virus – TruXter Tech

Good Free Virus Scanners and Antiviruses?

Posted on2015/09/092015/09/30AuthorTruXterLeave a comment

If you say you want “good and free” as you ask me for advice on a virus scanner or antivirus, don’t get mad at me if I tell you to remove your Avast, Kaspersky or AVG. I have zero faith in either one of those. ZERO. Simply because I have done my tests and the results were what I suspected. Garbage.
Microsoft Security essentials and Microsoft windows defender are the only antiviruses (virus protection) I recommend. Even though virus scanner and antivirus are two different things. One scans, the other monitors with a scan option.
If you want a good virus scanner then you must understand the maker of the program made it to scan and focused on scanning manually only. This is a good thing. Doesn’t bloat down your computer running scans when if it was a good virus protection, there’d be nothing to scan to begin with.
From a previous post here about virus scanners and antiviruses.
RogueKiller.exe This will hunt down the deepest of virus.
ATF-Cleaner.exe helps clear up what’s on your computer in folders that you got locked out of in the attack. empties trash and cache and a bunch of stuff all at the same time
Spybot – weak these days but doesn’t kill you to give it a scan and let it clean a few things up too.
[Microsoft Essentials Windows 7] | [Windows Defender Windows 8]..Not a bad free Virus Scanner. Works pretty good. Works best if installed before you get the virus. Protects better than any other virus scanner. Free or otherwise.
unhide.exe will get your icons back if you lost them and your files back if they disappeared when the virus hit you.
Malwarebytes– free and good strong software
Super Anti-Spyware – Stupid name, great product. oh and it has a free version.
Emergency Kit Scanner – I use this one anytime a friend calls me for help
MVP’s Hosts – block your computer from accessing known virus site. Stops advertisements too. Not a virus scanner or antivirus in teh sense of realtime protection, but still a good addition.

The basic rule of internet safety is watching out for the b.y.c.a.k. virus. b.y.c.a.k. = between your chair and keyboard.
this means, don’t open weird emails. Don’t go to weird websites. Don’t click impulse click bait links on Facebook or twitter or the like.

Remember these and you have a better chance than 75% of the people on the internet.

Still no matter how safe you are, you can still get a virus from legitimate uses of your computer on the internet. If this happens, then be wise and either wipe and reinstall windows, or take the time to run every program in the link above (this is so much more fun and feels very accomplished in the end). Don’t forget to update the programs and do it again all week long, just to be sure.

How to fight CRYPTOLOCKER

Posted on2014/04/022015/09/08AuthorTruXterLeave a comment

The way to beat Cryptolocker is pretty much like all ransomware. With one exception.
Hopefully you have a great back up process and can separate all computers from the infected computer on your network.
Start with these old school free tools of the trade.
Run them all if you want to make sure you get everything.
RogueKiller.exe This will hunt down the deepest of virus.
ATF-Cleaner.exe helps clear up what’s on your computer in folders that you got locked out of in the attack. empties trash and cache and a bunch of stuff all at the same time
Spybot – weak these days but doesn’t kill you to give it a scan and let it clean a few things up too.
[Microsoft Essentials Windows 7] | [Windows Defender Windows 8]..Not a bad free Virus Scanner. Works pretty good. Works best if installed before you get the virus. Protects better than any other virus scanner. Free or otherwise.
unhide.exe will get your icons back if you lost them and your files back if they disappeared when the virus hit you.
Malwarebytes– free and good strong software
Super Anti-Spyware – Stupid name, great product. oh and it has a free version.
Emergency Kit Scanner – I use this one anytime a friend calls me for help

So… What is Cryptolocker? Cryptolocker is like all ransom-ware of the past. In fact it looks just like antivirus 2012 except. Cryptolocker comes right out and says “hey we locked down your file, pay us and we will unlock your file, if you do not pay us, we will delete the password that we have on file for you file and you pretty well screwed forever”. This is straight up extortion. no matter what they call it, it is what it’s function is. To brutally force you to pay the virus maker’s fee to get your files back.

Protip.. Install MSE (Microsoft security essentials) before you get any virus.. It doesn’t cost anything and uses very little resources. Plus MSE is made by the people who made your operating system, it knows when unauthorized activity has occurred.. and well, it should be their responsibility to secure and protect your computer.

Cryptowall 3.0 Is the same but more developed to protect it’s self. Here’s Trend Micro explaining how Encryptowall 3.0 functions and looks.

and please quit opening attachments without verifying their validity.

