Steps to remove malware without antivirus

It may be that for some reason your computer has been infected with a virus. For example, if you have downloaded a malicious program. Furthermore, if you have downloaded a file that has arrived to you by e-mail and in fact it was a fraud. Likewise, if you have any vulnerability, etc. Whatever the reason, this type of malicious software can compromise your security and should be removed. However, we do not always have an antivirus installed. Even so, there are some actions we can take that sometimes work.

Task Manager

One option you can consider is to use the Windows task manager. It is a feature that allows us to see all the processes that are running at any given time. Browser processes will appear there, such as Chrome. Likewise, any software or computer function. To access this feature, you have to press the key combination Ctrl + Alt + Delete. There you have to go to Task Manager. When you are inside, you will see a tab that says Processes. That is the one you have to open. You have to look for the process that you think may be problematic. For example, you can see that it consumes plenty of resources and is causing problems.

To delete it, you have to click with the second mouse button and click on File Location. There you will see the corresponding file, and you will be able to delete it. It is certainly a simple process. Furthermore, sometimes it can help you to solve problems of this type.

Delete suspicious files

This is useful if you have recently downloaded a file that you think may be a security problem. Indeed, you should be on the lookout for any suspicious signals. For example, if you suddenly notice that something starts to go wrong. That is, the system is not responding as it should, you can look at what you have downloaded recently. Maybe some program, some file you received by e-mail, etc.

What you have to do is to go to the folder where you download the files and there see which one can be problematic. Just remove it from your computer. If it is a program that you have already installed, the procedure is different. In fact, what you would have to do is go to Start, go to Control Panel, go to Applications and then uninstall.

Uninstall plug-ins

It is common for many security threats to arrive through add-ons that we install in the browser. Extensions are very useful, for example to group tabs or optimize downloads. However, they can also be problematic. This can generate conflicts in Google Chrome, Mozilla Firefox or Microsoft Edge. If you see that you have problems with an extension that you have recently installed, what you should do is simply remove it. You can go to the menu at the top right of the browser, go to Settings and click on Extensions. You will automatically be taken to a window where all the extensions you have installed are displayed.

The idea here is to remove the last one you have installed. It might be the one that is causing problems. By deleting it, the system could start working normally again and avoid issues.

Windows MRT function (Malicious Software Removal Tool)

Windows also has a function called MRT. It is another virus removal option without antivirus. It is a malware removal tool from Microsoft. In addition, it can detect and remove some viruses and threats that may be in the system. It is not really an antivirus, but it can act to remove viruses. To execute this function, you have to go to Start, search for MRT and open it. Once opened, you have to click on Run and perform a complete analysis. What we want is that it can detect threats that may be on the computer. If you see that it detects something that could be a threat, you should remove it from the system.

Online services

Beyond the options we have shown, you can also use some online services. Through them, we can remove viruses without having to install a program to do so. There are different alternatives. In addition, they are also very useful for analyzing any suspicious document that may be a problem.

The first thing to do is to use online security services such as Virus Total. What they do is scan your computer, a folder or a specific file. If it detects something, you can remove it. It compares with a database that lists many known threats. Other options such as F-Secure and Trend Micro are also useful. But there is an alternative option, and that is to use Google Drive itself. Interesting, isn’t it? The fact is that Google’s popular cloud platform has an integrated antivirus. Basically, what it does is to track all the files that we upload and eliminates possible viruses that it detects. What you need to do is to upload the file there.

What to do to avoid viruses

As you can see, you can remove viruses without installing an antivirus. It will not always be possible, but they are some alternatives that can sometimes be useful. However, what is fascinating is to avoid viruses. What can we do to protect the system and avoid problems? Something fundamental is common sense and not to make mistakes. Always avoid opening files if you do not know the source. For example, Word or PDF documents that arrive by e-mail, and you don’t really know who sent them. It could be a scam and your security could be compromised without you realizing it. Very well, in this way we have seen how to remove viruses without installing anything. Bye!

The post How to remove viruses without installing anything appeared first on Linux Windows and android Tutorials.

In this case, the interesting thing about it is that it uses a wide range of antivirus scanning engines to check the files we upload. All this can be very helpful to make sure that these files are clean before running them locally on the PC. Keep in mind that an infected file can affect the entire operating system.

