Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

General Security General Security
Search Search
Search for:
Tech Support Guy > > >

Solved: How to remove all traces of Kaspersky online scanner


(!)

Phantom010's Avatar
Phantom010 has a Photo Album
Computer Specs
Trusted Advisor with 32,318 posts.
 
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
19-Jan-2010, 02:31 PM #16
Quote:
The specific laptop you have has our Computrace agent in the BIOS which means, once you have successfully installed Lojack on that machine, the agent in the BIOS gets activated. Once the agent has been activated, in the event you or the thief decides to reformat, replace your hard drive or even perform an OS reinstallation, the Computrace agent in the BIOS will automatically reinstall LoJack back into the OS.

Quote:
It embeds itself in the BIOS. Formatting or replacing the HD won't remove the protection. I think the Lojack website sometimes doesn't immediately update the call-in verification. Give it a little more time. This from Lojack:

Once the BIOS agent is active, you will not need to reinstall LoJack for Laptops even if you do a system restore, hard drive format or a hard drive replacement. The only way to disable this feature would be to replace the entire Motherboard or remove LoJack for Laptops via our website by performing a Remove or Transfer. This will remove LoJack for Laptops and send a signal to turn off the BIOS agent on the computer which it was installed on.
http://forum.notebookreview.com/showthread.php?t=221567
Veryfrustratedus's Avatar
Veryfrustratedus Veryfrustratedus is offline
Computer Specs
Member with 700 posts.
THREAD STARTER
 
Join Date: Dec 2009
Experience: Intermediate
20-Jan-2010, 06:42 PM #17
Hi again,I just noticed that when I set items in the options in FF they don't remain permanent. When I open a new window and look at options they are all back to what they were.
Clear recent history is greyed out.
I think this is sll related to this hidden driver.
I think I forgot to mention that the first time AVg alerted was after I had been watching furturama at watchxonlineDOTcom. It has been there since.
I went back to that site today and now it hijacks my FF browser and reroutes it and when I go back it reroutes it again. I'm pretty sure this is malware. It just doesn't make sense that something legit is so hard to find on the machine or to find anything about it.
I
Phantom010's Avatar
Phantom010 has a Photo Album
Computer Specs
Trusted Advisor with 32,318 posts.
 
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
20-Jan-2010, 08:34 PM #18
If you really think your computer is infected, please click on the Report button and kindly ask to be moved to the Malware Removal & HijackThis Logs forum. From there, be patient. You should get an answer within the next 48 hours. These guys are really busy!
Veryfrustratedus's Avatar
Veryfrustratedus Veryfrustratedus is offline
Computer Specs
Member with 700 posts.
THREAD STARTER
 
Join Date: Dec 2009
Experience: Intermediate
21-Jan-2010, 10:20 AM #19
I think I mentioned that I had already been to that forum and dvk01 didn't find anything. "Possible Keylogger?" is the thread.
I just discovered that my flashplayer settings manager isn't staying as I set it either. I've also started getting a lot of popups after I increased the level in IE which should have eliminated all of them. I've given up on FF until I figure out whats up. I did change the settings on a lot of activex to ask or don't allow, I thought I was increasing security but apparently something is letting them through.
I do think this may be meant to be a lojack, or at least look like one, but I believe it is being used to gain illegitimate access to my computer to make it a bot or to use "excess" processor speed for a gamer.

I just want you to know I appreciate all the effort and time you've put into this. I think I also mentioned that Toshiba is going to have someone contact me about this.

Thank You
Phantom010's Avatar
Phantom010 has a Photo Album
Computer Specs
Trusted Advisor with 32,318 posts.
 
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
21-Jan-2010, 10:48 AM #20
Since LoJack has been initially installed by Toshiba, I think they're best suited to address your concerns.
Veryfrustratedus's Avatar
Veryfrustratedus Veryfrustratedus is offline
Computer Specs
Member with 700 posts.
THREAD STARTER
 
Join Date: Dec 2009
Experience: Intermediate
29-Jan-2010, 12:53 PM #21
Hi again,
OK Toshiba denies loading anything and sidesteps my question about whether it was installed at manufacture by offering to have me send it back to them. It is out of warranty. $Ca-ching$ I suspect they activated it when they reset my BIOS password. Deciding whether or not intentionally, is up to ones temperment and experience.
Anyway as a test I completely erased the hard drive and reinstalled back to factory spec. An AVG scan turned up the same bugs indicating to me that it is in the BIOS. I am also having the same CPU problem, it is running at 90-100% all the time slowing everything down. My updates are having a heck of a time installing. To check whats what I tried diagnose and repair the connection and it stopped the cpu running at 100% for a few moments then it was right back up. Which says to me something online is connecting to my machine.

