I just spent 3 hours last night digging through my parents' computer to eradicate an adware/malware infection. In the process of trying to update Google Earth, they ended up with DealPly, PC Backup, search.babylon.com.xxxxxx (DO NOT GO THERE!), delta-search, and a bunch of other garbage. I got rid of most of it and ran a virus scan, but the one thing that's bothering me is that DealPly had created a share inside the ProgramData\AppData folder (presumably to allow for uploading of botware), but I couldn't see the existence of the share in Computer Management or by issuing a Net Share command in cmd.exe (though I may have forgotten to elevate when I did that, now that I think about it).
So my question is, how can someone hide the existence of a share? I am concerned that there might be other hidden shares on their computer that I didn't find and delete.
Windows 7 SP1 with all security updates as-of 9/3/2013.
So my question is, how can someone hide the existence of a share? I am concerned that there might be other hidden shares on their computer that I didn't find and delete.
Windows 7 SP1 with all security updates as-of 9/3/2013.