Technical Tips From A NYC IT Consultant

tips and opinions

Posts Tagged ‘antivirus

Google Sees Fake AV Threat — InformationWeek

leave a comment »

Something I’ve been seeing alot of lately, Fake AVs

Fake anti-virus software is on the rise and currently accounts for about 15% of all malware detected, according to a forthcoming report from Google.Fake anti-virus software purports to be software than can find and remove malware. But in fact it’s malware, the very thing it’s supposed to eliminate.

Fake AV software typically pretends to scan the victim’s computer and to find some form of malware, at which point it seeks payment from the victim to remove the non-existent malware.

Whether or not there’s a payment, the fake AV software may install more malware.

Google Sees Fake AV Threat — InformationWeek.

Written by nyctechguy

April 15, 2010 at 2:04 am

helper.dll and _helper.dll removal

leave a comment »

Problem: User has Trojan/Adware BHO

Symptoms:

  • Internet Explorer crashes
  • Performance degradation. Took more than 10 minutes to log into the computer
  • At bootup/startup, the “C:\Program Files\Common” folder opens up automatically and contains helper.dll and _helper.dll
  • Popups/Ads indicating viruses are present

How to remove helper.dll and _helper.dll
1. Download and run HijackThis
2. You will probably see two entries like these:

  • O2 – BHO: Browser Helper Object – {AFD4AD01-58C1-47DB-A404-FBE00A6C5486} – C:\Program Files\Common\_helper.dll
  • O18 – Filter: text/html – {921b3402-a7b7-411d-84a6-70f617503fe9} – C:\WINDOWS\system32\dsound3dd.dll

3. Place a checkmark next to both and click on “Fix checked”
4. Download, install, and run CCleaner
5. Download, install, and run Malwarebytes (don’t forget to update the definitions before scanning)
6. Scan your machine using AntiVirus software
Online Scanners:

Or Download:

7. After bootup, you still may have an issue with the “C:\Program Files\Common” folder opening up automatically. Delete the folder since it was created by the Trojan, it should be empty; and is not necessary. If you want to keep it,you can also do the following:

1. Open up the registry (via regedit.exe)
2. Navigating to the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
3. Make sure all Data values under this key are surrounded by quotation marks.
4. Exit out and reboot.

For more information on this particular threat:

Conficker Eye Chart

leave a comment »

Worried you might have the Conficker virus? Here’s a quick and dirty way to check:

Conficker Eye Chart

Written by nyctechguy

May 1, 2009 at 7:17 pm

Essential Free Downloads For A New PC (Or An Existing PC)

leave a comment »

If you just bought a new desktop or laptop, no doubt it came with 30-Day trials of typical well known AntiVirus, AntiSpyware applications along with a host of other applications whose licenses expires within 30 to 60 days. The good news is, you can let them expire. The reason being, there are plenty of just as good, if not better, freeware applications out there, that can take their place. In this post, I’ll outline a list of freeware applications that I think are essential and should be installed on any desktop or laptop running Windows XP and Vista. Full disclosure, I don’t get paid to recommend these applications. I just use them myself and have found them to be very reliable, without any spyware, adware, or virus attached to them. Now without further ado:

Thirteen Essential Freeware Applications:

