TruXter Tech

What to do when infected with spyware/adware

Posted on2008/02/24AuthorTruXter7 Comments

[tags]adaware, adware, asquared, computer, hijacker, hijackthis, hosts, infected, infection, log, maliciouse program, malware, popup, redirect, scanner, spybot search and destroy, spyware, trojan, virus[/tags]

We all have had infestations, pop ups that never go away, something that changes your home page, or something that redirects the site you type to a totally different site. Even worse than all that, when there is a combination of those problems.

Well, I have some good news and some help for you.

Next time, you might want to consider this stuff first before you even go anywhere on the internet.

For starters, I would begin stopping most malware from even connecting to the net from your computer, this step stops your computer from ever going to the sites where malware is created, uploaded, and/or updated. Fix your “hosts” file by going to MVP’s site and reading up on the subject. I actually just scroll down like 20 lines and he has a zipped file with 5 or so items in it. Extract the contents to the desktop, double click the batch file, and in a blink, I am Protected from tons of malware servers. http://www.mvps.org/winhelp2002/hosts.htm

Please read mvps site to get a full understanding and to be on the same page as me. Yes the hosts project started out as a way to block banner ads, but it was later found that you can do much more. PLEASE READ THE MVPS SITE.

Before installation of new “hosts” file, I head to my existing “hosts” file and open it with Notepad to see if there are any changes made to it that are located here “C:WINDOWSsystem32driversetc”

There is a line that should say “127.0.0.1 localhost” which means local host is YOU. If it says anything other than 127.0.0.1, then your machine has been routed to someone else’s server and everything you do and type is being passed through them first. They filter through it and crack what they want. If you have anything different there, please post it here as a comment so I, and others, can help take care of someone like this.

Next, let’s go scan your machine. If you can, install this, “http://www.emsisoft.com/en/software/download/” and install a-squared Free 3.1

Run that program and remove anything and everything it finds. Let the scan finish before you start the next step. If both scanners try to remove the same files, it could cause problems.

Next, go get Spybot-Search and Destroy, you will find it here “http://www.safer-networking.org/en/download/index.html” spybot – Search & Destroy 1.5.2

Now, go get Ad-Aware “http://www.lavasoftusa.com/single/trialpay.php”

Run Ad-Aware after Spybot. The same rules apply.

If your issue persists, HJT that stands for “hijack this” found here “http://www.spywareinfo.com/~merijn/programs.php”

You can join their forums “http://www.spywareinfo.com/~merijn/forums.php” and get help from people who spend all day, every day just helping people decipher what HJT finds in it’s logs. They all will tell you what to keep and what to kill. They are an excellent group.

In most cases, you would have prevented this from ever happening if you would have started with MVP’s “hosts” file. That is a very good practice. Also, it would be wise prevention to not install anything and everything you find on the internet. First thing you must always do when you download anything is scan it with as many virus scanners as possible. I use Jotti’s site for the online single file scanner. It scans with like 20 different virus scanners at one time and shows you a real time results area at the bottom of the page. If you watch the scan result, you can see what scanners are worth a darn and what scanners are worth being cup holder….. AVG is garbage.. See for yourself. “http://virusscan.jotti.org/”

If anyone has protection tips of the malware kind, drop a note here ..

Good free firewall to prevent this kind of thing:

Sygate firewall:

http://smb.sygate.com/products/spf_standard.htm

Trojan killers:

http://swatit.org/download.html

Trojan Hunter trial version:

http://www.misec.net/

Do this immediately:

Disabling system restore in Win Xp
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001012513122239?Open&src=sec_doc_nam&docid=2001111912274039&nsf=tsgeninfo.nsf&view=docid&dtype=∏=&ver=&osv=&osv_lvl

More Xp resource:

XP resource info:

www.blackviper.com

http://grc.com/dos/xpsummary.htm

http://www.annoyances.org/exec/forum/winxp
If you do not have SpyBot and Adaware, do this:

Spybot:

Download and Read the SpyBot tutorial here:

http://s89223352.onlinehome.us/mirror/spybot/index1.php

Download it, Unzip the program, and immediately check for updates, install the updates and then do the scan.

Let it fix everything marked in red. Reboot but not with restart, shut it down for two full minutes. You�ve got two measely minutes and it�s worth it, and let Spybot run if it indicates.

To add an item to your �Ignore List� click on the little �+� sign next to the item and left click it to highlight it, then right click it and a menu appears, select the function you want.

When you are done reboot again same way. Two full minutes shut sown is best.

Tea Time discussed by designer here:

http://forums.net-integration.net/index.php?showtopic=13433

Also, go to the update page. Notice 3 icons across the top. Between “Search For Updates” and “Download Updates” there is an icon for the download mirror location. After you click on �search for updates,� the one in the middle will change. If it doesn’t say “Spybot.US by Rootboxen.net USA” click on the dropbox arrows and click on Rootboxen, and use only that one. If you got a “checksum error” trying to download –that’s why.

