Filipino Computer Hardware Servicing Technician from Roxas, City Capiz Philippines (Region 6 Western Visayas) for more information contact me via email at renanorola@hotmail.com

Home » Archives » January 2008 » Page 3

Trained OJT

January 16, 2008

 Hercor College from roxas city capiz inside the computer technician laboratory has an OJT computer technician  student under Mr. Renan E. Orola. He trained well the OJT student teaching different strategies for fixing computer problems, the hardware and software computer problems. Also fixing cell phone problems and netwoking.

 

Marz Villariez Installling Windows XP 

 

 

Computer Technician OJT Marz Villariez with John Alisla, and Joselito Delos Reye Installing Application.

 

 

 

Computer Technician Student John Alisla installing linux operating system while Joselito Delos Reyes having a hardware toubleshooting.

 


 

 

 

 

Posted by renanorola at 9:38 am | permalink | comments[1]

how to remove autorun.inf

Computer Virus attacks!

There’s a strain of computer virus that infects the file server and workstations of the computer laboratory of Hercor College, Roxas City, Capiz, Philippines. It hides itself by using the name ctfmon.exe (Ctfmon.exe monitors the active windows and provides text input service support for speech recognition, handwriting recognition, keyboard, translation, and other alternative user input technologies.) It was detected by TrendMicro 2007 as PE_VBAC.A virus and as MianCrypt.Gen virus by AVAST.

The said virus hides itself inside a folder named Recycled. The folder has a hidden/system/read-only attribute, that’s why you can’t see it if you will use the Search window. When your system is infected by the said virus, it infects every drive connected to your PC by dropping VCAB.DLL to the internet temporary folder and creating the CTFMON.EXE to folder Recyled & AUTORUN.INF to the root directory of every drive. That’s why when you connect your USB sticks to the infected PC it will be infected immediately, the USB disks will be the new carrier for the virus. The program runs every time you start your computer because it copy itself in the Startup folder of the Start Menu. It also run every time your insert the infected USB disk and it triggers every time you Double-Click the infected drive (bcoz of the AUTORUN.INF). The virus infects .EXEs and .DLLs.

To check if your system is infected by the said virus without using an antivirus, do the following steps:

  1. Go to command prompt.
  2. Type CD\ in drive C to go the root directory
  3. Type DIR /AH and press ENTER key. This will display all hidden files in your drive C
  4. If you see a file AUTORUN.INF and a folder Recycled, then your system is infected.
  5. Try doing this to your USB drive and check if your USB stick contains the same folder and AUTORUN.INF, if it does then your system is really infected.

To remove it download and install a trial version of Trendmicro and scan your system.

To manually remove it (but i’m not recommending it especially if the infections of Bacalid is very high try using an anti-virus such as McAfee or TrendMicro’s PCCillin) follow the following steps (This is the step I take when i repair my computer without an internet connection. Note you should understand what you’re about to do, you try it at your own risk!)

  1. Boot your system in Safemode
  2. Go to command prompt, in Drive C do the following commands.
  3. Type -> ATTRIB -H -R -S AUTORUN.INF then press enter
  4. Type -> DEL AUTORUN.INF then press enter
  5. Type -> ATTRIB -H -R -S Recycled then press enter
  6. In Windows Explorer in Safemode, remove the folder Recycled in drive C use Shift-Delete to delete the folder.
  7. Repeat Step 3 to 6 for all drives of your system including the USB drive.
  8. Search for CTFMON.EXE in your system using the Search of Windows found in Start Menu. If you find a file that is not located in C:\WINDOWS\SYSTEM32, delete it immediately. Dont forget to empty the recycle bin afterwards (Usually the virus will copy itself in the Startup folder of the Startmenu. Check if the file is present there and delete it then.)

To disable autorun of drives (i.e. everytime you double-click a drive or cd or usb, it is auto open) follow the following step:

  1. Click Start->Run->type REGEDIT.EXE
  2. Go to this key from the register HKEY_CURRENT_USER\Software\ Microsoft\Windows\CurrentVersion\Policies\Explorer
  3. Look for the entry NoDriveTypeAutoRun, double click the entry
  4. Type a new value : 0FF (Hex) for the NoDriveTypeAutoRun, this will turn off the AutoRun for all drives, and press ENTER
  5. Reboot the system.
    (more…)

    Posted by renanorola at 9:11 am | permalink | comments[1]
Page: 1 2 3