Saturday, 30 April 2011

First Steps into MAC computers


My daughter has just bought her first MAC Book, I have never really ventured into Apple MAC's.

Being second hand and having lots of good software installed and no recovery dvd's for the Applications  I decided it would be good to image / Clone the MAC hardisk to a fairly new larger disk. I also wanted to make sure if I messed up the installation I could just pop teh old disk in.

The windows software I normally use doesn't support OSX. I had a hunt on the web and found lowendmac. who had a great article on their site. I used shirt-pocket.com SuperDuper software to make an image.

I connected my new disk via a usb Caddy, I used the MAC Disk Utility to erase (format) the new disk.
I installed SuperDuper and followed the instruction at lowendmac.  I opened up the MAC and popped the replcement disk in and it booted fine.

The previous owner had not installed any anti virus or updates, Sophos had a free MAC antivirus which was soon installed and a 1 trojan found.   

The office for MAC 2004 needed some updates and convertor to be installed so it can open .docx files.

Monday, 11 April 2011

Another home computer with another fake Antivirus!

"MS Removal Tool" Removal
Another home computer with another fake Antivirus! “MS Removal Tool” on a Windows 7 laptop.


How did I remove it?
1. Boot safe mode

2. Checked in the registry under Local Machine and Current user for Runonce entries, found 1 entry with a random name.

3. Ran Microsoft security essentials (full scan) which found a Trojan and removed it.

4. Searched on the runonce entry name and found a folder under program data.

5. (Warnings do not edit the registry unless you know what you are doing.)
I deleted the random named file from runonce.

6. Rebooted logged in and ran Microsoft security essentials and Spybot search and destroy.

The Laptop is now clean, I managed to surf the web, rebooted a few times and scanned a few times to make sure all had gone.
So what does Runonce do, it allows a program to runonce when the laptop/pc is started and logged in. This is why the software will keep reinstalling even if you think you have removed it.
Free Computer and laptop Security software
I have been impressed with Microsoft security essentials, which is free for home use. I have been a fan of AVG free for quite few years. There is no reason why every pc and laptop should not have Security software installed.

I have started to set windows 7 pc’s /laptops with two accounts with passwords a general non privileged account and a Super user account. My thinking is if something wants to install you should have to enter the Super user password to allow it.

Do you have thoughts on the Free antivirus product?

"MS removal Tool" if you follow the prompts you will end up entering credit card details but still be unable to use you machine. It will be cheaper to get your local PC man to clean up.



Friday, 1 April 2011

Malware that won’t go even in Safemode

I have recently seen a few computers with malware that won’t even go in safe mode.

Previously running in safemode has enabled me to remove startup entries and then start the clean up process.
I have found the following article which provides a starting point when you are unable to remove Malware in Safemode.
Good article on malwarehelp.org on removing malware

Getting to the command prompt
Press F8 when windows starts to boot, select “safe mode with Command Prompt”.

I am a keen fan of Spybot search and destroy and , Avg and some other tools and scanners.