O. T. Malwarebytes issue:

[J. P. Gilliver (John)]

In message <[email protected]>, Paul <[email protected]>
writes:
[]

That's the problem with finding answers with search tools,
is they place no priority on recent results. Like if
other people were experiencing error 53 in Jan.2014,
the search engine would instead try to show me results
from 1993 instead :-(

Paul

I have http://www.google.co.uk/advanced_search?hl=en as my home page (I
presume there's a non-UK equivalent if that bothers); since I can use it
the same as the normal Google page just by using the top box, I lose
nothing by using that one instead, but it gives me lots of extras,
including (though admittedly it's further down than it could be) a "last
update" dropdown, where I can select anytime (the default), past 24
hours, past week, past month, or past year.

Admittedly, I'd often like better granularity (e. g. past 3 months)
and/or to be able to select a _range_, and also the results aren't
_sorted_ by date (that may be possible, I'm not sure), but it certainly
is better than nothing.

(
https://support.google.com/websearch/answer/136861?p=adv_operators&hl=en-GB
gives some extra hints, though not how to sort by date.)
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

The sun, with all those planets revolving around it and dependent upon it, can
still ripen a bunch of grapes as it if had nothing else in the universe to do.
-Galileo Galilei, physicist and astronomer (1564-1642)

 

[J. P. Gilliver (John)]

In message <[email protected]>,

At any rate, I decided to give it a try but
when I tried using F12 to change the Bios
it didn't work and neither did F8 or F2.

Do I need to go into Safe Mode with Networking
to do this?

[]
If you're getting as far as the screen that gives you the option of
choosing Safe Mode with Networking, you're still booting from the hard
disc.

Other keys to try - I haven't been following the thread so don't know
what computer you have, and wouldn't know which key anyway if I did -
include Del[ete]. Unless it has been turned off (some BIOSes allow
this), you _should_ see on screen when you turn on/reset the computer, a
message telling you which key to press to get into the BIOS - but
usually only for a second or so. Sometimes, however, the switching of
resolutions that happens at that point (they usually boot in something
like 640 × 480!) causes the _monitor_ to blank itself momentarily, which
can mean you miss seeing that screen. (I've even heard of some
flatscreen monitors that won't even work at such a low res, though not
sure if I've encountered that; if that is the case you'd never see the
prompt screen.)

Sometimes, the first thing on screen after powerup is a brief flash of a
screen from the graphics card, followed by the BIOS screen, which may
well have "American Megatrends" somewhere prominent (or other BIOS
manufacturer - AM were the commonest for a long time). If it has a
graphic splash instead of text, you may need to go in two stages -
there's sometimes text at the bottom of the graphic splash telling you
which key turns off that graphic splash.

(As others have said, if your motherboard has a PS/2 [small round, same
as SVHS video] socket - usually two of them, one for the mouse [green]
and one for the keyboard [purple], though not always - you may need to
borrow such a keyboard [e. g. from work!] to get into the BIOS; mobos
that have PS/2 keyboard sockets don't always recognise a USB one at
boot, or can be set not to, which is a setting you can't change if you
only have a USB one!)
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

The sun, with all those planets revolving around it and dependent upon it, can
still ripen a bunch of grapes as it if had nothing else in the universe to do.
-Galileo Galilei, physicist and astronomer (1564-1642)

 

[Ben Myers]

Hello Paul,
I tried again to create a Kaspersky
Rescue Disk

and this time it said I was successful.
Although afterwards it gave that same
message of being unsuccessful?
At any rate, I decided to give it a try but
when I tried using F12 to change the Bios
it didn't work and neither did F8 or F2.
Do I need to go into Safe Mode with Networking
to do this?
Thoughts/suggestions?
Robert

F2 seems to be the correct key. Be sure to use a USB port on the rear of the computer
for the keyboard, since the manual says using one on the front can cause problems. If this
doesn't help, try connecting a PS/2 keyboard temporarily. Once you get into the BIOS
setup and reenable the USB controller, you can try going back to the USB keyboard.

