Saturday 24 May 2014

Portable antivirus: and antimalware tools to carry with you at all times

Five portable antivirus and antimalware tools to carry with you at all times

Jack Wallen lists his five favorite portable antivirus / antimalware tools - the tools you keep handy for that inevitable security emergency. 
Let's face it, one of the primary jobs a Windows admin does is keep machines free of infection. It's inevitable - end users will open files, install cutesy apps, and go to sites they shouldn't. When they do these things, their machines get infected. When their machines get infected, you could wind up fighting a losing battle - unless you have the right tools.
Sometimes the antivirus tools installed on the machine just aren't enough. When that time comes, you'll be glad you have one (or more) tools on your USB drive to help you out. I've found five such tools that could certainly get you out of a serious pinch. All of these tools are portable and work like champs.
Sign up for TechRepublic's Five Apps newsletter!

Five Apps

1. ClamWin Portable

ClamWin Portable is very much like its big brother: It's free, open source, and does a great job of disinfecting machines. ClamWin has a very high detection rate, has frequently updated definitions, and has an easy to use graphical interface. The only caveat to using ClamWin is that it does not offer a real-time scanner - which is not an issue for a portable version. This is my go-to portable virus scanning software.

2. Sophos Anti Rootkit Portable

Sophos Anti Rootkit Portable is one of those tools you hope you never have to use; but you know, at some point, you will. Sophos is remarkably adept at locating root kits - especially for a portable app. Sophos: scans, detects and removes rootkits, is 100% free, supports Windows XP, Vista and 7, and works alongside your existing antivirus. I have found Sophos reliable enough to use even while the PC being scanned is in use.

3. Emsisoft Free Emergency Toolkit

Emsisoft Free Emergency Toolkit is a powerful malware removal tool that can scan for, and remove, over six million dangers to your PC. Emsisoft Free Emergency Toolkit has both a GUI and a command line version, so you can scan your machine even if there are problems with the GUI. With this toolkit, you not only get the malware scanner, you also get HiJackFree and BlitzBlank as well. Emsisoft offers the free download, or you can purchase a pre-compiled USB stick.

4. Vipre Rescue

Vipre Rescue is that tool you use when your machine is severely infected. Vipre is run in safe mode and does not depend upon a GUI tool for use. You double-click the executable and a command window opens with the scanner running (and running at blazing speeds). If you already use the full version of Vipre, you can still run this tool should your machine become so infected, Vipre will not run.

5. Spybot Search and Destroy Portable

Spybot Search and Destroy Portable is the portable version of the massively popular full Spybot Search and Destroy. This antimalware tool does a great job of finding and removing malicious software - all from your flash drive. Spybot has a unique feature that will help you backup your registry before you begin the scan. Should Spybot fubar your PCs registry, you have a backup to restore to - safe and sound.

Bottom line

You know that point is coming when you'll require the assistance of portable antivirus and/or antimalware. It's a shame that this is such a big part of our jobs, but it is inevitable. Make sure you are always armed with the tools to combat this plague by keeping a few of these portable apps along with you.

Also read:

Removing Delta search, Q search, and other unwanted toolbars from your computer

Removing Delta search, Q search, and other unwanted toolbars from your computer

These unwanted toolbars are a type of adware also known as browser hijackers. A browser hijacker changes your web browser's home page and default search provider to a different one without your permission. The toolbars are usually bundled with certain free programs that you normally download and install. These bundles include a licensing agreement that you must accept to download and install the software. The agreement applies to all software in the bundle including the unwanted toolbars. Since a licensing agreement was agreed to, Norton currently will not detect them as malicious even though the toolbar behaves suspiciously.
A few unwanted toolbars:
  • Babylon toolbar
  • Delta search
  • Delta toolbar
  • Facemoods
  • Qvo6
  • Search Assistant SearchWeb
  • Search result
  • Snap.do
  • Vitalia installer
To remove Search Protect by Conduit from your computer, read How do I uninstall Search Protect by Conduit from my computer?
Download and run the Norton Power Eraser to scan and remove the unwanted toolbars. If Norton Power Eraser does not remove the unwanted toolbars, then manually remove them by using the Add/Remove Programs or Uninstall a Program in the Control Panel

Download and run Norton Power Eraser

  1. Click Save.
  2. Select the location as Desktop, and then click Save.
  3. To run Norton Power Eraser, double click the NPE.exe file.
    If the User Account Control window prompts, click Yes or Continue.
  4. Read the license agreement, and click Accept.
  5. In the Norton Power Eraser window, click the Advanced Options icon.
  6. In the Advanced window, next to Unwanted Application Scan, click Scan Now to scan your computer.
    When Norton Power Eraser completes the scan, the results are displayed in the Unwanted Apps Scan Complete window.
  7. In the Unwanted Apps Scan Complete window, next to the unwanted application or toolbar, click Uninstall.
  8. Follow the on-screen instructions.
  9. When the uninstall completes, restart the computer.