Ad-Aware:

Download AdAware from http://www.lavasoft.de/

check for updates at “webupdate”.

I use these settings (green check)

From main window click “Start” then make sure ” Activate in-depth scan” has a green check next to it.

Put a black dot nest to “Use custom scanning options� and click Customize” next to it, then green check these options:
“Scan within archives” ,”Scan active processes”, “Scan registry”,
“Deep scan registry” ,”Scan my IE Favorites for banned URL”
“Scan my host-files”

At the top of the �STATUS� page notice the Tweak (gear) icon. Click on it.

The first setting is �Scanning Engine.� Click on the little plus sign next to it, and in the drop-down green check “Unload recognized processes during scanning”, and �include basic Ad-Aware settings in log file�. Next click on the �+� next to “Cleaning Engine” and in the drop-down green check “Let windows remove files in use at next reboot” and Delete quarantine objects after restoring�

Click “proceed”, that will save those settings.

Click “Scan”

When the scan finishes, mark everything for removal and delete it. Right-click the window and choose “select all” from the drop down menu, press �next� and then �yes� to the prompt: �remove all these entries�.

However, if you have certain programs running that will give a false indicator of a browser hijack attempt, such as Script Sentry, which places a monitoring function in the registry and looks like a browser hijacker but is not, then you may want to add that to the ignore list because you want to keep it there to do it�s job. To add an item to the ignore list, put the a cursor on the file it reveals and left click it to highlight it, then right click it and a menu appears. Click on �ignore list.�

Shut down, two minute shut down is best, and let Adaware run on reboot if it indicates.
When you are done all that, go into Safe Mode and run Adaware, SpyBot, and Av. Then go to ‘search files and folders’ and search for the file name of the trojan and delete it in Safe Mode. If you are clean there, that’s about it. Re-enable your system restore.

I also use these:

Spyware Blaster

http://www.javacoolsoftware.com/spywareblaster.html

MRU Blaster

http://www.javacoolsoftware.com/mrublaster.html

and Script Sentry.

Run Adaware, SpyBot and your AV in normal mode. Clean? good. Go here:

Jason�s Browser Security Test:

http://www.jasons-toolbox.com/BrowserSecurity/

Gibson tests:

http://www.grc.com/default.htm

I use LeakTest, DCOMbobulator, ShieldUp, and plugnpray.

Love for the tech community.

Social networks and the people within

Posted on2008/02/23AuthorTruXter

Ok, I have been on digg since it came out.

I kinda enjoyed it, but it always left an empty feeling.

I really think that type of social networking is very unsocial.

I mean, you really can’t interact with other people. Now, I just go there to help rate my friends and stuff they produce. I truly believe that the ability to argue opinions is how people actually communicate and create group minds that solve issues. If I can’t tell someone how they are screwing up, then I’m not talking to them, and vice versa. I want to know where and how I messed up.

So, I am at that type of place to give a big “how do” to my buds and their work, but I go to lockergnome and to live.pirillo.com to really talk and hear other opinions.

where do you go?

TruXter

Owner and writer of :

iworkwithtech.com and iworkwithpeople.com

Online Checking Accounts Versus Walk-In Bank Accounts

Posted on2008/02/23AuthorTruXter3 Comments

As I have noticed, all the banks with online setup for checking and savings, have new “no minimal setups” and “no minimal deposits.” I have to say, the setup goes smoothly and you do not have to hand anything to a half wit and hope they do not fumble your investment money. You just make sure that you do not screw it up.

I have been charged 27 times for overdraft fees that never actually happened, 8 of them at one time. This set me back quite a bit of money, $216 to be exact. It all came out of one check and the day before my car note was due. After many hours of hearing “but you spent it.” and being transferred, I emailed a bank representative. I mean, they were saying it was because I went into the red, which is bull. Finally, I got someone with an IQ, and she said, “Oh, I see what happened. You should see a refund in three days.” Well, 12 phone calls and a month later, I still have not received my money back.

The whole “no nickel and dime” slogan rings true: Sure, they will not nickel and dime you; they will dollar and five you. They charge you $20+ to do a balance inquiry from another bank’s ATM. God forbid someone in a store checks the validity of your account by having you type in your PIN code. Sure, the checks are free.

(FOREIGN TRANSACTION FEE

-$0.05

)

That looks like a nickel to me. I paid for something online in Virginia.
Now, I have been using Prosperity Bank for a few years. I was going to that bank, back before it changed its name on me twice. I had issues with the way a few things changed, so I took out all of my money last year except for 95 cents. I went to an online checking account at a very popular bank, the one bank that tells of “No hassle” and they “won’t nickel and dime you.” BS! Well, as I am seeing things, I will go back to Prosperity Bank. See, I didn’t know what they were up against with everything changing around them, I guess I just needed to evolve with them or die out there on my own. This walk in only bank has accounts that have minimal amounts limitations or they charge you small fees. Luckily, I have an account older than the company’s logo, so I still have 100% free checking. The downside is, the checks cost me money.