Ben

 

[JAS]

Hello Paul,

I've restarted and re-booted and pressed F12 each time from start-up
and it doesn't respond. It simply logs on and ignores the F12 keystrokes.

I deleted all content from the USB key beforehand. Perhaps I need to
just buy a new one? However that isn't the issue. The issue is that the
computer is not responding to F12 or F8. I will keep trying however.

As for scanning drives I only have the C: drive.


Here's the situation with my computers; AdwCleaner shows both
computers clean.

I have a Dell Dimension 8200(Seagate Barracuda 7200 HD 160Gb)
with XP, SP3, with Spywareblaster, Avast, and Windows
firewall

At present, quick lauch toolbar keeps disappearing, I am unable to
install malwarebytes or SUPERAntiSpyware. When I tried to install
SUPERAntiSpyware again it gave me this:

Install Error
Error Creating shortcuts, aborting installation

I then ran another JRT scan which came up clean.

I check my USB Key and this is what it has:

Rescue folder file folder
liveusb file
syslinux.cfg CFG file

I opened the Rescue folder and this is what it has:

Help folder file folder
grub application
rescue disk image file
rescueusb disk image file

but I am able to go into the Bios. The Kaspersky Rescue disk didn't
work on the 8200 but a CD/DVD disk would.

I have a Dell XPS 8500, with Windows 7 Professional, SP1,
with Spywareblaster, SUPERAntiSpyware, Malwarebytes, Avast, and
Windows firewall.

(1) TB HD
Intel (R) Core (TM) i7-33-3770 CPU @ 3.40 GHz 3.40 GHz
Ram 12.0 GB
System type : 64-bit operating system

At present, I am unable to enter into the BIOS via F12 nor does F8
function.


Thoughts/suggestions?
Robert

Are you pushing and holding the key , if so you need to continually tap
on it -it will beep along and finally give an option page.

 

[magineer02]

Hello Paul,

That did it! I click the Ff key and I was
able to go into the BIOS. However I was leery
of doing anything. So if you could kind of walk
me through it I would appreciate it.

Thanks,
Robert

 

[Paul]

Hello Paul,

That did it! I click the Ff key and I was
able to go into the BIOS. However I was leery
of doing anything. So if you could kind of walk
me through it I would appreciate it.

Thanks,
Robert

Using F12, access the popup boot menu. Select
your USB key as the boot device.

In this picture, press any key.

http://support.kaspersky.com/images/krd_4470_2_en13-125079.png

Next step is select a language.

http://support.kaspersky.com/images/home_krd_8095_01_en13-142994.png

Press the "1" (one) key, to accept the terms of usage.

http://support.kaspersky.com/images/home_krd_8005_01_en13-140848.png

Using graphical mode is fine.

http://support.kaspersky.com/images/4122(3)en13-129574.jpg

So that's the end of the pictures.
Other steps include...

You'll see a "mounting disks" dialog appear on the screen
and a progress bar. The program will check all the partitions.

If the computer you're using it on, has more than one OS
installed, the program will ask you which OS you're using.
Like WinXP or Windows 8 or something. Indicate which is
your normal OS. The drive letters assigned to partitions,
will be extracted from the registry of the selected OS.
So if WinXP is on C:, and you tell it WinXP is your OS,
then the WinXP drive should end up as C:.

When the scanner dialog eventually appears on the screen,
there will be two tabs. One of the tabs is labeled "Update".
You select that tab first, look for a button like "Update Now".
The program will attempt to connect to the Kaspersky site.
If this doesn't work, then your broadband modem must not be
set up for DHCP, and you won't be getting any updates.

At this point, either the Updates Complete or similar will
appear, or you will have given up on getting updates.
Select the other tab, which has the scan items in it.
(You can still scan with a database which is not
up to date. Getting updates is a slow process, but
it ensures the database is current and you get the
best quality of scan that way.)