Joomla Bluestork Built in Virus

Posted on2012/10/262012/10/26AuthorTruXter

Found in the error.php file

You can either replace the error page with another, or delete all on the text within the php file with text from a safe error.php file

What happened you say?
My website got shut down by my webhost. They told me there was a virus on on of my websites and told me to upload a safe copy of the website..
Well I don’t have a copy of my website. They have a copy of my website.
but. I couldn’t do anything. SO I downloaded the whole website via FTP. and decided to locate the joomla files the webhost said may be compromised.
To be certain, I downloaded a fresh copy of Joomla, and a fresh copy of blue stork and checked for a virus.
Yep. Sure enough.
The Error page has a virus in it.
I started with a simple scan with EMsisoft Emergency kit
Then moved to virscan.org single virus scanner that uses multiple scanners, to scan one device and shows you what they all find. They don’t all typically agree with each other, so it’s like getting a 2nd 3rd,4th etc opinion all at one time.

Here is the resulting page

I then ran to virustotal website and performed a very similar scan. and got somewhat similar results.
The results

The scary part, is Bluestork has been the default admin theme for Joomla for quite a long time.

It seems there is either a new virus definition going around that is much better defines, or is flawed, or bluestork people really have something to fix.

Either way, it might be in the best interest for Joomla to strip the bluestork theme out of the default themse.

I myself have stripped the error page to no text with in it at all.

Internet Defender and WIndows PC Aid More Fake Virus Scanners

Posted on2012/06/072012/06/07AuthorTruXter

Both virus fakes are bundled together in this bad batch of internet waste today.
Internet Defender was the one virus/Extortionist (Vextortirust?) that kept popping up the most in the beginning.

Internet Defender

Internet Defender is made to look like windows defender
Another fake virus scanner that infects your computer and milks money from you in an extortion type fashion.

Virus Scanner Progress

Windows PC Aid is made to look like a mix between Norton, and Microsoft Essential.
Aid
Steps to removal of Windows PC AID

Windows PC AID

Rouge Killer Finding some of the virus remnants.

Rouge Killer

Simple fix:

MVP’s Hosts File
EMsi Soft Emergency Kit
Rogue Killer
Microsoft Essentials
unhide.exe

In this exact order is the way I did it. Just one scan with each and the fake virus scanners were all gone.

Leap Year Virus 2012 ??

Posted on2012/02/292012/02/29AuthorTruXter1 Comment

It seems that one of the viruses that I reported in one of my previous posts, that obtained on my computer at work, has been bit by the Leap Year Virus 2012.
Everything is running slow.
First clue was I got a notice about “iteratorutils.jsm:117” failed to start. That of course is not a sign of virus, it is a sign that something is running slow, since script time for Mozilla is 10 seconds, The computer is running so slow, it exceeded the 10 second script load time . Not perfect science but enough to get me alerted. Yesterday was a busy day. My computer was running at full speed, smooth and nice. I never once searched anything on the web. I just worked on my drawings and records. Today, slow. Everything is loading at a crawl.

I am now running scans but it seems Microsoft essentials has locked up. And the only thing I have that will run, is spybot search and destroy, and Rouge Killer (linked below). Rouge Killer did find a couple registry anomalies that were labeled regular stuff you would normally overlook, I deleted the instances anyway. My machine might not boot back up because of that. but it’s worth a shot. I am sure the I.T. guy here and I can get the office computer back up and I will report back here as to do or not do what I did. I am sure I have to reboot because what regestry was showing, is that 3 items were loading on start of the computer. Since my computer is still running, then the items are still running and I only removed what starts them.If I don’t report back before you read this….. Don’t do it!.

Will report back when I find more to see if there is an actual virus that has been dormant waiting for Leap Year 2012. Possibly bundled with Antivirus 2012

If you notice the same issues, Please describe below, and check back often. I will be updating this as the day progresses.

**update** Microsoft essentials finally finished update. Scanning now. but so far nothing is showing up.

***Update. I have no idea what happened, 3 hours into my work day, and my computer just started working normal. Reboots really slow now, but it works again.
No virus scanners found anything. So I have no clue if they just don’t have the virus signature yet, or if it was a fluke bug, or what.

netsession_win.exe Uninstall

Posted on2011/11/04AuthorTruXter11 Comments

netsession_win.exe
popped up on thousands of firewalls yesterday.
I am not sure but I assume it is all people who do not have a router with a built in fire wall.
found a post of how to uninstall netsession_win.exe

To remove it, this is the file path. Enter it into Search on the Start menu and there is an Uninstall.exe file in the folder.

C:usersUSERNAME HEREappdatalocalakamai

It prompts that the uninstall will possibly cause problems with downloads or streams and that you may be prompted to re-install at a later date.

Not sure what it will effect, but that is the method I found to uninstall netsession_win.exe.
So do it at your own risk

Many people saw that their firewall blocked it while playing video games. or doing something that is streaming. Could be part of Netflix so if your netflix goes down from this, Remember I said “at your own risk”. Some say it might be iTunes. Currently there is no confirmation as to where this comes from. As many people say they haven’t recently installed anything on their computer. Some suspect netsession_win.exe is an automatic update.

