Search This Blog

Friday, December 2, 2011

Remove Hard-to-Kill Malware

Are you sure the problem is malware? People often jump to that conclusion when there's something wrong with their PC, and in my experience that conclusion is more often wrong than right. There's a lot of malicious code in this world, but there's even more code that's merely incompetent. There's also a fair amount of worn-out hardware.
On the other hand, if you're experiencing any of the following symptoms, you quite likely have malware:
  • Your security software doesn't work properly, or refuses to update.
  • Common programs for configuring and repairing Windows, such as MSCONFIG and System Restore, don't work.
  • Messages from a program you never installed pop up and tell you that your computer is infected, your hard drive is dying, or you have some other serious problem. (See Watch Out for Rogues for more on this issue.)
  • Your browser's home page keeps changing to something you don't want, and/or your search results aren't what they should be.
  • Your computer slows down sometimes for no apparent reason. (This may not be malware. See Very Slow PC for more on this.)
But what if you've got one or more of these symptoms, yet nothing in your battery of malware-fighting programs finds something evil?
The solution is to use a Linux-based malware-fighting program that boots off a flash drive or CD-ROM. By working outside of Windows, and outside the hard drive's boot sector, these programs can better get around the malware's defenses.
I'm going to recommend two of them, both of which can boot off flash drives or CDs. They're AVG Rescue CD and Dr.Web LiveCD or LiveUSB. If one doesn't do the trick, try the other.

Posted by at No comments:
Labels: , , , , , , ,

Why is Taskhost Consuming So Much of My CPU?

Like the title character from Woody Allen's Zelig--who changes his political beliefs, ethnicity, and even his race to match those of the people around him--Taskhost.exe can become pretty much what any dynamic link library (.dll) file wants it to be. Libraries can only run through an .exe program file, and taskhost provides that service. This is why you'll often see multiple instances of taskhost running at the same time.
But this also means that if Taskhost appears to be hogging resources, some other file is really to blame. The hard part is tracking down and identifying just what .dll is the culprit.
I was unable to artificially reproduce this condition while working on this article. The screen captures below, therefore, show only a well-behaved taskhost.exe.
To see what taskhost (and other processes) are doing, right-click the taskbar and select Task Manager or Start Task Manager. Click the Processes tab. Click the Image Name column header to alphabetize the processes so you can easily find all of your currently-running taskhost.exe processes.
If you see a taskhost process with a large CPU number, scan for malware. Remember that if your PC really is infected, your regular antivirus program is quite likely compromised. So get a second opinion from one or more on-demand malware scanners.
If malware doesn't turn up, download and run Windows Sysinternals Process Explorer (you don't have to install it). Once loaded, you can find and point to the hoggish instance of taskhost.exe. To see what .dlls are using it, select View, then Show Lower Pane. Press CTRL-d to make sure you're viewing .dlls and not handles.
Hopefully, your bloated taskhost process won't be using as many .dlls as my well-behaved one.
Posted by at No comments:
Labels: , , , , ,

Run DOS programs in Windows 7

Here's the general rule: If the DOS program ran in XP, it will probably run in a 32-bit version of Windows 7. But no DOS program can ever run in a 64-bit version of Windows 7.
Except that there's a workaround. I'll explain it in a minute.
If you're not sure whether your Windows is 32- or 64-bit, click the Start orb, right-click Computer, and select Properties. Look for the System type.
You can launch most DOS apps in a 32-bit version of Windows 7 simply by double-clicking the DOS program's .exe or .com file. If it doesn't work, or if there are problems, right-click the file and selectProperties. Click the Compatibility tab. Check the "Run this program in compatibility mode for" option and select an older version of Windows. You may have to do some experimenting to find the right one.
And if none of those work, try the 64-bit solution below.
Actually, there are several solutions, all of which involve using software to create a virtual machine (VM) inside Windows. If you want to run a lot of different operating systems inside Windows, VMware Player is probably your best bet.
But if all you're only looking for is a way to run DOS programs, try DOSBox, a free program that launches a DOS VM. I can't promise it will work with every program you throw at it, but it worked for every one I tried.
Once you download and install DOSBox, here's how to set it up so that it can find and work with your DOS programs and files:
  1. Create a folder (just as an example, let's call it C:\DOSFiles) and place in it every program and file you want DOSBox to access. You can use subfolders within that folder.
  2. Click Start, type notepad and press ENTER to bring up Notepad.
  3. Click Start, and select All Programs, DOSBox-0.74 (the version number may change), Extras, Screenshots & Recordings.
  4. This will open Windows Explorer to a probably empty folder inside the DOSBox configuration folder. In the path bar at the top of the window, click DOSBox to go to that folder.
  5. Drag the file dosbox-0.74.conf into Notepad. (The .conf part will probably not be visible.)
  6. In Notepad, go to the bottom of the file, where you'll find the [autoexec] section.
  7. On a blank line at the end of the file, type mount driveletter path, where driveletter is the drive letter you wish to assign the folder to, and path is the path to that folder. For instance, mount a c:\dosfileswil make the C:\DOSFiles folder appear as DOSBox's drive A:.
  8. Save the file and launch DOSBox.
Posted by at No comments:
Labels: , , , , ,