Two items will already be selected in the partition
selection menu. But your C: drive won't be selected at
this point. You could click C: and have three items
ticked in the list. You could in fact, select all the
partitions if you want, but scanning all of them could
take a while. It's not the fastest scanner.
Since one of your machines has a pretty impressive processor,
it's going to scan faster than it does on my machine.

Once you've made your partition selections (the tick boxes),
you click whatever button is there to start the scan.

Now, if the program finds something, you have options
such as Quarantine or Skip. For your first run, you can
Skip every item. The detection notification box will
disappear on its own, if you don't react to it.

You could repeat this exercise a second time, and
select Quarantine on a second run. So no detections
get wasted by Skipping at this point. A thing Skipped
today, can be Quarantined tomorrow.

Eventually, the "percent done" will hit 100%. One of the
last steps of the program (at around 99%), is it scans
the C:\Windows folder for malware. It will eventually
tell you it is finished. If the Report does not appear
on the screen, use the Report button at the top of the
scanner dialog. You can get a detailed review, click
the (+) sign to expand the entry, and see whatever
stuff there is to see.

There is also a Save button in the Report window,
which should be near the top. You can actually
save to the C: drive if you want, so that the
Report will be available when you're back in Windows.
You can navigate to /discs/C:/ and store your
report.txt or whatever, on /discs/C:/ Then, back
in Windows, the report.txt file should be on your
C: drive as C:\report.txt.

Near the bottom left of the screen, is a menu. In there
will be a shutdown item, and that's how you cleanly exit
the OS. The OS will dismount the partitions cleanly,
then it will restart the computer (or maybe shut down
the computer, depending on whim). You could press F12,
and when the popup boot menu appears, unplug the USB key
and use the cursor keys to select your WinXP hard drive,
for booting purposes.

That's a brief rundown.

For a first attempt, you should answer "Skip" to any infection.
You should attempt to save the Report.txt file, to somewhere
that you will be able to access it later, like /discs/C:/Report.txt
or similar. That's enough for a first run.

If you were to do any quarantining with the program,
that folder had better be on the C: drive as well.
Because you want the quarantined files to continue
to be accessible later. If there is a false positive
for example, and you quarantine the wrong thing, you
may need to put it back into its original folder
later. And this is why I'm not attempting to quarantine
anything for the moment. Just run it and collect offline
scan information, for starters.

Pluses for this tool:

Large, free, signature database (signature based scanning)

Cons for this tool:

Since Windows is not running, no heuristic/behavioral
detection is possible. But plenty of nasty stuff, like
the presence of TDSS, can be done from here.

*******

I had attempted to do a screen capture of a Kaspersky
session, using CamStudio, but it corrupted the movie
and spoiled it. So I had to give up, and just write
you a text message instead.

HTH,
Paul

 

[J. P. Gilliver (John)]

Hello Paul,
That did it! I click the Ff key and I was able to go into the BIOS.
However I was leery
of doing anything. So if you could kind of walk me through it I
would appreciate it. Thanks,
Robert

Using F12, access the popup boot menu. Select
your USB key as the boot device.

In this picture, press any key. [Kaspersky start picture]
So that's the end of the pictures.[/QUOTE]
[rest of notes on Kaspersky]

I read magineer's nervousness as being about how to change things in the
BIOS, not how to use Kaspersky (he'll need that too).

magineer, once you've got into the BIOS (really, the Ff key?), you'll
need to find where the boot device sequence is set - it will be a
sequence such as floppy first, then hard disc, then CD, then USB, or any
permutation of those. Unfortunately, different BIOS manufacturers set
things out differently, so I can't describe how to get to that part; if
you can post a picture of what you see when you _do_ get into the BIOS,
I (or probably someone else better) can tell you how to proceed.

