Best Free Virus Protection

Internet safety is an issue that has been nagging at us users for many years. The cold hard facts is that we all need it. some people rest assured in the thought that Microsoft will be releasing a free virus scanner or virus protection of sort really soon. Cold truth is, you had that with vista and tyou learned how to dissable it and complained about it. That pop up that kept asking you if you are sure you want to install something, well expect it to come back for windows 7 and xp and vista, just a better skin. It will not be perfect, otherwise the operating system would be impenetrable. Simply because um… the software is made by the people who made the operating system. Hackers and scammers will be breaking it within  minutes of it’s release.

So for the time being Microsoft’s protection thingy is released, let’s fix ourselves up for cheap. Better than cheap, let’s do this for free.

Protection

Ok start with, DO NOT OPEN EMAIL ATTACHMENTS FROM STRANGERS! Never click a link in your email from your bank. because it’s never your bank, and just to be on the safe side when the email looks serious, close your browser, re-open your browser and type in your banks link manually.

Go to this website mvp’s hosts file Read what is being said there, read it well. Halfway down the page you will see

MVP's Gif

MVP's Gif

There will be a link near it to download a zip file. do it, download the file and copy all of the content onto your desktop. double click the file on your desktop named “mvps” , read what it says, hit your spacebar or any button you wish other than escape (not sure what escape would do) and you are done. you have now blocked your computer from connecting to known  advertisement websites. Many of those advertisement websites  also have foul software called “malware” . Malware includes virus, trojans, worms, adware, spyware and manhy things the like. So if you get a virus and it tries to push a bunch of pop ups on you, you will not get them. you will just get windows that pop up but saying you can not connect to the server. Some times those popups will install more malware on you so it’s great that you limit it.

Ok now that we are in this much of a safe zone, you must know that you are still vulnerable. You can still download a virus and have it install on your computer and compromise your computer. So as a cool little trick; next time you download something from a website go to these three sites and have it scanned for malware.

Virscan.org – This scanner allows you to scan with currently 37 different virus scanners. look at the botto n of the screen and see what the latest scan results show, you can see that some virus scanners will find stuff while others will not., refresh that page and see new results.

Virus total .com Same as the one above, some scanners not the same, so more results possibilities.

Jotti’s Malware scanner, I think is the original. this site used to allow you to see real time results from all scanners. not so much anymore.

If you chose not to install a virus scanner, I suggest you  at least run an online virus scanner once every weak or two. at the least, check twice a month, because you never remember the last time you entered credit card information. so start with these 3  free online virus scanners.

CA Internet Security Online virus scanner. The actual Software reminds me of an old virus scanner from the 90s called innoculateIT.

F Secure Online Scanner Online virus scanner

Bit Defender Online Scanner This one is slow on an infected machine, but it sure gets some results. For years i have used this one, even while using a paid virus scanner, it works very well. if you are on vista or windows seven, right click your Internet explorer icon and select “run as administrator”.

I would suggest Symantec/Norton or Macafee, but last time I checked they both find stuff but will not remove it, then when you buy the software and scan again, it finds nothing. Or at least that is the results I got the past five times I fell for it. Maybe it’s a coincidence, yeah, probably is.

if you want to install a free  virus scanner

Here is a list of the ones to try for free that by the majority of tech guys on the net, have been voted best free online scanners

PCWorld Post on free virus scanners i really can’t believe Avast and Avg are in that list….

I myself chose to install A-squared and set it for all protection modes. It does not run but a tiny process, never gives you a notice, but you can scan with it. and well I do that on a regular basis. Twice a week before bed. or just before I type any personal information into a website. To make sure there are no current cooties.

What to do if you feel you are infected.

shut your computer off and disconnect it from the internet. go to another computer if available. If none are available, or you have no portable thumb drive/ jump drive so you can sneaker mail software to your machine, then you have to do this from the infected machine, just disconect the internet each time you start one of these processes I tell you.

Here is the Download  list (include all of the downloadable software listed above)

Malwarebytes a free scanner that works well. Kind of specific needs though.. it really works.

A-Squared Hijack Free not a scanner but a process killer. kinda like HJT

If your scans show Vitumund or smitfraud or vundu use these two carefully smitfraudfix Also follow these instructions for smitfraudfix usage. Now get VunduFix. safe mode for best results on either program.

