmenting tools, and a copy of Avast anti-virus(It's free and user friendly.) to install on the clients machine after I'm done clearing out their problems.
7.SmitFraud Fix(an advanced tool for clearing out certain types of infections.)

 Once you've run the first two programs try getting Malwarebytes installed and see if it will update. If it doesn't run ccleaner and clear out the temporary internet files, than run IObit. You should hopefull be able to run and update Malwarebytes by this time. This program should clear out the last bits of the junk. When it's done run the inoculation tools in Spybot and Spyware Terminator to help safeguard your machine. You can also turn on "Tea-Timer" a program that is a part of Spybot that will stop malicious programs from changing settings like your internet homepage. Restart and see how everything looks. Install a fresh anti-virus program like Avast and be sure to stay away from any more bad sites. There are tools out there such as WOT(Web of Trust)that displays information about the safety of a given website. Green is good, Yellow is suspicious, Red is bad. Pretty straight-forward.

The one thing I failed to mention is, depending on the level of infection, and the speed of your system, these scans can take quite some time, so you might want to go get some coffee, or rent a movie while you wait. Just a thougt. I hope this article helps you get back on the right track and surf the web safely.

Read more »

Outlook Comprehensive Guide #2:Command Line Switches

Switches are commands usually run from the Start/Run dialog box or from a command line(DOS prompt).
These switches allow you to perform common maintenance tasks for Outlook and are incredibly useful for clearing up a host of Outlook related issues. In later articles I will show you some other Microsoft Office switches for the rest of the Office applications.

Outlook 2003 is normally installed in C:\Program Files\Microsoft Office\OFFICE11. (If you install your applications on another partition use the drive letter for that partition.)

Open a CMD window by typing cmd in the Run dialog box and than navigate to the path above. To do this you will use the CD command which will look like this " cd Program Files\Microsoft Office\OFFICE11"(Without the quotes). Run Outlook.exe with the appropriate switch.

To use switches, at the Start menu, Run command type:
Outlook /switch
Sometimes it will be necessary to use the full path to Outlook, so the command line you will type will be:

C:\Program Files\Microsoft Office\Office11\Outlook.exe /switch

Here are a list of commonly used switches:

/cleanclientrules
 Starts Outlook and deletes client-based rules.

/cleandmrecords
Deletes the logging records saved when a manager or a delegate declines a meeting.

/cleanfinders
Removes Search Folders from the Microsoft Exchange server store.

/cleanfreebusy
Clears and regenerates free/busy information. This switch can only be used when you are able to connect to your Microsoft Exchange server.

/cleanprofile
Removes invalid profile keys and recreates default registry keys where applicable.

/cleanpst
Launches Outlook with a clean PST(Personal Folder).

/cleanreminders
Clears and regenerates reminders.

/cleanrules
Starts Outlook and deletes client- and server-based rules.

/cleanschedplus
Deletes all Schedule+ data (free/busy, permissions, and .cal file) from the server and enables the free/busy information from the Outlook Calendar to be used and viewed by all Schedule+ 1.0 users.

/cleanserverrules
Starts Outlook and deletes server-based rules.

/cleansniff
Deletes duplicate reminder messages.

/cleansubscriptions
Deletes the subscription messages and properties for subscription features.

/cleanviews
Restores default views. All custom views you created are lost.

/firstrun

Starts Outlook as if it were run for the first time.

/nocustomize

Starts Outlook without loading outcmd.dat (customized toolbars) and *.fav file.

/noextensions

Starts Outlook with extensions turned off, but listed in the Add-In Manager.

/nopollmail

Starts Outlook without checking mail at startup.

/nopreview

Starts Outlook with the Reading Pane off.

/recycle

Starts Outlook using an existing Outlook window, if one exists. Used in combination with /explorer or /folder.

/resetfoldernames

Resets default folder names (such as Inbox or Sent Items) to default names in the current Office user interface language.

For example, if you first connect to your mailbox Outlook using a Russian user interface, the Russian default folder names cannot be renamed. To change the default folder names to another language such as Japanese or English, you can use this switch to reset the default folder names after changing the user interface language or installing a different language version of Outlook.

/resetfolders

Restores missing folders for the default delivery location.

/resetnavpane

Clears and regenerates the Navigation Pane for the current profile.

/sniff

Starts Outlook and forces a detection of new meeting requests in the Inbox, and then adds them to the calendar.

For a complete list of available switches for Outlook 2003 Please visit :http://office.microsoft.com/en-us/outlook/HP010031101033.aspx?pid=CH062556271033

For Outlook 2007 Please visit :http://office.microsoft.com/en-us/outlook/HP012185891033.aspx?pid=CH100788811033

Read more »

Outlook Comprehensive Guide #1:Outlook Start Problem. Office custom forms error.

Welcome to the first installment of Microsoft Outlook:The Comprehensive Guide. This is not going to be a guide to using Outlook, but a guide on what to do when Outlook decides to stop functioning or doing something silly when you need it to be working. In this installment we will look over a couple of common problems with Outlook and how to correct them.