 

[Paul]

Hello Paul,
That did it! I click the Ff key and I was able to go into the BIOS.
However I was leery
of doing anything. So if you could kind of walk me through it I
would appreciate it. Thanks,
Robert

Using F12, access the popup boot menu. Select
your USB key as the boot device.

In this picture, press any key. [Kaspersky start picture]
So that's the end of the pictures.

[rest of notes on Kaspersky]

I read magineer's nervousness as being about how to change things in the
BIOS, not how to use Kaspersky (he'll need that too).

magineer, once you've got into the BIOS (really, the Ff key?), you'll
need to find where the boot device sequence is set - it will be a
sequence such as floppy first, then hard disc, then CD, then USB, or any
permutation of those. Unfortunately, different BIOS manufacturers set
things out differently, so I can't describe how to get to that part; if
you can post a picture of what you see when you _do_ get into the BIOS,
I (or probably someone else better) can tell you how to proceed.

F12 is for popup boot.

It does not make a permanent change to the boot order.

F12 presents a list of boot devices currently present.
If the Kaspersky USB key is present, it'll appear in
the list of devices. The cursor keys can be used to select
the key, then hit enter.

And the USB key should then start to boot.

Once the PC is shut down, after the Kaspersky run,
you can go back to letting the PC boot automatically,
as no permanent change to boot order, was made that
way.

Paul

 

[J. P. Gilliver (John)]

(e-mail address removed) wrote:
Hello Paul,
That did it! I click the Ff key and I was able to go into the
BIOS. However I was leery
of doing anything. So if you could kind of walk me through it I
would appreciate it. Thanks,
Robert


Using F12, access the popup boot menu. Select
your USB key as the boot device.

In this picture, press any key. [Kaspersky start picture]
So that's the end of the pictures.

[rest of notes on Kaspersky]
I read magineer's nervousness as being about how to change things in
the BIOS, not how to use Kaspersky (he'll need that too).
magineer, once you've got into the BIOS (really, the Ff key?),
you'll need to find where the boot device sequence is set - it will
be a sequence such as floppy first, then hard disc, then CD, then
USB, or any permutation of those. Unfortunately, different BIOS
manufacturers set things out differently, so I can't describe how to
get to that part; if you can post a picture of what you see when you
_do_ get into the BIOS, I (or probably someone else better) can tell
you how to proceed.

F12 is for popup boot.[/QUOTE]

In all BIOSes? (Or has it been revealed in an earlier post in this
thread that I've missed, what computer magineer is using, and you know
the BIOS?)

 

[Paul]

In all BIOSes? (Or has it been revealed in an earlier post in this
thread that I've missed, what computer magineer is using, and you know
the BIOS?)

Somewhere a while back, we decided F12 was
the correct key with this machine, but the problem
was, none of the F keys were working, Turns out
the keyboard has an F-Lock. And toggling that
was enough to get it working.

The popup boot differs from machine to machine. The machine
in front of me (Asus) is F8. The Asrock across from me,
is F11. Just to give some idea how many choices there are.

Paul

 

[J. P. Gilliver (John)]

In all BIOSes? (Or has it been revealed in an earlier post in this
thread that I've missed, what computer magineer is using, and you know
the BIOS?)

Somewhere a while back, we decided F12 was
the correct key with this machine, but the problem
was, none of the F keys were working, Turns out
the keyboard has an F-Lock. And toggling that
was enough to get it working.

The popup boot differs from machine to machine. The machine
in front of me (Asus) is F8. The Asrock across from me,
is F11. Just to give some idea how many choices there are.

Paul[/QUOTE]

But then there is this "popup boot" you describe, which is something
I've never heard of - I don't think all machines have it by any means,
as otherwise surely people would be recommending using it more often.
From the way you describe it, it's a way of _temporarily_ changing the
boot order.

What I understood magineer to have discovered is how to get into the
ordinary BIOS. Where - hopefully - he could change the (permanent,
though it could be changed back later by the same means) boot order.
_If_ his machine has a way of changing the boot order temporarily, that
would of course be better, but as I say I've never heard of that before,
so I don't think it's by any means common.