To get to safe mode: reboot computer and repeatedly tap the F8 button before the windows  logo and splash screen. Make boot selection and log in. Now run the programs.

If your computer only takes you to Google English try this post by…. well yours truly :-)

Keep them from hunting you out

firewall, best firewall is an internet router, go to the electronics store and get one. or go to amazone or bestbuy.com or go to compusa.com  just do something wise.

Hopefully I helped protect your computer or atleast increased your internet security and savvy.

Working On “Her” Computer

Well it seems the lady has come into a few cooties.

She has an xps m1210 laptop.

Since neither of us know just how long the stuff has been on her machine or where or how they all got there, I believe it would be in her best interest if we just back up everything that is important and whip out the reinstall discs. Easy? lol. Newp. No chance. Seems back when she got the computer she lived elsewhere with someone else and obtaining the drivers discs and o/s and all teh bundled software discs had to include a spy. Her little sister had to sneak the border and play friendlies… Now she snuck out with the baggy thing that all the discs are in which of course no one there claims to have seen. We have done some searches and find that one disc on the bag, is not for this laptop that we are about to work on. Ok. Now we have all the discs.

The hard part is deciding what to do after we install everything and well, does the sister go back and act like nothing happened? ( I mean this is a close as family issue, I am not in the family so I have to step back) I am thinking of burning the discs as a back up and bundling some jacked up progs with it.. but will they hate me for it?

well whatever

Ok So now the back up is not going so well. I have been to virustotal ,virscan.org and jotti’s a million times and man, I keep finding malware in everything she wants to backup. I am half tempted to just format and cross my fingers and lie like a dog. I am getting sick of each time they find stuff in the files I end up having to delete them anyway because they are beyond repair. Meanwhile I have a million more files to scan…one by one….. It’s hardly worth it. Then again she is fricken hot and I know what I am doing.
Well I also looked around and saw that ubuntu installs pretty good on this particular model. If I can assure her that open office is just as good as microsoft office/works then I got it made! I wouldn’t have to delete anything!
Tell you what, I will do something with this pretty machine and post it here later ;)

to be continued…….

Re-Evaluation of Dr.Web

After years of not touching Dr.Web, I could not remember, in full, why I did not like it. I could not remember why I did not trust it. It has been at least five years since I tried it and someone I see is trusted by quite a few people recommends it. I gave it a go. Well the first download is 14 MB. Quite tiny and happens in a blink — although the file downloaded was actually just a tool to download the actual program. After the download was complete and the install was nearly finished, it asked for a verification key (I did not have one). So the program allowed me to press a button and have a key automatically inserted. Why? Dunno. The scan seemed pretty smooth; I didn’t see the scanner get hung up on anything. The list of files being scanned was pretty steady. Boots and reboots of the system were smooth and there was no delay or hang time from Dr.Web.

I consider any program that you have to find a program from a second party to remove to be malware. If the program does not allow me to see the size of the actual install until after it is finished installing (I had to navigate to the folder it was contained in), I consider it to be deceptive.

Granted, this is a workplace computer. I am not the first employee to use this computer and formatting it is not an option. I did find traces of Limewire once installed on this machine, so you should have a pretty good idea how beat down this machine is because of misuse. Since this program found nothing and ran smoothly, I decided to break out some of the tried and true programs: Ad-Aware, Spybot, and A-Squared. All three found something, and no, it was not all cookies. Ad-Aware found what it labeled as a w32.novarg.a@mm (aka MY DOOM) file. A-Squared found a few hijackers, and Spybot found, like, 60 things.

Now here comes the issue. I decided I do not need this program to start when I start my computer. Since it never found anything, I was not impressed enough that I could leave it on the workplace computer throughout the trial period. I went to un-install Dr.Web, but it wasn’t happening. The un-install actually tries to install the program again. I went through the whole step of seeing if it would say “before we can install you must un-install; would you like to un-install?” Never happened. Full install right over the current.

So I did a Google search on it. The best information I found was sad and scary, all in one. Delete all registry entries and then go back to the directory of install and delete all signs of Dr.Web. I really do not suggest you do that. I mean, it did not damage this machine. I booted fine afterwards with no errors, but if you are new to ‘regedit,’ stay out. It is much safer that way.

After 14 years of doing this online and nine years on local networks (before the Internet), you would think I learned my lesson. Well, I have learned that sometimes you just have to try stuff and be prepared to put things back together. Good thing I do and can.