Online checking = free checks, ATM fees out the yin-yang, no minimum savings, no lines to wait in when making adjustments to your account, and your security is as high as your encryptions.

Walk-in checking = costly checks, no fee to check your balance at any ATM, savings are $2000 minimal, and you have to wait in line to transfer money around accounts. Savings is a hassle.

Who in their right mind trusts a bank with a name that looks like “watch over ya” but pronounces it “walk over ya?”

Have You Seen jPod?

Posted on2008/02/18AuthorTruXter2 Comments

Have you seen jPod yet?

It’s yet, another very good Canadian comedy from our beloved favorite director Mike Clattenburg, the guy known for the viral indy series Trailer Park Boys, based on the Douglas Coupland novel of the same name. No, it does not have Robb Wells or John Paul Tremblay. It is not in any way a remake of the Internet hit that we all know and love.

It is on the other hand something that stands a chance of being one. See, there was a glitch with the Y2k bug that threw a handful of game designers at E.A. into a basement area of their game development building. It’s okay, though. This crew of three guys, two girls and their obsessive leader boss are pretty much the biggest cut-ups in the company.

The new boss comes in and decides to overhaul the game that the jPod crew has been working on for some time and turning it into a few things it should never have been. The new boss has no frickin’ taste whatsoever. It’s a blood and guts game, but Steve, the new boss, wants turtles and role model women incorporated into the game. Not against women, just you can not make that big of a change that far into developement.

One guy is a hacker kid.

One guy has screwed up parents. His mother wants him to bury a body and hide the remnants of an illegal plant she has growing back home. I think his dad used to be “Mr. Seaver” from Growing Pains. His wife thinks he is gay and losing his mind.

One girl is an ex-fatty turned hotty with low self-esteem.

One is a hot Asian female with a strong attitude and a mean dad.

And then there is “Cowboy,” the resident Gigolo. He is cool.

TruXter

Owner and writer of :
iworkwithtech.com and iworkwithpeople.com

Job Expands

Posted on2008/02/14AuthorTruXter

New locations coming to our fire alarm company, pretty good stuff.

Our Main office will stay the same same in Houston

We have purchased the property for our new locations and have construction on the way.

Our austin Facility is up and running. This is a great year.

I may even transfer to our San Antonio location as soon as it has ac .. lol Texas is fricken hot. anything to get out of Comcast’s capitolism.

I like to think we are better than all Texas fire alarm companies . I am sure we are the better fire alarm and detection company in Houston .

We are upgrading hundreds of fire alarm control panels (facp) from the 7100. it seems people want the new stuff. Really i am just the bew guy and all so I have no idea why they want the new one that sounds an alarm just the same as the current one that sounds the same alarm. I am sure it’s the ease of use in the new ones that allow the ‘actual owner’ a chance to understand what to do and how to do things, in certain situations. The E3 Facp is the “broad band” panel, The new. Maybe I’m old fashioned and like the old everything, Vintage means ” all bugs have been noted” and you can actually get help from past users< but this planet seems to be full of wealthier people than who are out for the E3 type things in life. Maybe it’s the security of knowing that you have the latest when your establishment is built and it should be good for a while that sales them to go that route. I myself will buy it used and and hack what I can into it’s firmware and make stuff better for me. But that is me. I guess that is me and why i am in the office doing cad instead of out in the field programming the panels. lol.

I mean it’s not like everyone in the world wants to have cool specialized interface that comes at the price of having to reboot every time you do something or what ever expense that modded software usually causes you to have to endure.

it sure would upset a fire marshal if every time he inspects my panel he sees his name on the display. lol

The Breath of Blu-ray

Posted on2008/02/12AuthorTruXter1 Comment

[tags]blu-ray, blue ray, definition, detail, flat screen, hidef, high, high def, investment, lcd, liquid crystal, online investment, plasma, progressive, Resolution, share holder, sony, stock, stock market, xbox[/tags]

Looks as if Sony has taken its deep breath and sucked the last stitch of life out of HD platform disks and media. This makes HD players a soon forgotten, obsolete, useless media, much like what happened to Sony years ago with the beta max.

The Death Blow.

NetFlix went exclusively Blu-ray. Anyone with pre-ordered HD NetFlix will be getting regular dvd’s. Best Buy will exclusively recommend Blu-ray. (Thanks, Andrew McCaskey from Slash Dot Review). If you want more detail on this listen to the episode of 2/11/08

My question is, “If you people see this like I do, then why have you not invested in Sony as I have?” I mean, you guys do realize that Blu-ray is Sony.. Right? Now, is the time to move as much of your stocks over to Sony, because the Goliath of a machine they have for a gaming platform (that is the most convenient form of Blu-ray player). As of right now, it is the one gaming console with the least amount of games. There is just three months before it explodes, ending its typical first quarter with a mess load of games. This, of course, will bring even more people into purchasing Sony’s games & company stock.