 

[Paul]

But then there is this "popup boot" you describe, which is something
I've never heard of - I don't think all machines have it by any means,
as otherwise surely people would be recommending using it more often.
From the way you describe it, it's a way of _temporarily_ changing the
boot order.

What I understood magineer to have discovered is how to get into the
ordinary BIOS. Where - hopefully - he could change the (permanent,
though it could be changed back later by the same means) boot order.
_If_ his machine has a way of changing the boot order temporarily, that
would of course be better, but as I say I've never heard of that before,
so I don't think it's by any means common.

Of the computers I have here, I have a couple that don't have this.
The rest have it. So it's been around for maybe eight years or so.
I don't think there was any announcement, of industry-wide availability
or anything. It eventually became more common. Maybe it appeared, after
the USB boot module was added (the one with the emulation modes
for USB booting). That probably increased the pressure, to have
a convenient option for removable media devices.

http://www.techmonsters.com/DellTra...n_2010/Inspiron/1564/1564/images/F12_Menu.jpg

That is a temporary menu, where the boot choice is not stored for
later. If you don't use it, the computer reverts to the choice
already stored in the BIOS setup screen. Using that, I can do a
"hands off" boot from my WinXP hard drive, or if I hit the appropriate
F key here, I can boot from a selected USB stick, or even an optical
drive, all listed in that style of popup boot menu.

On my laptop, with Insyde brand BIOS, the problem is the keyboard input
interval is so short, I hardly ever manage to enter the key in time.
And no setting is available in the BIOS, to extend the keyboard input
interval. You need ninja like reflexes, as the thing is off and
running (booting from hard drive), before the screen is even fully
lit up. The timing window is only one second. Whereas on my Asus motherboard,
I have close to 20 seconds to enter the popup boot key.

Paul

 

[J. P. Gilliver (John)]

J. P. Gilliver (John) wrote: []

But then there is this "popup boot" you describe, which is something
I've never heard of - I don't think all machines have it by any means,
as otherwise surely people would be recommending using it more often.
From the way you describe it, it's a way of _temporarily_ changing the
boot order.

[]
Of the computers I have here, I have a couple that don't have this.
The rest have it. So it's been around for maybe eight years or so.

OK!

magineer, if you're still with us, is this still making sense to you?
[]

That is a temporary menu, where the boot choice is not stored for
later. If you don't use it, the computer reverts to the choice
already stored in the BIOS setup screen. Using that, I can do a
"hands off" boot from my WinXP hard drive, or if I hit the appropriate
F key here, I can boot from a selected USB stick, or even an optical
drive, all listed in that style of popup boot menu.

I'll have to look out for it!
[]

 

[magineer02]

Hello Paul,

I guess I wasn't clear, I need help
in selected the boot sequence. I saw
the boot tab and clicked it but it
was more complex that the 8200 BIOS
menu.

So I backed out.

I appreciate everyone's input but bear
with me, I'm still recovering from
surgery.

Thanks,
Robert

 

[Paul]

Hello Paul,

I guess I wasn't clear, I need help
in selected the boot sequence. I saw
the boot tab and clicked it but it
was more complex that the 8200 BIOS
menu.

So I backed out.

I appreciate everyone's input but bear
with me, I'm still recovering from
surgery.

Thanks,
Robert

This is the difference, between a temporary boot
order change, and a permanent boot order change.

You enter the BIOS setup screen, to make permanent
changes to the boot order. Maybe that is F2.

Or, you can press F12 on that machine, to bring up
the temporary menu. You use the cursor keys and Enter
key, to select a device and temporarily use it as a
boot choice. This method is good for USB keys, which
are not plugged in all that often. Use the temporary
method to select them.