Here’s an alternative.

TruXter

Owner and writer of :

iworkwithtech.com  and iworkwithpeople.com 

What to do when infected with spyware/adware

[tags]adaware, adware, asquared, computer, hijacker, hijackthis, hosts, infected, infection, log, maliciouse program, malware, popup, redirect, scanner, spybot search and destroy, spyware, trojan, virus[/tags]

We all have had infestations, pop ups that never go away, something that changes your home page, or something that redirects the site you type to a totally different site. Even worse than all that, when there is a combination of those problems.

Well, I have some good news and some help for you.

Next time, you might want to consider this stuff first before you even go anywhere on the internet.

For starters, I would begin stopping most malware from even connecting to the net from your computer, this step stops your computer from ever going to the sites where malware is created, uploaded, and/or updated. Fix your “hosts” file by going to MVP’s site and reading up on the subject. I actually just scroll down like 20 lines and he has a zipped file with 5 or so items in it. Extract the contents to the desktop, double click the batch file, and in a blink, I am Protected from tons of malware servers. http://www.mvps.org/winhelp2002/hosts.htm

Please read mvps site to get a full understanding and to be on the same page as me. Yes the hosts project started out as a way to block banner ads, but it was later found that you can do much more. PLEASE READ THE MVPS SITE.

Before installation of new “hosts” file, I head to my existing “hosts” file and open it with Notepad to see if there are any changes made to it that are located here “C:WINDOWSsystem32driversetc”

There is a line that should say “127.0.0.1 localhost” which means local host is YOU. If it says anything other than 127.0.0.1, then your machine has been routed to someone else’s server and everything you do and type is being passed through them first. They filter through it and crack what they want. If you have anything different there, please post it here as a comment so I, and others, can help take care of someone like this.

Next, let’s go scan your machine. If you can, install this, “http://www.emsisoft.com/en/software/download/” and install a-squared Free 3.1

Run that program and remove anything and everything it finds. Let the scan finish before you start the next step. If both scanners try to remove the same files, it could cause problems.

Next, go get Spybot-Search and Destroy, you will find it here “http://www.safer-networking.org/en/download/index.htmlspybot – Search & Destroy 1.5.2

Now, go get Ad-Aware “http://www.lavasoftusa.com/single/trialpay.php

Run Ad-Aware after Spybot. The same rules apply.

If your issue persists, HJT that stands for “hijack this” found here “http://www.spywareinfo.com/~merijn/programs.php

You can join their forums “http://www.spywareinfo.com/~merijn/forums.php” and get help from people who spend all day, every day just helping people decipher what HJT finds in it’s logs. They all will tell you what to keep and what to kill. They are an excellent group.

In most cases, you would have prevented this from ever happening if you would have started with MVP’s “hosts” file. That is a very good practice. Also, it would be wise prevention to not install anything and everything you find on the internet. First thing you must always do when you download anything is scan it with as many virus scanners as possible. I use Jotti’s site for the online single file scanner. It scans with like 20 different virus scanners at one time and shows you a real time results area at the bottom of the page. If you watch the scan result, you can see what scanners are worth a darn and what scanners are worth being cup holder….. AVG is garbage.. See for yourself. “http://virusscan.jotti.org/

If anyone has protection tips of the malware kind, drop a note here ..

Good free firewall to prevent this kind of thing:

Sygate firewall:

http://smb.sygate.com/products/spf_standard.htm

Trojan killers:

http://swatit.org/download.html

Trojan Hunter trial version:

http://www.misec.net/

Do this immediately:

Disabling system restore in Win Xp
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001012513122239?Open&src=sec_doc_nam&docid=2001111912274039&nsf=tsgeninfo.nsf&view=docid&dtype=∏=&ver=&osv=&osv_lvl

More Xp resource:

XP resource info:

www.blackviper.com

http://grc.com/dos/xpsummary.htm

http://www.annoyances.org/exec/forum/winxp
If you do not have SpyBot and Adaware, do this:

Spybot:

Download and Read the SpyBot tutorial here:

http://s89223352.onlinehome.us/mirror/spybot/index1.php

Download it, Unzip the program, and immediately check for updates, install the updates and then do the scan.

Let it fix everything marked in red. Reboot but not with restart, shut it down for two full minutes. You�ve got two measely minutes and it�s worth it, and let Spybot run if it indicates.

