My documents are hidden!

Target Audience:Techs

Lately I’ve been seeing infections of rogue anti-viruses that are hiding people’s files in their”My Documents” folders, and warning them that there hard drive has critical error. Here are the tools I used to  fix the problem:

Process Explorer & Autoruns from Microsoft’s Sysinternals: To identify the rogue processes, terminate it, and prevent it from running again at start-

UnHide.exe from bleepingcomputer.com: This program unhides user files and is supposed to keep system files hidden.

SuperAntiSpyware: to clean up remaining bits of malware.

AccRestore v2.0:  On one system the Accessories Folder wasn’t just hidden it was deleted. I used this simple tool from Ramesh Srinivasan to fix it.

The final part is to educate users on safe browsing habits, and to offer anti-virus solutions.

I hope this has been useful in the battle against Malware.

-Nomad Computer Repair

Security Add-ons for Firefox

Firefox is my browser of choice. The number one reason for this is the add-ons that can be installed for increased functionality. Some of these add-ons are useful for making Firefox more secure. These are some of the add-ons that I recommend:

Adblock Plus
While I have some reservations about blocking ads, because they are so useful to businesses for bringing in new customers, they have also been a growing avenue of attack. Cyber-criminals have found ways of hacking ads that get posted on otherwise ‘safe’ websites. The website of The New York Times is a great example. Adblock Plus uses constantly updated lists to block ads from loading. This should theoretically stop some maliciously hacked ads from loading as well.

NoScript
What about malicious elements that aren’t ads? Well you can use NoScript to block all active elements from running in your browser. This will certainly add security to your browser, but it will make a lot of websites look much different. For convenience, you can set-up rules on a per-site basis.

Web of Trust
Web of Trust or “WOT” places color-coded dots next to results on major search engines, and one in your toolbar for your current page. Furthermore, it blocks poorly rated websites from loading with a big warning screen. These ratings are community based, and if you have this add-on you can rate and comment on sites yourself. The comments can be very useful for evaluating others’ experience with a specific website/company.

Long URL Please
This simple add-on will automatically lengthen any shortened URLs from services such as bit.ly. This way you can tell at a glance where they go.

PassIFox
PassIFox integrates the KeePass password management tool with Firefox. KeePass is a great program for generating and storing complex passwords. KeePass deserves its own blog post so look for one in the near future.

Better Privacy
This may be more privacy related, but the borders between privacy and security overlap. Better Privacy deletes Local Share Objects. Excerpt from the creators:

Why are LSO’s harmful?
  • they are never expiring – staying on your computer for an unlimited time.
  • by default they offer a storage of 100 KB (compare: Usual cookies 4 KB).
  • browsers are not aware of those cookies, LSO’s usually cannot be removed by browsers.
  • via Flash they can access and store highly specific personal and technical information (system, user name, .).
  • ability to send the stored information to the appropriate server, without user’s permission.
  • flash applications do not need to be visible to the user
  • there is no easy way to tell which flash-cookie sites are tracking you.
  • shared folders allow cross-browser tracking, all browsers use the same LSO folder
  • the company doesn’t provide a user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.
  • many domains and tracking companies make extensive use of flash-cookies.
  • flash-cookies are used to re-create data of deleted traditional cookies.

Qualys BrowserCheck
This one is new to me, but very handy. It checks to make sure your browser and its plug-ins are up-to-date. This can be particularly useful for techs.

In conclusion Firefox add-ons not only add functionality, and personalized touches to the browser, they can also help increase your security. If you do not have Firefox try it out now, and find out how amazingly customizable it can be.

-Be safe out there,
Nomad Computer Repair

Creating stronger passwords… that you won’t forget.

Audience: Everyone
Take a read through the following article and its follow-up. I think it has some great points about user passwords. I have already been recommending pass-phrases as a good option for sometime now. One thing that I would like to add to this author’s thoughts is to make sure you use different passwords for every website, computer, phone, etc. This is to secure against key-loggers or a hacked database giving up your password. To help memorize these unique passwords you can combine a word or phrase that reminds you of the specific website, device, etc. with a core pass phrase. For instance:
Computer pass-phase: The-King-of-ROFL-rules-his-tech
Facebook pass-phrase: The-King-of-ROFL-rules-his-friends
Just try not to make it something easily guessed if one is discovered… maybe add a random number?

http://www.baekdal.com/tips/password-security-usability

http://www.baekdal.com/tips/the-usability-of-passwords-faq

Let me know your thoughts on this.
====================================================
For those of us who can’t remember many passwords try out a password generator and manager like Keepass. The best part is it is portable, so you can put it on a usb drive. My favorite trick is to put it in Dropbox, so I have access to it on all my devices. Did I mention both these are free?