Uninstall the toolbar

  1. Press the Windows + R keys to open the Run dialog box.
  2. Type in the following text, and then press Enter.
    appwiz.cpl
  3. In the list of currently installed programs, select the unknown toolbar, and then click Uninstall or Remove.
  4. Follow the on-screen instructions.
  5. When the uninstall completes, restart the computer.
Adware generally installs a new toolbar in your browsers and changes your default search engine setting to a third-party search engine. Depending on your browser, reset the browser settings to completely remove the unwanted toolbars and search engines.

Reset Microsoft Internet Explorer settings

  1. Start Internet Explorer.
  2. On the Tools menu, click Manage add-ons.
  3. In the Manage Add-ons window, under Add-on Types, select Toolbars and Extensions.
  4. If you find any suspicious toolbar listed, select that toolbar, and click Disable.
  5. In the Manage Add-ons window, under Add-on Types, select Search Providers.
  6. Select a search engine, and click Set as default.
  7. Select the unknown search engine, and click Remove and Close.
  8. On the Tools menu, click Internet Options.
  9. In the General tab, under Home page, enter the address of your preferred page.
  10. Click Apply and OK.
  11. On the desktop, right-click the Internet Explorer shortcut and select Properties.
  12. In the Internet Explorer Properties window, under the Shortcut tab, in the Target field, delete the text after iexplore.exe.
  13. Click Apply and OK to save the changes.
  14. Click Close.

Reset Google Chrome settings

  1. Start Google Chrome.
  2. On the top-right corner, click the Customize and control Google Chrome icon, and click Settings.
  3. Under Chrome, click Extensions.
  4. In the Extensions window, select the unknown extensions, and click the trash bin icon.
  5. Under Chrome, click Settings.
  6. In the Settings window, under On startup, click Set pages.
  7. In the Startup pages window, from the list of startup pages, select the suspicious entries and click X.
  8. Click OK.
  9. In the Settings window, under Appearence, select Show Home button, and click Change.
  10. In the Home page window, select Use the New Tab page and click OK.
  11. In the Settings window, under Search, click Manage search engines.
  12. In the Search engines window, select your preferred default search engine and click Make default.
  13. In the Default search settings list, select the unknown search engine, and click X.
  14. Click Done.

Reset Mozilla Firefox settings

  1. Start Firefox.
  2. On the top-right corner, click the Open menu icon, and click Add-ons.
  3. In the Add-ons Manager page, select Extensions.
  4. Check the list of extensions for suspicious entries. If any, select the extension and click Disable.
  5. Click the Open menu icon, and click Options.
  6. In the Options window, under General tab, click Restore to Default.
  7. Click OK.
  8. In the Firefox window, next to the URL field, click the down arrow and select Manage Search Engines.
  9. In the Manage Search Engine List window, select the unknown search engine, and click Remove.
  10. Click OK.

Conduit Search Toolbar: How do I uninstall Search Protect by Conduit from my computer?

How do I uninstall Search Protect by Conduit from my computer?

This document helps you to remove the potentially unwanted application, Search Protect by Conduit.
This article is not applicable for Windows XP users. For further assistance, contact our Spyware & Virus Removal Service.
STEP 1

Uninstall Search Protect by Conduit

  1. Press the Windows + R to open the Run dialog box.
  2. Type in the following text, and then press Enter.
    appwiz.cpl
  3. In the list of currently installed programs, click Search Protect, and then click Remove or Uninstall.
  4. Follow the on-screen instructions.
  5. When the uninstall completes, restart the computer.
STEP 2