Scan the content with your antivirus

We have already told you many times that it is advisable to have an antivirus installed on your PC. In addition, it must be properly updated to respond to the latest malicious code. This means that our local security software should be the first way to detect a virus in suspicious files. Generally, these programs allow us to scan both the operating system as a whole. But also in a specific file, which is what we are interested in now. In this way, we can largely rule out that the content we suspect is infected by some type of malware.

Send the suspicious files to VirusTotal

Since this website makes use of a multitude of different antivirus engines, as you can imagine, the effectiveness increases considerably. Typically, when we scan a local file on our computer, we do it with the only antivirus we have installed. In addition, it is a completely free service that we can use as many times as we need without spending a single dollar. It must be said that this service offers a comprehensive report with the results obtained by each of the antivirus engines. It is true that sometimes here we find false positives from time to time.

Thus, all we have to do is access the VirusTotal website. Once there, just click on the Choose file button. This way we select the content we want to analyze. Once this is done, we will have to confirm the upload of the selected file. After a few seconds, the website will present us with a complete report with each of the results of the scans independently.

Uses a virtual machine

In recent times, programs focused on the virtualization of operating systems are more widespread than ever. Here we can load any system to carry out all kinds of tests. And best of all, this does not affect the original operating system of the PC. Therefore, as you can imagine, this will be extremely useful when analyzing any suspicious file that we are going to download from the Internet, for example. In this way, we can perform all kinds of tests and analysis on it in the virtual machine without endangering the original system. In the case of detecting any positive, we will already know that we should not download that particular file to our computer.

Ultimately, we have seen 3 ways to know if a file has a virus. See you!

The post 3 ways to know if a file has a virus appeared first on Linux Windows and android Tutorials.

What is an exploit, and how does it work?

An exploit is a script that will take advantage of a flaw in a system or software. It will use an uncorrected security hole to allow the attacker to sneak in malicious software. It also allows the attacker to steal passwords or take control of the affected computer. Basically, what an exploit does, or the attacker who uses it, is look for vulnerabilities. It also impacts on bugs that are not known and for which there is no solution yet.

The attacker will use this vulnerability as a backdoor to gain control of the computer. There is a difference from malware. In fact, in this case it is not malware as such, but a sequence that allows something to be exploited to achieve the objective of the attack. It is something like a key to open the door for a cybercriminal.

Once the intruder has managed to exploit this weakness, he can obtain privilege escalation and take control of the system. It can also execute code arbitrarily without the victim having control, expose personal data, or simply cause the computer to stop functioning normally.

Types of exploits

It should be noted that not all exploits are the same. Although all of them will take advantage of a flaw, there are differences, as we are going to see. Occasionally, the vulnerability will be known, sometimes it will not. The flaw may also affect a device in one way or another.

Known vulnerability

Firstly, there are exploits that take advantage of a known vulnerability. In this case, security researchers already know the problem and how this type of threat can act. It may be an issue that affects a program, a system such as Windows, the drivers of a network card, etc. They know the issue exists and there is already a solution for it.

If there is a solution, what happens then for an exploit to be able to attack? Simply that the victim has not updated the computer. For example, if Windows has a vulnerability and Microsoft has released updates. Then the user may not have installed them and the computer is still vulnerable.

An obvious example is the EternalBlue exploit, which put many Windows devices around the world on the ropes. It exploited a security flaw on Windows, and Microsoft quickly released patches to fix it. The problem is that thousands and thousands of computers have remained unpatched for a long time. Therefore, that has led to an attacker being able to sneak in ransomware and other threats.

Zero-day

A different case are the zero-day exploits, or also known simply as Zero Day. This time it is a vulnerability, which can also affect an application, operating systems or drivers. But it has not been identified. In other words, developers and manufacturers have not yet created a solution to the problem.

Cybercriminals get ahead of computer security officers and launch exploits as soon as they detect a problem. This makes it dangerous. Indeed, at least for a period of time, computers will be totally unprotected and can launch a wide range of attacks. This is where the speed of security researchers to release protection as quickly as possible comes into play. The time it takes for patches to be released will be an opportunity for cybercriminals.

Remote vulnerability

This type of vulnerability that an exploit can exploit does not depend exclusively on the device they are attacking. It will be a flaw that is present in something external, such as the network to which it is connected. They are going to take advantage of it to take control of that device.

There may be a vulnerable computer within the network where we are connected. Our computer is safe, up to date and theoretically secure. However, they will take advantage of a vulnerability present in another system to put our device at risk.