When the F12 menu is on the screen, you can also unplug
a USB key at that point in time. Obviously, selecting
it from the menu will no longer be possible then, but
it allows you to remove the device, before you boot
from the hard drive and return to your regular OS.
That is slightly less work, than allowing the regular
OS to boot, and using "Safely Remove" before unplugging
the USB key. After you're finished with it, of course.
When sitting in the F12 menu, that is already a
"Safely Remove" state.

Paul

 

[magineer02]

Hello Paul,

I went into the BIOS and changed the
boot order so that USB boots first then
restarted the computer but Kaspersky
didn't come up. I tried this several times.

I then checked the USB key and this
is what it has:

Rescue folder
Live USB file
syslinux.cfg

I opened the Rescue folder and it gave this:

help folder
grub
rescue
rescueusb

Thoughts/suggestions?
Robert

 

[Paul]

Hello Paul,

I went into the BIOS and changed the
boot order so that USB boots first then
restarted the computer but Kaspersky
didn't come up. I tried this several times.

I then checked the USB key and this
is what it has:

Rescue folder
Live USB file
syslinux.cfg

I opened the Rescue folder and it gave this:

help folder
grub
rescue
rescueusb

Thoughts/suggestions?
Robert

When you press F12 when the computer
first starts up, do you see a menu like this ?

http://www.techmonsters.com/DellTra...n_2010/Inspiron/1564/1564/images/F12_Menu.jpg

The brand name of your USB key, should appear
in the menu. Cursor down to it, then hit Enter.

There is no need to enter the BIOS setup screens
and do it in there.

Paul

 

[magineer02]

Hello Paul,

I followed your instructions; yes I do see
the same menu when I press f12. I selected
the USB key but when I restarted the computer
the Kaspersky did not load but loaded as normal.
I tried (3) times.

Robert

 

[Paul]

Hello Paul,

I followed your instructions; yes I do see
the same menu when I press f12. I selected
the USB key but when I restarted the computer
the Kaspersky did not load but loaded as normal.
I tried (3) times.

Robert

Did you read the screen when the Kaspersky started ?

It says to "Press any key", to have it *continue*
to boot from the USB key.

If you do not press a key on the keyboard within
ten seconds (the ten second countdown timer), it
reverts to booting from the hard drive.

9...8...7...6.... etc

This is similar to how some boot CDs work. The
first message they put up, warns you that they
are using a countdown timer, and if you don't
press a key to tell them to boot from CD,
they revert to the normal boot device. The
USB key is just emulating the same behavior.

They do it that way, so if you take your hands
off the keyboard, the computer behaves "normally"
and just boots from the hard drive. If you really
want to boot from the USB key (or a boot CD),
you have to be ninja-like, read the message
on the screen, and respond immediately.
Pressing the space bar is good enough, and
it's easy to give that a tap, at startup.

Paul

 

[Buffalo]

"Paul" wrote in message news:[email protected]...

Did you read the screen when the Kaspersky started ?

It says to "Press any key", to have it *continue*
to boot from the USB key.

If you do not press a key on the keyboard within
ten seconds (the ten second countdown timer), it
reverts to booting from the hard drive.

9...8...7...6.... etc

This is similar to how some boot CDs work. The
first message they put up, warns you that they
are using a countdown timer, and if you don't
press a key to tell them to boot from CD,
they revert to the normal boot device. The
USB key is just emulating the same behavior.

They do it that way, so if you take your hands
off the keyboard, the computer behaves "normally"
and just boots from the hard drive. If you really
want to boot from the USB key (or a boot CD),
you have to be ninja-like, read the message
on the screen, and respond immediately.
Pressing the space bar is good enough, and
it's easy to give that a tap, at startup.

Paul

Sometimes I get the feeling that magineer02 is screwing with you.
He/she/it seems to be totally unable to follow the simple instructions you
are giving he/she/it.
I admire your persistence, but I really have a lot of respect for your
knowledge and attitude and patience.
Thanks again!!!!!!!