Problem Scenario #1:Outlook will not open. After a hard day of typing out a virtual mountain of emails you decide to shut down Outlook and go grab some lunch. You return only to find that when you click on the Outlook button nothing happens. It looks like it might load and than...zip. Nada. Nothing happens!. Well the easiest answer is always try restarting your computer. But there is more you can try as well. The most common cause of the is error an errant process. (e.g.Outlook is still running in the background). To remedy this simply hit CTRL+ALT+DEL and than click on 'Task Manager'. Find the errant process in the list under the Processes tab, highlight it by clicking on it with your mouth and than hitting the button that says 'End Process'.


Let's say that you do restart, and Outlook still won't open and you looked in the 'Task Manager' and it simply wasn't there. There is still hope. Open up your 'Control Panel'  Start/Control Panel or Start/Settings/Control Panel  and click on 'Add/Remove programs'. If you are using Vista or Windows 7 'Add/Remove Programs' has been renamed 'Programs and Features'. Find the entry for Office and click on it, and than click 'change' or 'change or repair' in Windows 7. Run the repair operation on Office this will correct issues with all Office components. If you are using Office 2007 this operation can take 15-25 minutes to complete.(Just a heads up.)


Problem Scenario #2: When attempting to perform operations in Outlook or Word  you get the following error"The custom form could not be opened. Outlook will use an Outlook form instead. The form required to view this message cannot be displayed. Contact your administrator." This error can occur when attempting to write a note, an email or when opening up a meeting notice. This is a relatively simple fix.

First, close out Outlook or Word. Than go to Start/Search or Start than type in the search box if you're a Windows 7 User. Search for a file called 'frmcache.dat'. When you find it, right click on the file and click 'Delete'. Now restart Outlook or Word.

Read more »

Windows Stop Codes and Blue screen of death troubleshooting.

If you ever get a BSOD(Blue Screen of Death) you know how frustrating it can be. Most times it's a change in the systems configuration or a hardware malfunction that's to blame. Trying to interpret these cryptic codes can be a real headache. In this article I am going to give you some useful tips on how to troubleshoot these stop codes and hopefully help you clear up any issues you have so you can get back to enjoying your computer.

When a stop code/BSOD occurs it's important to get pertinent information about the issue. Write down the stop sodes which look like this:  0x0000000. There are quite a few so being exact is important. The next thing you need to do(after you reboot of course) is check the system logs for more information. If you can not get the system to reboot, or the BSOD happens quickly after you get back to the desktop there are other things you can do which I will get to later on in the article.

Image via Wikipedia

To get to your event logs either A.go to Start/Run and type 'EventVwr.msc' 
or open your 'control panel' and open 'administrative tools'. from administrative tools launch the 'event viewer'. In Windows 7 the event viewer is already categorized by the type of event and grouped together for easier viewing. In Windows XP the list is divided into 'application, 'system', and 'security' logs.
In viewing these logs you will see events labeled with the time and date and a symbol that represents what kind of error it was. There are warnings that look like a yellow triangle and more severe failures that look like a red circle with a white X in the middle.

Image via Wikipedia

This should give us a general idea of what caused the issue. If it's not immediately clear what may be the problem we start the more tedious troubleshooting.

• Remove any new hardware that may have been installed and it's associated drivers.
• Try updating the system board drivers and see if there are any new updates for your operating system via Windows update. 
• Check for viruses and malware.
• Check to make sure you have the latest BIOS installed, and try resetting it to the default settings.

I hope these tips were useful to you. If you need a complete list of stop codes or some more troublsehooting help go here.


http://www.aumha.org/a/stop.php

Read more »

Disable Unwanted Startup Scripts.

Whenever you install new programs, some of them will add an entry to your startup so they will start when Windows does. Too many programs running during startup can cause your boot time to become unbearable. There are very few programs that are necessary when you first boot in to Windows. Some examples would be your anti-virus software and your audio card software control icon. Some examples of unnecessary startup items would be instant messaging programs and other random utilities that can easily be run only when needed.

Most programs will allow you to create a quicklaunch icon when they are installed and they will also create an entries in your the programs section off of your Windows start button. If you have too many programs running at startup here is what you can do to remedy this.

In Windows XP go to Start/Run and than type 'msconfig'(without the single quatation marks) and hit 'ok'.

In Windows Vista and 7 click on the Windows 'sphere' than type 'msconfig'(again without the quotes) in to the dialog box and hit 'enter' on the keyboard.

Next click on the 'startup' tab.

Choose the items you want to disable and remove the check mark from them. Click 'apply. and than 'ok. Windows will ask you if you want to restart or exit without restarting at this point. The choice is yours. I recommend rebooting and testing to see if the changes you made have helped.

*WARNING* Be careful what programs you disable. If you disable certain items video or audio issues could occur. Programs such as your anti-virus and anti-malware programs may become disabled. If you are unsure about the item you are about to disable perform a google search about the item by it's name.

Read more »

Welcome to the Application Geek blog.

Here at Application geek we're all about finding the newest software applications, giving them a test drive and then giving you our honest opinion of them. This blog is going to focus mainly on Microsoft Windows applications but we will have guest writers blogging about MacOS and Linux/BSD.

Read more »