Local vulnerability

This time, the attacker needs a security flaw in the device they intend to attack. It could be a vulnerability on Windows or in a program we use, for example. That will be the entry point they can use to take control. However, it is possible that to take advantage of this vulnerability, it would have previously had to use a remote one. That would be the initial entry. Subsequently, however, it would need another local flaw to compromise the device.

How to avoid these attacks

After seeing how an exploit works and what types, there are, we are going to give some essential tips to be protected. You must follow all these recommendations. Indeed, the sum of all of them is what will really provide you with greater security and avoid problems.

Keeping everything up to date

The most important thing of all is to always have your computer properly updated. We have seen that exploits take advantage of vulnerabilities that, at least often, are known and have patches available. Therefore, having the latest versions and resolving any problems is a must. On Windows, you have to follow the path Start>Windows Settings>Windows Update. Once there, possible files that you have available to install will appear there. This allows you to have all the necessary fixes.

The same applies to the browser, network driver or any other program you have installed. Vulnerabilities can appear at any time. Therefore, it is necessary that you install them as soon as possible so that problems do not appear.

Use security software

Logically, a good antivirus is also essential to maintain security at all times. Many threats can appear, beyond exploits. You should always have tools to protect your equipment. They should also be able to scan the system to detect and remove malware.

Windows Defender itself is a good option. However, you will find a wide range of both free and paid options. Avira or Bitdefender are some alternatives that you can consider. However, whichever one you use on your device, you should make sure that it works well and is guaranteed.

Create backup copies

One of the goals of hackers through exploits is to sneak in ransomware. This allows an attacker to encrypt the computer’s files. Consequently, asking for an economic ransom in exchange. It’s certainly one of the most important threats. Indeed, we have seen cases such as WannaCry or NotPetya that have acted in this way.

As a protective measure, creating backup copies is essential. It will ensure that files and documents are safe. This will prevent an intruder from causing data loss. You will always have a backup available in case of an attack of this type.

Avoid making mistakes

But if there is one fundamental thing, it is common sense. You must avoid making mistakes. Some common mistakes are installing unreliable applications and downloading files from insecure sources. Likewise, opening links that arrive by mail, without knowing the sender.

Therefore, you must avoid making mistakes when surfing the Internet or using any device. This will help you avoid attacks derived from exploits. Furthermore, avoid any other threats that compromise the proper functioning of devices and systems.

In short, as you have seen, exploits are significant security threats. It is essential to always have your computers protected. Therefore, security updates play a critical role. Moreover, there are different varieties, and they can compromise your security and privacy. See you later!

The post How an exploit works and how to protect ourselves from it. appeared first on Linux Windows and android Tutorials.

What is a Trojan

Foremost, let’s explain what exactly a Trojan consists of. Indeed, its name comes from the Trojan horse, since in this case, it is a malicious software that disguises itself as a legitimate file. It can be a text document, an image, or a program. In short, anything that pretends to be something secure, but in reality it is a security problem. Certainly, the principle of a Trojan is the same. That is, hiding malware inside a file that looks legitimate. However, not all of them have the same objective. Normally, an attacker will seek to take control of a computer in some way. In this way, he will be able to steal data or even sneak in other threats.

A Trojan can affect both computers and mobile devices. In addition, there are Trojans for different operating systems. It is a type of malware that has adapted over time. Therefore, cybercriminals meet their objectives in terms of stealing information or taking control of systems.

Examples of major Trojans are Zeus, Emotet, Petya or WannaCry. They have put numerous companies and also private users at risk. On the other hand, these types of attacks do not only affect home users, but also target important organizations.

What is its function and how does it affect

Trojans can have different functions and characteristics. In fact, not all act the same and not all are equally dangerous. Trojans can have different functions and characteristics. In fact, not all of them act the same and not all of them are equally dangerous. Let us explain what their main functions are. In addition, how it will affect the security of both home users and companies and organizations that are infected.

Create a back door

The first goal of a Trojan is to create a backdoor. This is one of the most common attacks that can occur. This door allows the attacker to gain some control or access to the device. For example, he will be able to sneak data, malicious files that obtain information, etc.

Usually, the victim does not quickly become aware of the problem. That is, there are no noticeable symptoms such as a malfunction at first. As a result, an attacker can have access to a system for a long time until he is discovered, so he has room to collect data.

Hidden downloads

There are also download Trojans. They aim to download content onto the computer without the victim’s permission. This will be done in a hidden way, through commands that have been previously programmed to carry out certain actions.

