My documents are hidden!

Target Audience:Techs

Lately I’ve been seeing infections of rogue anti-viruses that are hiding people’s files in their”My Documents” folders, and warning them that there hard drive has critical error. Here are the tools I used to  fix the problem:

Process Explorer & Autoruns from Microsoft’s Sysinternals: To identify the rogue processes, terminate it, and prevent it from running again at start-

UnHide.exe from bleepingcomputer.com: This program unhides user files and is supposed to keep system files hidden.

SuperAntiSpyware: to clean up remaining bits of malware.

AccRestore v2.0:  On one system the Accessories Folder wasn’t just hidden it was deleted. I used this simple tool from Ramesh Srinivasan to fix it.

The final part is to educate users on safe browsing habits, and to offer anti-virus solutions.

I hope this has been useful in the battle against Malware.

-Nomad Computer Repair

Advertisements

Malware Update

-GPU assisted Malware ups the threat level. http://www.theregister.co.uk/2010/09/28/gpu_assisted_malware/

-GMail security check-list. http://gmailblog.blogspot.com/2010/10/help-keep-your-account-safe-with-gmail.html

-Behind the scenes Malware cleaning: http://remove-malware.com/videos/new-video-cleaning-the-client/

-Best Malware Ever? http://www.computerworld.com/s/article/9185919/Is_Stuxnet_the_best_malware_ever_

-And finally make sure that you and your users KNOW what your Anti-virus interface looks like. Fake anti-virus programs are rampant. The best defense is still educating the end-user. http://www.net-security.org/malware_news.php?id=1452

I’ve also been enjoying a few podcasts over at “The Force Field” if you’re into tech, check it out.

Thanks for reading, check back soon, and be safe out there.

-Nomad

This week in Malware

– recommended audiences: Home-user to Tech

I would like to have a weekly recap of Malware news on my blog. I think this would be useful to raise awareness a among home-users and maybe help inform a few fellow techs out there. This is my first edition. Feel free to give me your thoughts on this idea.

Continue reading

Why read my blog?

I’ve been thinking a lot about the direction of this blog. Who do I want to cater to? What will I right about? And most importantly, how do I set it apart? Here are my current thoughts.

I want this blog to be helpful. The reason I started a computer repair business is because I saw a need for affordable, personal, convenient help among home PC users. I want this blog to be an extension of that helpful spirit. My blog will, therefore, focus on basic techniques and 3rd party programs to make the PC user experience more enjoyable.

Perhaps the biggest threat to the home user is the legions of Malware that abound on the “interwebs.” Because of the propensity of these threats, I will devote a lot of articles to viruses, spyware, trojans, rogues, etc. Prevention being worth gobs of cure – and easier too – I will endeavor to focus on preventative measures and education.

I, myself, am interested in some more technical aspects of computing. And, I believe it is important to share helpful information with other techs. Therefore I will write more technical articles from time to time. Because of the varying degree of technicality to my articles, I feel I should add a difficulty level to further articles.

But how will I set my blog apart? Well, a primary focus on home-users is one key item. Other than that, I am open to ideas. Please leave your comments letting me know what you would like to see.

Post Malware Clean-up: Disable Proxy Settings

Often times a piece of Malware will change your Proxy Settings to intercept all communications from your Computer. If you have cleaned an infection, and are still experiencing trouble loading web pages your Proxy Settings may have been changed. To check these settings do the following (Pictures taken from Windows 7, other versions have similar steps):

  1. In the Control Panel click “Network and Internet.”Control Panel
  2. On the subsequent menu select “Internet Options.” This will open the  Internet Properties menu. (This is the same menu as the one accessed through Internet Explorer.  I feel safer with this method though, as not opening IE will prevent a browser misdirect. Also note, these settings can affect all browsers)
  3. Click on the Connections tab.Change Windows Proxy Settings
  4. Click the LAN settings Button. You can now see the Proxy Settings
  5. Most home users will simply want to un-check the box next to “Use a proxy server…” If you connecting through a legitimate proxy you will instead need to contact your network administrator for the actual address to enter here.
  6. Click okay
  7. Click okay

You may also want check out my article from a few days ago on how to reset TCP/IP settings. Enjoy!