For the vast majority of us, the COVID-19 virus has become a daily, integrated part of what we do: Leave the house with a mask on, enter the supermarket with a mask on, go out only to do things that are “essential.” We’re inundated with messages about how serious the virus is, and how we need to protect ourselves. There are, or of course, idiots that keep tempting the government to enforce more while placing us at risk, but they’ll go away when we get this stupid virus under control.
The pitch, as Karl Palachuk puts it, is that Windows users who are not locally administrative users cannot be infected with viruses. This is an absurd and wrong line of thinking from someone who professes to have been in the IT industry for more than 25 years. But, we can all be wrong, so I say own it Karl.
While I’ve heard reports about Cryptolocker, I hadn’t gotten my hands on a compute with it until today and I’ll share some of my observations.
So, it should come as no surprise that I’m quite interested in what can be done to combat threats on a Windows computer with tools you already have. Today I’m going to look at three tools you’ll find on most any Windows flavour out there: Windows XP, Windows Vista, and Windows 7. Namely, wmic and taskkill. This is going to be more of a beginning overview of how you might use these tools to identify and stop a rogue application on your computer
So, you’ve cleaned an infected Windows PC and yet some stuff still lingers. You can’t right click on the desktop, you can’t get into task manager and you just know that a host of other policy related stuff is going on. Often, with Virus Scanners, they’re adept at removing files and folders, but they’ll leave behind things like registry settings (often taking the form of Group Policy changes). These settings can be just as harmful as the initial infection itself.
It struck me how obvious this was when I heard a customer mention the name of the virus: “Smart Fortress 2012”. I thought, this is another one of those fake malware applications that I’ve seen time and time again. Since this user’s computer was infected while running an up-to-date version of a virus scanner, it proves the […]
When I made the Process Killer utility, all I intended it for was to include it with an installer to stop processes before the process started. This worked well, so prockill lived on. As I would work in the field, I would come across computers infected with viruses that would restrict execution of utilities like the great Process Explorer or PsKill […]
This little gem was written in January of 2003 on my web page (when it was on the domain calwell.ca). The article was more of a response to the large number of infections I had to clean from customer’s PCs. These things were a big problem then, because many of the Anti-Virus programs of the time did […]
I’m always looking for new and interesting utilities. The Internet is a wealth of these utilities and many of them are free. In this series of blogs I’ll go over some of the best and most interesting I have found – I welcome you to go try one of them and let me know what you think!