Remove Conduit folders, files, and image files

  1. Navigate to C:\Program files (x86) or C:\Program files
  2. Press the Windows + R keys to open the Run dialog box.
  3. Type in the following text, and then press Enter.
    control folders
  4. In the Folder Options window, under View tab, select Show hidden files, folders, or drives.
    Uncheck the option Hide protected operating system files (Recommended).
  5. Click Apply and OK.
  6. Press the Windows + R keys to open the Run dialog box.
  7. Type in the following locations one by one, and then press Enter.
    Navigate to each location and delete all the folders related to Conduit.
    • %AppData%\Conduit
    • %AppData%\searchprotect
    • %AppData%\Conduit\ChromeExtData
    • %AppData%\Conduit\ChromeExtData\kdfbddbdpnahdahmamlolacimfdbeckk
    • %AppData%\Conduit\ChromeExtData\kdfbddbdpnahdahmamlolacimfdbeckk\Repository
    • %AppData%\CRE
    • %Temp%\CT3281675
    • %Temp%\CT3281675\plugins
    • %ProgramFiles%\Conduit
    • %ProgramFiles%\Conduit\CT3281675
    • %ProgramFiles%\Conduit\CT3281675\plugins
STEP 3

Backup the Windows registry

  1. Press the Windows + R keys to open the Run dialog box.
  2. Type in the following text, and then press Enter.
    regedit
    If the User Account Control window appears, click Continue.
  3. On the File menu, click Export.
  4. In the File name box, type a name that you will remember, such as Registry Backup.
  5. Select a location where you want to save the Registration Entries (.reg) file.
  6. Click Save.
Keep the backup file for a week or so, until you are sure that the changes that you made have not caused any problems.
STEP 4

Delete Conduit related registry keys

    These steps require an advanced understanding of the Windows Operating System. We highly recommend that an advanced user perform these steps.
  1. Press the Windows + R keys to open the Run dialog box.
  2. Type in the following text, and then press Enter.
    regedit
    If the User Account Control window appears, click Continue.
  3. Navigate to the following locations and remove all entries related to Conduit.
    Right-click on the entry, and click Delete.
    • HKEY_CURRENT_USER\Software\Conduit
    • HKEY_LOCAL_MACHINE\Software\Conduit
    • HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Conduit
    • HKEY_USERS\S-1-5-21-1895488484-4184314878-4136777622-1000\Software\Conduit
  4. On the Edit menu, click Find.
  5. In the Find window, next to Find what, type in the following text.
    Conduit
  6. Under Look at, select KeysValues, and Data.
  7. Click Find Next.
    The results are displayed on the right pane.
  8. Right-click on the entry, and click Modify.
  9. In the Edit String window, under Value data, delete the value or data.
  10. Click OK.
  11. Press F3 key to search for more entries.
    Delete the values as mentioned in Step 7 and 8. Perform this search until no more results are displayed.
  12. On the File menu, click Exit.
STEP 5

Reset Internet Explorer settings

  1. Press the Windows + R keys to open the Run dialog box.
  2. Type in the following text, and then press Enter.
    inetcpl.cpl
  3. In the Internet Properties window, under Advanced tab, click Reset.
  4. In the Reset Internet Explorer Settings window, check Delete personal settings option and click Reset.
STEP 6

Reset Mozilla Firefox settings

  1. Start Firefox.
  2. On the top-right corner, click the Open menu icon and, click Add-ons.
  3. In the Add-ons Manager page, select Extensions.
  4. Check the list of extensions for Conduit related entries (BrotherSoft Extreme, Search Protect, iWin Toolbar, etc).
    Select the extension and click Remove.
  5. On the top-right corner, click the Open menu icon and, click Options.
  6. In the Options window, under General tab, click Restore to Default.
  7. Click OK.
  8. In the Firefox window, next to the URL field, click the down arrow and select Manage Search Engines.
  9. In the Manage Search Engine List window, select Conduit related entries and click Remove.
  10. Click OK.
STEP 7

Reset Google Chrome settings

  1. Start Google Chrome.
  2. On the top-right corner, click the Customize and control Google Chrome icon, and click Settings.
  3. Under Chrome, click Extensions.
  4. In the Extensions window, select the add-on related to Conduit and click the trash bin icon.
  5. Under Chrome, click Settings.
  6. In the Settings window, under On startup, click Set pages.
  7. In the Startup pages window, from the list of startup pages, select the one related to Conduit Search and click X.
  8. Click OK.
  9. In the Settings window, under Appearence, select Show Home button, and click Change.
  10. In the Home page window, select Use the New Tab page and click OK.
  11. In the Settings window, under Search, click Manage search engines.
  12. In the Search engines window, select your preferred default search engine and click Make default.
  13. In the Default search settings list, select the one related to Conduit Search and click X.
  14. Click Done.