Now that huge, high definition televisions are holding down the carpet in your house is about to become a greater resource as the video standards start sliding towards Blu-ray’s quality. Your 52″ HDTV with it’s 1080p resolution is about to become typical and common place, but you do not get there without selling a few million first.

The moment you know it’s way to late, is when Microsoft announces “Yeah, we are releasing a Blu-ray drive for the XBOX 360.”

You do have to realize that every kid is going to want to drop their current console because they want be ‘like the rich kid’ and get the more expensive one. Kids are that way, ‘the rich kid’ always gets the stuff no one can afford and brags to everyone how cool it is. Then when everyone has it, he drops it and gets something more expensive. Well, there is no console more expensive than the Sony Blu-ray. The rich kid and poor kid will soon have the same thing and they can actually play the same game online. Although, online games are free with Sony and you have to pay monthly fees for XBOX Live. Maybe, if the timing is just right, Microsoft will release the 360 Blu-ray with 300 gig hard disk and a more expensive version of XBOX Live to give the rich kids something to run to when all the other kids convert. Of course, that means Microsoft will have to pay Sony for rights to use the Blu-ray format. :-) Do you get what I am saying here?

Watch the dang stock!

Blu-Ray Umd For a Blu-Ray PSP ? Rumor?

Where did that start?

[tags]high def, definition, HDTV, high, Resolution, lcd, plasma, xbox, sony, blue ray, blu-ray, liquid crystal, flat screen, progressive, hidef, detail[/tags]

Phishing returns to its roots

Posted on2008/02/12AuthorTruXter

In one day i get three letters saying that my bank account was shut down, from a bank that has nothing to do with me. I got another from a warranty company that I have never heard of. i mean I had to read the whole dang thing to even see that it states a companies name, once, in a middle paragraph. And of course the be all end was “lost money”. Some company or cpa or what ever claims they have located lost money for me. i did a search for that person saw they where under investigation since 2005.

nice

Radio Stations and Ideas

Posted on2008/02/10AuthorTruXter

We all have our last.fm players embeded into our myspace profiles.

why in the blue hell have the radio stations not thought to do this yet ?

I mean if you want to be known, BE KNOWN ASSHAT.

I would pretty much blop out a huge list of stations on my myspace and facebook profiles so my buds could listen to what i am listing to here in Houston and enjoy it like I do.

Phone Phishing

Posted on2008/02/07AuthorTruXter

As I have looked over the internet I see other people experiencing the same thing there is a phone number popping up

877-545-1392 as the number from the person who is calling. The person who calls, claims to be from ADT security. This person asks if they can get credit card numbers and bank account numbers and home address and pass code to the security box so they can dissable the alarm from the main office and update software and or trouble shoot the issue.

I suggest you give them no information. I mean from what they are asking, they want to clean out your bank account, max out your credit card and rob your house, and god forbid you be home when they break in. If you are home you will not only be broke and in debt, you will be dead.

Well I decide to call the real ADT today, and guess what I get on the phone?.

Good ol “Jeff”. the boy sounded stoned and burned up from a bad day of calls. Nothing meant anything to him and he called me paranoid. Paranoid? I mean his job circles around paranoid people WTF! I mean yeah it’s good to protect your stuff and alarms save lives.

Well I left him the number anyway. But these dirt bags are burning up my T-mobile minutes .

Makes me wanna scream “HEY DILDO YOU AIN’T IN MY FAVE FIVES!”

Messing around at work

Posted on2008/02/06AuthorTruXter

[tags]duct detector, fire alarm, fun, job, photo beam, pull station, smoke detector, work,employment,job,photoshop,autodesk,cad,ion photo sensor,houston[/tags]

I decided I would make a fricken long website address.

here

I do not think the boss liked me just jacking around like that while on the clock making that link.

but it was a way to show off what changes I did to the actual site.

Of course it is hosted on my own personal site. Simply because I am new and thew doubt me.

It’s understandable. I am still being trained by people on how the actual job it’s self works. After my 90 days evaluation period ends. I will start showing some of my better quallities. I mean there are two i.t. guys there , and it’s not like I dislike them. It’s just they have the “i.t. guy” territorial thing going on. Well i do not need people getting territorial on me while I am still learning the mechanics of the job.

After march I will probably start posting news and updates on how I may or may not be doing this fire alarm company some good. No I am not pulling wires or turning screws or even carrying a ladder, Autodesk/cad and photoshop and the like all day long while searching the web for references, because I do not want to ask for help.