Download and Install Packages for SAMBA - PART2


Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn't hard. If you need a refresher, Chapter 6, "Installing Linux Software", covers how to do this in detail.
Samba is comprised of a suite of RPMs that come on the Fedora CDs. The files are named:
  • samba
  • samba-common
  • samba-client
  • samba-swat

When searching for the file, remember that the RPM's filename usually starts with the RPM name followed by a version number as in samba-client-3.0.0-15.i386.

How to Get Samba Started

  • You can configure Samba to start at boot time using the chkconfig command:
[root@bigboy tmp]# chkconfig smb on
  • You can start/stop/restart Samba after boot time using the smb initialization script as in the examples below:
[root@bigboy tmp]# service smb start
[root@bigboy tmp]# service smb stop
[root@bigboy tmp]# service smb restart
Sometimes Samba may have an ancillary nmb daemon that also needs to be started. The syntax is the same as that for the smb daemon.
[root@bigboy tmp]# service nmb start
[root@bigboy tmp]# service nmb stop
[root@bigboy tmp]# service nmb restart
Note: Unlike many Linux packages, Samba does not need to be restarted after changes have been made to its configuration file, as it is read after the receipt of every client request.
  • You can test whether the smb process is running with the pgrep command, you should get a response of plain old process ID numbers:
[root@bigboy tmp]# pgrep smb

The Samba Configuration File

The /etc/samba/smb.conf file is the main configuration file you'll need to edit. It is split into five major sections, which Table 10-1 outlines:

Table 10-1 : File Format - smb.conf

SectionDescription
[global]General Samba configuration parameters
[printers]Used for configuring printersUsed for configuring printers
[homes]Defines treatment of user logins
[netlogon]A share for storing logon scripts. (Not created by default.)
[profile]A share for storing domain logon information such as "favorites" and desktop icons. (Not created by default.)
You can edit this file by hand, or more simply through Samba's SWAT web interface.

In the next PART we will find more about SWAT Web interface..!!
Posted by at 1 comment:
Labels: , , , , , ,

How to install Ubuntu Linux from USB Stick

This tutorial describes how to install Ubuntu by copying the contents of the installation CD to an USB memory stick (aka flash drive) and making the stick bootable. This is handy for machines like ultra portable notebooks that do not have a CD drive but can boot from USB media.
In short here’s what you do:
Prepare the USB flash drive
Boot the computer from your USB flash drive.
Install Ubuntu as you would from a normal boot CD
Prerequisites
A running Ubuntu 8.04 or any ubuntu version installation
A USB device (stick, pen-drive, USB hard disk) that has already been formatted with FAT32 and has enough free space to hold your Ubuntu installation image
A Ubuntu CD image downloaded from the Ubuntu servers or mirrors (*.iso file) or from here 
Step 1
On the root directory of your USB device, create a folder “install”
Copy the installer kernel and the initramdisk into this folder (Download source below.You need the files “vmlinux” and “initrd.gz”).
Download source for the installer kernel and initramdisk
For AMD64 Download from here
For i386 Download from here
You need to download the files “vmlinux” and “initrd.gz”.
Step 2
Note: You need to have the installer that fits the architecture of your Ubuntu version you want to install. In other words, you need a amd64 installer if you want to install an amd64 Ubuntu .iso image and the i386 installer for an i386 iso.
Step 3
From the installation iso image you downloaded, copy the folder “isolinux” to the root directory of your USB device (right-click on the .iso file, choose “extract here”). Rename “isolinux” into “syslinux”. Go inside the directroy “syslinux”. There, rename the file “isolinux.cfg” into “syslinux.cfg”.
Step 4
Make the stick bootable: Use fdisk to set the boot flag,
Install syslinux using the following command
sudo aptitude install syslinux
Now use syslinux to install a boot sector on your USB device
sudo syslinux /dev/sdbX
where sdbX is the device name and number of your USB device, check with “sudo mount”. A file called “ldlinux.sys” will be created in the root direcotry of the USB device.
Step 5
Copy the Ubuntu CD image in the root directory of your USB device (Contents of USB you can see as follows).If you are using i386 you need to copy the complete .iso image in to the root directory of your USB device.
Link:

Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)