So I'm frustrated and stuck I don't know how to identify, find, or stop this problem. All scans and malware help has indicated no problems.
Could it be the mobo I got from ebay and installed? It gave me no trouble until I sent it to Toshiba for the recall password repair.

I'm hoping that updates is for some reason using the CPU so extensively even though I've not seen it do this before. At least now its at 29 of 55
Phantom010's Avatar
Phantom010 has a Photo Album
Computer Specs
Trusted Advisor with 32,318 posts.
 
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
29-Jan-2010, 12:57 PM #22
Quote:
It embeds itself in the BIOS. Formatting or replacing the HD won't remove the protection. I think the Lojack website sometimes doesn't immediately update the call-in verification. Give it a little more time. This from Lojack:

Once the BIOS agent is active, you will not need to reinstall LoJack for Laptops even if you do a system restore, hard drive format or a hard drive replacement. The only way to disable this feature would be to replace the entire Motherboard or remove LoJack for Laptops via our website by performing a Remove or Transfer. This will remove LoJack for Laptops and send a signal to turn off the BIOS agent on the computer which it was installed on.
Veryfrustratedus's Avatar
Veryfrustratedus Veryfrustratedus is offline
Computer Specs
Member with 700 posts.
THREAD STARTER
 
Join Date: Dec 2009
Experience: Intermediate
29-Jan-2010, 01:04 PM #23
Thx,
I spoke to them by phone and was treated like a criminal. I didn't appreciate that. I may try again. Apparently I have to find three year old proof of purchase and mail it in before they will give me anything usefull.

I knew that if it were a lojack it would still be there after a wipe and install, but since I couldn't find any information that satisfied I figured it would be a good test to see if it were a virus. I guess now I know its Lojack. That's more than I had.

Last edited by Veryfrustratedus; 29-Jan-2010 at 01:13 PM..
Phantom010's Avatar
Phantom010 has a Photo Album
Computer Specs
Trusted Advisor with 32,318 posts.
 
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
29-Jan-2010, 01:20 PM #24
They're not taking any chances in case you would be a computer thief trying to get information on how to remove the device...
Veryfrustratedus's Avatar
Veryfrustratedus Veryfrustratedus is offline
Computer Specs
Member with 700 posts.
THREAD STARTER
 
Join Date: Dec 2009
Experience: Intermediate
29-Jan-2010, 02:59 PM #25
It feels like extortion. Even the Toshiba li9nk to OEM installed products kicked back as invalid I had to send an email to general info. The only thing that was consistant about their site was the constant selling of the product that is ruining my computer.
Hmmm extortion sound more and mores like the tactic to me rather than security. I can't be the only one to have this problem there should be info on how to handle it easily available. There are methods to help me w/o compromising anyone.
Veryfrustratedus's Avatar
Veryfrustratedus Veryfrustratedus is offline
Computer Specs
Member with 700 posts.
THREAD STARTER
 
Join Date: Dec 2009
Experience: Intermediate
29-Jan-2010, 06:35 PM #26
I'm looking at rescource minitor and I don't know whats normal. I have about a million instances of avgcrsvx.exe running is that normal? My CPU is still running close to and at 100% all the time.
Veryfrustratedus's Avatar
Veryfrustratedus Veryfrustratedus is offline
Computer Specs
Member with 700 posts.
THREAD STARTER
 
Join Date: Dec 2009
Experience: Intermediate
30-Jan-2010, 07:42 PM #27
I've gone back to my thread in Malware removal thank you for the help. I'll let you know what happens.

very frustrated user
Veryfrustratedus's Avatar
Veryfrustratedus Veryfrustratedus is offline
Computer Specs
Member with 700 posts.
THREAD STARTER
 
Join Date: Dec 2009
Experience: Intermediate
01-Feb-2010, 09:24 AM #28
vinaya thank you. That wasn't my issue. I was removing Kaspersky as part of the process of elimination to narrow down the source of my problem.
Very Frustrated User
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