How-to: Remove Ransom-ware with Kaspersky Rescue Disk

Kaspersky Rescue Disk utilityFollowing our last security How-to, Identify the Troj/Urausy Ransom-ware infection, this describes using an anti-virus removal tool from Kaspersky to deal with the malware from my esteemed colleague’s laptop.

To create a bootable Kaspersky Rescue Disk, you will need a clean, non-infected, computer with Internet access and a DVD or CD burner, OR, if the infected machine lacks an optical drive, a USB flash drive you can wipe and install Kaspersky Rescue Disk onto.

You will also need to be able to call up a one-time boot menu (usually the f12 key at power-on) and make sure you can change the boot order in the infected machine’s BIOS so that you can boot into the Kaspersky Rescue Disk in place of your Windows install. Read more of this post

How-to: Identify the Troj/Urausy Ransom-ware infection

Identify the Troj/Urausy Ransom-ware familyAcknowledging the risk of turning this into ‘Security Theatre Monthly’, the latest malware How-to concerns a particularly duplicitous item of malware; what we now call ‘ransom-ware’. This is a malicious trojan which purports to be from a law enforcement agency; variations include the FBI, Interpol and in this case, the UK Serious Organised Crime Agency.

All variants lock your Windows machine under the bogus claim that you have been traced pirating material on the Internet and all demand on-line payment of a ‘fine’ to ‘unlock’ your machine. DO NOT PAY ANYTHING. It is a SCAM.

No law enforcement agencies do this. There are no criminal charges, no court proceedings, so why would you pay a fine? Read more of this post

How-to: Choose FAT, exFAT or NTFS file systems [Guest Post]

No, it’s not the latest diet fad. The story goes like this; I started to migrate a Windows Vista machine to Windows 7 (not for myself, I should add). When I plugged in an external drive for ‘Easy Transfer’  (this is Vista, so ‘easy’ is a relative term), the program decided it couldn’t cope with a FAT32 format drive.

I know; how long has that FAT32 drive sat around? Never mind. My choices to reformat are: exFAT or NTFS. What do I use? I’m no digital storage expert, but here goes… Read more of this post

How-To: Remove Rvzr-A.Akamaihd Pop-Up Virus

Rvzr-A.Akamaihd.Net Pop-Up ad-wareA colleague just got hit by another one of these insidious little blighters. We know how it got in - Internet Explorer 11 - but not the source. I suspect my colleague clicked on a close or cancel button in a pop-up which actually ran some malicious code. We know what and when it was installed - a program in this case masquerading as Rich Media Viewer, on May 16th. We got the full range of initial symptoms. We also got rid of it inside ten minutes, before it could do any further damage.

Rvzr-a.akamaihd.net is another unauthorised adware client; using a full range of false pages and pop-ups, it highlights web page text for adware popups, opens tabs onto Trojan pages when you open your browser, and initiates more popups when you open a new tab.

Fortunately it is relatively easy to exterminate, but do be aware there are new variants hiding under new names, so check for updated instructions on the web whenever you come across an instance of infection. Read more of this post

How-to: Upgrade from XP to Windows 7 OEM

Following on from the earlier post, XP eXPires, I’m now looking for the cheapest way of upgrading a variety of old hardware. Windows 7 is the better option over Windows 8 – lower hardware requirement, no touch screen, cheaper licensing for older software.

But there are plenty of SKU’s in both boxed retail and OEM versions. So what to go for? First, a couple of definitions:

OEM – Original Equipment Manufacturer. This is the version Microsoft sells to PC builders to bundle with new machines. Microsoft doesn’t support it; they expect the PC maker to support the customer. The OEM versions are available to small companies and private buyers (enthusiasts) in the same basis, on the understanding that the OEM windows version is sold together with a piece of hardware (that could be just a mouse). In reality, Microsoft is unlikely to verify this. Read more of this post

Windows 8 Divides – Part One

Windows 8.1 start screenMicrosoft has turned its face away from the enterprise and the stalwart ‘home’ user in an all-out bid for the hearts and minds of a new generation. And it’s not working. Did someone say ‘convergence?’

The battle lines are firmly drawn over Windows 8. On one side is the (dying) breed of PC professional who manages and maintains PCs. For them, the operating system is only a tool for getting the job done and the Not-Metro-Modern-UI interface gets in their way.

On the other side, casual user who uses their commodity PC to surf the Internet, send email, self-obsess on social media and play a few games. These folks don’t give a hoot about operating systems as long as the interface serves up some colourful, fat icons to click to get to an app. Everything these days is an ‘app.’

These folks don’t know the difference between Internet Explorer and Windows Explorer; to them Internet Explorer IS the Internet. Microsoft Office IS Microsoft Windows and file management is a pain. Read more of this post

How-to: Remove Text Enhance Adware

Text Enhance c**pware in browserText Enhance is one of those pesky, flash-based, adware, garbage packages, categorized by computer security experts as a browser hijacker, and by the rest of us as illegal, immoral c**pware. It attaches itself to internet browsers as an extension with cookies, without user consent.

Text Enhance is not a legitimate in-text advertising service; the website does not offer a download for the extension, nor is it listed in any browser’s extension database. It behaves like a virus. Text Enhance does not infect websites themselves, just your browser’s view of them.

Victims of Text Enhance find that webpages become filled with links for pop-up, spam advertisements; “in-text advertisements.” The owners of Text Enhance provide advertising services to cyber-criminals and unethical third parties, in addition to compromising and selling on personal information. It has been around since at least 2011, it is still infecting browsers in 2014, with Internet Explorer proving particularly vulnerable. I know, I had to exterminate the little swine from a machine earlier this year. Read more of this post

Follow

Get every new post delivered to your Inbox.

Join 81 other followers