To add an item to your �Ignore List� click on the little �+� sign next to the item and left click it to highlight it, then right click it and a menu appears, select the function you want.

When you are done reboot again same way. Two full minutes shut sown is best.

Tea Time discussed by designer here:

http://forums.net-integration.net/index.php?showtopic=13433

Also, go to the update page. Notice 3 icons across the top. Between “Search For Updates” and “Download Updates” there is an icon for the download mirror location. After you click on �search for updates,� the one in the middle will change. If it doesn’t say “Spybot.US by Rootboxen.net USA” click on the dropbox arrows and click on Rootboxen, and use only that one. If you got a “checksum error” trying to download –that’s why.

Ad-Aware:

Download AdAware from http://www.lavasoft.de/

check for updates at “webupdate”.

I use these settings (green check)

From main window click “Start” then make sure ” Activate in-depth scan” has a green check next to it.

Put a black dot nest to “Use custom scanning options� and click Customize” next to it, then green check these options:
“Scan within archives” ,”Scan active processes”, “Scan registry”,
“Deep scan registry” ,”Scan my IE Favorites for banned URL”
“Scan my host-files”

At the top of the �STATUS� page notice the Tweak (gear) icon. Click on it.

The first setting is �Scanning Engine.� Click on the little plus sign next to it, and in the drop-down green check “Unload recognized processes during scanning”, and �include basic Ad-Aware settings in log file�. Next click on the �+� next to “Cleaning Engine” and in the drop-down green check “Let windows remove files in use at next reboot” and Delete quarantine objects after restoring�

Click “proceed”, that will save those settings.

Click “Scan”

When the scan finishes, mark everything for removal and delete it. Right-click the window and choose “select all” from the drop down menu, press �next� and then �yes� to the prompt: �remove all these entries�.

However, if you have certain programs running that will give a false indicator of a browser hijack attempt, such as Script Sentry, which places a monitoring function in the registry and looks like a browser hijacker but is not, then you may want to add that to the ignore list because you want to keep it there to do it�s job. To add an item to the ignore list, put the a cursor on the file it reveals and left click it to highlight it, then right click it and a menu appears. Click on �ignore list.�

Shut down, two minute shut down is best, and let Adaware run on reboot if it indicates.
When you are done all that, go into Safe Mode and run Adaware, SpyBot, and Av. Then go to ‘search files and folders’ and search for the file name of the trojan and delete it in Safe Mode. If you are clean there, that’s about it. Re-enable your system restore.

I also use these:

Spyware Blaster

http://www.javacoolsoftware.com/spywareblaster.html

MRU Blaster

http://www.javacoolsoftware.com/mrublaster.html

and Script Sentry.

Run Adaware, SpyBot and your AV in normal mode. Clean? good. Go here:

Jason�s Browser Security Test:

http://www.jasons-toolbox.com/BrowserSecurity/

Gibson tests:

http://www.grc.com/default.htm

I use LeakTest, DCOMbobulator, ShieldUp, and plugnpray.

Love for the tech community.

Is Norton better than free?

Let’s look at a free online virus scanner compared to Norton antivirus

noton.PNG

I scanned with Norton first and found nothing, then scanned again with bit defender online free virus scanner.

what do you think is the better choice?

A-Squared

Found Riskware.PSWTool.Win32.Brutus

AntiVir

Found SPR/Brutus

ArcaVir

Found Trojan.Psw.Tool.Brutus

Avast

Found Win32:PolyCrypt-ASO

AVG Antivirus

Found nothing

BitDefender

Found Application.PWCrack.Brutus.A

ClamAV

Found Virtool.Brutus

CPsecure

Found PSWTool.W32.Brutus

Dr.Web

Found Tool.BrutusPWS

F-Prot Antivirus

Found security risk or a “backdoor” program

F-Secure Anti-Virus

Found not-a-virus:PSWTool.Win32.Brutus (6, 2, 605)

Fortinet

Found HackerTool/PWCrack

Ikarus

Found HackTool.Win32.Brutus

Kaspersky Anti-Virus

Found not-a-virus:PSWTool.Win32.Brutus

NOD32

Found Win32/PSWTool.Brutus application

Norman Virus Control

Found nothing

Panda Antivirus

Found Application/Brutus.A

Rising Antivirus

Found nothing

Sophos Antivirus

Found nothing

VirusBuster

Found nothing

VBA32

Found Win32.PSWTool.Brutus