Usually, these hidden downloads are bundled with more malicious software. In addition, they can download viruses and other varieties of malware that affect security and privacy. For example, they could download a keylogger that steals the passwords that the victim puts on the computer.

Stealing information

Another clear function is to steal information from the infected computer. They can collect personal data from the victim, spy, collect browsing-related data. Moreover, programs used, files on the computer, etc. In short, they can steal all kinds of data.

This data can be used for different purposes. For example, they could be used to carry out personalized phishing attacks, to steal confidential data from a company or an organization. They can then sell it to competitors or even extort the data and threaten to make it public.

DDoS attacks

On the other hand, mention must also be made of DDoS or distributed denial of service attacks. A Trojan can launch such attacks to saturate a server. This way it can respond to legitimate requests that another user will make and find that it does not work.

Trojans can be designed for this purpose, and the objective here is to affect the smooth running of a company, for example. They can serve as a way to launch attacks that compromise computers because of launching multiple requests.

Tips to avoid this type of malware

As you have seen, a Trojan is a major security threat. It is essential to take measures to avoid falling victim to these attacks. Therefore, we are going to give some essential tips to ensure that our devices are properly protected and that no problems arise.

Use security software

Something significant to maintain security and avoid Trojans and other threats is to have a good antivirus. There are many options. One of the most used is Windows Defender itself, the antivirus that comes with Microsoft systems. However, there are many free and paid options. For example, Avast or Bitdefender are some alternatives.

Keeping everything up to date

Of course, it is essential to keep everything up to date. In fact, cybercriminals can take advantage of a vulnerability to sneak in a Trojan. They could use a bug on Windows or in a program you use to sneak in malicious software without you noticing it and be able to control the device.

Install only official applications

Something very important, and not always taken into account, is to install only official applications. It is true that there are many options for almost everything, but the ideal is to use only programs that are reliable, secure and that have not been maliciously modified to steal data or, in this case, to install Trojans. To achieve this it is important to download programs only from official sources. For example go to the official website of the application or use secure stores such as Google Play.

Common sense

But undoubtedly the most important thing is common sense. In most cyber attacks the hacker will need us to make a mistake. For example, clicking on a dangerous link, downloading an insecure file, etc. This makes it essential to take care when browsing and not to make mistakes.

For example, you should make sure not to download attachments that come to you by email if you do not really know the source and do not know for sure whether or not it may be a threat. The same when logging in or opening any link. You should always check that it is reliable and is not going to be a problem.

The post What does a Trojan do on your computer and how to avoid it? appeared first on Linux Windows and android Tutorials.

BILOAD, a new undetectable threat for Windows 10

Windows 10 is the operating system with more users worldwide. Consequently, it is the main target of computer attackers. It is logical that they seek to harm the greatest number of users. For that reason, this threat is designed to affect Microsoft’s operating system. An interesting and especially dangerous element of this threat is that it is really difficult to detect. Since its operation is similar to the BOOSTWRITE tool of FIN7. This is based on the search of DLLs of the applications to be executed. In this case, BOOSTWRITE uses the legitimate Dwrite.dll

We could say that BILOAD is the evolution of BOOSTWRITE. Both threats use the same code base and open the back door of Carbanak. Similarly, they take advantage of Windows operation to search for the DLLs needed to load a program. Specifically, attackers exploit the DLL lookup by placing the fake version of WinBio.dll in the same FaceFodUninstaller %WINDR%\ System32\WinBioPlugIns folder. In this way, they place the file necessary to have elevated privileges on the victim’s computer. For now, this threat only affects Windows 10 64-bit operating systems.

Most antivirus programs do not detect BILOAD.

As mentioned at the beginning, the behavior of this threat makes it almost undetectable. This represents a major problem since most users rely on their antivirus suite to be protected. For that reason, additional measures need to be taken to be protected. First, the user must have common sense. Most of these problems are caused by the misuse of the system. For example, downloading software from unofficial sources, opening unreliable attachments in emails. Similarly, browsing websites of dubious reputation. It is vital to use common sense and not to put the computer at risk.

Additionally, it is highly recommended keeping the operating system correctly updated. Sometimes, vulnerabilities arise that are exploited by hackers. In the final analysis, we’ve seen this threat attack Windows without being detected. I hope that with this advice, you will be vigilant in protecting the operating system from this silent threat. That’s all for now. I’ll see you soon.

The post A new threat is attacking Windows without being detected. appeared first on Linux Windows and android Tutorials.