Others think that netsession_win.exe is a virus or malware. Some weirdo said something about a conspiracy.
I have uninstalled it and I am running fine. Haven’t found any programs unable to function just yet. but I am on a computer at the office. So…. Can’t really do much. I don’t have any media streaming software nor do I have any games installed.
Here is the site claiming responsibility of the netsession win.exe
Check with akamai site and see if the software is being used by someone who knows it’s exploits, and see if you have anything on their list, that might be installed on your computer. I suggest you read it carefully.

Here is a Quote from the akamai site:

The Akamai NetSession Interface DOES:

provide client networking technology to enable applications to enhance their video and file download capabilities.

enable secure, closed peer-to-peer networking so that websites can deliver files to their users economically and with faster downloads.

provide in-depth information about what the Akamai NetSession Interface does and how it works.

provide simple ways for the user to turn the netsession interface off

provide a simple uninstall process

provide an AdminTool for the user to see utilization system resources and client activity

It DOES NOT:

monitor your browsing or other Internet activity

pop-up ads

interrupt your web viewing experience with prompts or other annoying software tactics

interfere with other applications on your machine

hide itself on your system

take over your computer, nor monopolize your computer’s resources

Is there any way to see the Akamai NetSession Interface’s networking activity and other settings?
The Akamai NetSession Interface has an advanced settings interface. Most users can access the administrative tool in C:Program FilesCommon FilesAkamaiAdminTool.exe

Launch AdminTool from the command line

AdminTool supports information about cached files, network activity, and other applications utilizing the client library

AdminTool also provides ability to uninstall and turn the client off

Charlie Sheen Facebook Virus

Posted on2011/03/10AuthorTruXter

There is a facebook virus going around. You click the link your account gets stolen your computer gets a virus. The link is titled “RIP Charlie Sheen Found Dead at his House!”

The link claims to have video footage of Charlie Sheen Dead.

Well Charlie Sheen is not dead. Charlie Sheen seems to have called quits to his Ustream rants in his last post on Ustream two days ago.

So there is no footage of Charlie Sheen dead. It is fake. If you have been clicking the links you may want to run a few virus scanners. I have a list of many good Free Virus Scanners that usually will do the trick for you.

Charlie Sheen is Not Dead!

Good luck happy facebookn.

Intel buys McAfee for just under $8b

Posted on2010/08/19AuthorTruXter

McAfee sold to Intel for $7.68.
These are two companies I do not like. They are the center of everything bundled with crummy computers. They are the generic item that everyone gets with their new “outa the box” machine. And since so many people have these two, everyone assumes they are the best. ” More people buy Intel than AMD so it must be better” . Well no it’s bundled more often because it’s mass production junk.
Think about it, more people in the world shop at wally mart…………. Why? because it’s there. and convenient.
Mcafee is bundled in everything you buy.
Remember when AOL disks showed up in your mail on a weekly basis? People actually installed it years after broadband became common.
Mcafee calls it’s self an “antivirus” truth is, there is no such thing. There is just software that tell you when you have an active virus on your computer… The virus scanner installs it’s self so deep that you the computer owner can’t unintsall it. So most virus programs are written to attach themselves to the “antivirus program”. This in turn causes the “antivirus” to ignore the virus, because removal of the virus would be suicidal for the antivirus. So let’s just call it a “virus alerter”.

This merger/sell is just a nice way to get all the garbage in one spot.

Now I have to go use a-squared to remove 1829 trojans off of my bosses computer. Neat how symantec 360 has only detected (or notified me of ) one virus while 1728 variations of the virus are directly attached to symantec.

PC Protection – My Fresh Install Rules

Posted on2007/10/29AuthorTruXter

1. first thing is go into control panel and into Administrative Tools and then Services and then scroll down to messenger and turn it off.(also telnet if I think I will not be using it)

2. Set up blocking of websites by adjusting my Hosts file
3. go get A-Squared it finds adware and spyware and some virus and trojans.

4. Check router firewall and dmz settings.

5. get ad-aware . it’s pretty much the same as a-squared but finds other stuff .

6.get spybot search and destroy, similar to adaware and a-squared.

7. install firefox and use that instead of explorer

8.install thunderbird and use that instead of outlook

9. save an online virus scanner to favorites

10. practice safe surfing (no clicking links in email… ever, pay attention to site names when using search engine, do not install any addons that come with freeware, never reply to any email that says ” you stuff is in jeopardy”, call business’s for verification to any emergency emails,never give out passwords to anyone on the net or in real life)

What you do is what you have to live with. asking people for advice is a safe bet… Some times..?

have fun good luck