Monday, December 6, 2010

Thursday, August 19, 2010

Fake AV infections

Found and cleaned 3 infections in the last week of fake antivirus malware off windows machines. The last one I finally checked out what it was named: Rogue Security Suite. I was able to boot off a Linux CD to access the boot disk and remove the malware. It drops itself in Docs & Settings \ username \ Local Settings \ Application Data \ "something strange". The "something strange" is 8 to 10 characters that are meaningless. On one of the machines the hosts file was messed up, not sure if the malware did that, but I've been checking that on every machine (windows\system32\drivers\etc\hosts)

After doing a Google search, apparently it also sets up a proxy connection for IE - need to go back and check that on the machines I cleaned.

Wednesday, May 26, 2010

Firefox plugin check

Mozilla has a page to check your FireFox plugins for Java / Shockwave Flash / QuickTime and more. It's a real easy way to do a quick checkup on those pieces that are not so obvious to find version numbers or find a manual update button.

Monday, February 22, 2010

update acrobat --- again!

Last week Adobe released updates to Acrobat (again!!!) ... do the update drill in Acrobat: Help / Check for Updates. Do this until it tells you there are not more updates available.

A couple tips to make Acrobat more secure. From Edit / Preferences choose the category (from the left side menu):
* JavaScript then from the right side UNSELECT "Enable JavaScript". WARNING: this will make forms not work, so you will need to enable this to fill out forms
* Internet then from the right side UNSELECT "open PDF in browser"

Link to news story from Computer World