  1. Browser: Firefox with AdBlock, WOT, DoNotTrackMe and if you’re really paranoid (like me), get NoScript and FlashBlock - Your PC or Laptop undoubtedly came with Internet Explorer. But Firefox is simply a faster browser with better plugins. Tired of seeing advertisements and bright, flashing banners on the websites you visit? Try the AdBlock plugin and you’ll never (almost) see ads again. WOT stands for Web of Trust and it  warns you of unsafe website links.  The DoNotTrackMe add-on blocks online tracking. It blocks ads and cookies with tracking, and prevents data collection. NoScript basically prevents JavaScript, Java and other executable content from running without your approval. FlashBlock prevents flash content from running. Be warned though. NoScript and Flashblock can basically break a webpage. That is, pages may not look right when the initially load. You’ll have to manually allow scripts and flash content to run.
  2. AntiVirus Software: Microsoft Security Essentials or Avira – With it’s realtime protection, automatic updates, MSE and Avira are  excellent alternatives to paid  antivirus products. A highly configurable application, Avira guards against viruses by scanning downloaded files or email attachments. Similarly, another quality antivirus application is Microsoft Security Essentials. I previously  recommended AVG, but it’s become more bloated. I loved it at  version  7.5 , which will be dearly missed. Microsoft Security Essentials has realtime protection and automatic updates, and just like Avira, you basically install it and let it do it’s thing. In both cases, you can do scheduled scans – which I think is an important feature. For example, I have MSE scan my entire system starting at 1 AM every Saturday morning.  Avira has a fully featured edition which cost money, but the free home/personal edition is  perfect for the average home user.
  3. AntiSpyware Software: Malwarebytes and SuperAntiSpyware – Malwarebytes can scan and eliminate tracking programs, cookies, keyloggers, spyware, hijackers, and trojans. A good program, it unfortunately does not provide realtime protection. SuperAntiSpyware, despite having a name that sounds like a bogus AntiSpyware program, it actually works.  My first experience with the software was when I used it to remove a varient of the Vundo trojan off a friend’s computer.  The only drawback is that updates are manual and there is no realtime protection. Install both and run them manually biweekly.
  4. Browser Hijacks: HijackThis along with the Log Analyzer – An application that actually falls under the AntiSpyware category, HijackThis scans your machine for settings that may have been changed by spyware programs. For example, if you have alot of popups or if your google/yahoo searches lead you to shopping websites, your browser may have been hijacked. HijackThis will scan your machine and create a log file [select “Do a system scan and save a log file”]. You take the log file to the Log Analyzer page to get an interpretation of the results, giving you an idea of what’s good and what’s bad. Just like AdAware, you usually don’t need this program unless you unwittingly installed some “search assistant” or “shopping assistant” program or some third party wallpaper/screensaver that came with some “extra goodies”, that you really weren’t aware of.
  5. Firewall: Comodo Firewall Pro and Zone Alarm- If you have a router at home (if you don’t you should!!), that will protect you from incoming attacks. The router typically has firewall functionality built in, that will make your internal PC invisible to the outside world. A software firewall, on the other hand, installed on your PC, will protect you against malicious outgoing traffic. It will allow you to control which software programs on your computer has access to the internet. By using a software firewall, you can see which programs are trying to get out to the internet, either to access info (such as program updates, antivirus updates) or send info (such as your personal searching habits). Zone Alarm works well in giving you this type of protection, displaying alerts when applications try to connect out. It is good for the novice user who wants a general software firewall without the need to fine tune. Comodo allows a user to fine tune the firewall, with the ability to specify TCP ports, traffic direction (incoming, outgoing, or both). In other words, it’s for the user who wants to get down to the nitty gritty.  If you choose to use Zone Alarm or Comodo, you should disable the Windows Firewall so that they don’t create any conflicts. On a side note, Sygate Personal Firewall was fantastic until Symantec bought them out and canned it (R.I.P.).
  6. Privacy: CCleaner – If you surf the Internet, whether using Internet Explorer or Firefox, of any other browser, you’re bound to have a load of cookies and temporary files. CCleaner will help clean up those unnecessary files in addition to, Windows Temporary Files, URL History, Recycle Bin, Clipboard, Windows Log Files, Recent Documents from the Start Menu, among other temporary files. A good, easy to use cleaner. You can set it to run automatically after the computer boots up, and set it for secure deletion (from 1 to 35 passes). I usually run it after I’m done browsing or going to websites where I need to enter a username and password. The “C” in CCleaner supposedly stands for Crap. NOTE: When you install CCleaner, make sure you uncheck the “Add CCleaner Yahoo! Toolbar and use CCleaner from your browser” option. It otherwise installs the Yahoo toolbar which is not something I recommend.
  7. Archiving: 7Zip – A fast archiving program which packs/unpacks files and directories in 7z format as well as the ZIP, GZIP, BZIP2 and TAR formats. It unpacks only in the RAR, CAB, ISO, ARJ, LZH, CHM, MSI, WIM, Z, CPIO, RPM, DEB and NSIS formats. It integrates well with the Windows shell, and works better than the Windows unpacking utility since you don’t have to deal with the Windows Extraction Wizard which makes something that should take one step, into four steps.
  8. CD/DVD Burner: CDBurnerXP – A CD/DVD Burner program which allows you to burn a data or audio disc, burn an ISO image, copy or erase a disc. Replace your trial version of Nero or Roxio with this free program.
  9. Encryption: TrueCrypt - When you need to encrypt your USB flash drive or create an encrypted “container” or partition on your hard drive, TrueCrypt is the way to go. TrueCrypt provides for “on-the-fly”, transparent encryption allowing you to securely store your files without much hassle. Essential when you store personal information on your computer, such as your tax files, password lists, etc.
  10. PDF Reader: Foxit Reader - A small, fast alternative to Adobe Acrobat Reader (2.55M versus 20M) with no annoying splash window. Required for when you need to download/read user manuals or other documents which only come in PDF format.
  11. PDF Writer: PrimoPDF - Great for when you need to print something (like an online shopping receipt) but don’t have a printer handy, print to a PDF printer. Basically, acts like a printer, but simply “prints” to a pdf file, which you can save and print later, or save and open using your favorite PDF reader.
  12. Image Resizer: Microsoft Image Resizer PowerToy – Nice simple tool to resize pictures that you’ve taken with your digital camera. You simply right-click on the photo (or selection of photos), and select “Resize Pictures” from the menu. Easier than starting another program (such as Photoshop or Elements) to resize pictures.

That’s it!. Of course, if you’re not the type to install “free” wallpapers, screensavers, toolbars, shopping assistant applications, then you probably don’t need any of the above :)

Hope this list helps. Comments are certainly welcome!

%d bloggers like this: