Good Free Virus Scanners and Antiviruses?

If you say you want “good and free” as you ask me for advice on a virus scanner or antivirus, don’t get mad at me if I tell you to remove your Avast, Kaspersky or AVG. I have zero faith in either one of those. ZERO. Simply because I have done my tests and the results were what I suspected. Garbage.
Microsoft Security essentials and Microsoft windows defender are the only antiviruses (virus protection) I recommend. Even though virus scanner and antivirus are two different things. One scans, the other monitors with a scan option.
If you want a good virus scanner then you must understand the maker of the program made it to scan and focused on scanning manually only. This is a good thing. Doesn’t bloat down your computer running scans when if it was a good virus protection, there’d be nothing to scan to begin with.
From a previous post here about virus scanners and antiviruses.
RogueKiller.exe  This will hunt down the deepest of virus.
ATF-Cleaner.exe helps clear up what’s on your computer in folders that you got locked out of in the attack. empties trash and cache and a bunch of stuff all at the same time
Spybotweak these days but doesn’t kill you to give it a scan and let it clean a few things up too.
[Microsoft Essentials Windows 7] | [Windows Defender Windows 8]..Not a bad free Virus Scanner. Works pretty good. Works best if installed before you get the virus. Protects better than any other virus scanner. Free or otherwise.
unhide.exe will get your icons back if you lost them and your files back if they disappeared when the virus hit you.
Malwarebytes– free and good strong software
Super Anti-Spyware – Stupid name, great product. oh and it has a free version.
Emergency Kit Scanner – I use this one anytime a friend calls me for help
MVP’s Hosts – block your computer from accessing known virus site. Stops advertisements too. Not a virus scanner or antivirus in teh sense of realtime protection, but still a good addition.

The basic rule of internet safety is watching out for the b.y.c.a.k. virus. b.y.c.a.k. = between your chair and keyboard.
this means, don’t open weird emails. Don’t go to weird websites. Don’t click impulse click bait links on Facebook or twitter or the like.

Remember these and you have a better chance than 75% of the people on the internet.

Still no matter how safe you are, you can still get a virus from legitimate uses of your computer on the internet. If this happens, then be wise and either  wipe and reinstall windows, or take the time to run every  program in the link above (this is so much more fun and feels very accomplished in the end). Don’t forget to update the programs and do it again all week long, just to be sure.

Joomla Bluestork Built in Virus

Found in the error.php file

You can either replace the error page with another, or delete all on the text within the php file with text from a safe error.php file

What happened you say?
My website got shut down by my webhost. They told me there was a virus on on of my websites and told me to upload a safe copy of the website..
Well I don’t have a copy of my website. They have a copy of my website.
but. I couldn’t do anything. SO I downloaded the whole website via FTP. and decided to locate the joomla files the webhost said may be compromised.
To be certain, I downloaded a fresh copy of Joomla, and a fresh copy of blue stork and checked for a virus.
Yep. Sure enough.
The Error page has a virus in it.
I started with a simple scan with EMsisoft Emergency kit
Then moved to virscan.org single virus scanner that uses multiple scanners, to scan one device and shows you what they all find. They don’t all typically agree with each other, so it’s like getting a 2nd 3rd,4th etc opinion all at one time.

Here is the resulting page

I then ran to virustotal website and performed a very similar scan. and got somewhat similar results.
The results
Admin theme Bluestork
The scary part, is Bluestork has been the default admin theme for Joomla for quite a long time.

It seems there is either a new virus definition going around that is much better defines, or is flawed, or bluestork people really have something to fix.

Either way, it might be in the best interest for Joomla to strip the bluestork theme out of the default themse.

I myself have stripped the error page to no text with in it at all.

Which celebrity you look alike, facebook exploit

UPDATE
This page is coming down because I will not help Facebook if Facebook doesn’t help you.
and it is in your best interest to leave that place. It is everything myspace was becoming when we all left.
Facebook banned me because I will not send them a picture of my driver’s license.
UPDATE

 

Latest exploit to facebook is the “Awesome, Which celebrity you look alike? : http://www.facebook.com/CelebslikeYou/app_XXXXXXXXXXXXX”

Looks like Facebook has allowed an ap in their network that is exploited. or extremely stupid. I just had 5 female friends fall for that dang thing, and there seems to be only three pictures that the ap uses to tell people they look like. There is no logic to the ap at all. Long face looks like round face, brown hair looks like blond, curly hair looks like straight. Wide eyes look like tiny eyes.

facebook.celebrity.scam

I am not sure if the ap has a virus in it or not, but it looks like it’s bogus and the ap is just used to get you to willingly give up your personal information.
One thing for certain, this is an Exploit in your gullibility.
Here’s how you remove all personal information access that this ap has tricked you out of.

look to the top right of your facebook page
Next to the word “Home” is a triangle pointing down. Click that and select “Privacy settings”.
privacy setting facebook

Now move your mouse to where you see “edit settings” to the right of

Ads, Apps and Websites
Manage your settings for ads, apps, games and websites.

Click on edit settings.
apps.setting

Next you will see a small window section that says “Apps you use” on the right of that you will see “edit settings”
aps.you.use

Click the edit settings button and delete everything you no longer care for, including the ap you just installed

Now would be a great time to change your Facebook password also.

Leap Year Virus 2012 ??

It seems that one of the viruses that I reported in one of my previous posts, that obtained on my computer at work, has been bit by the Leap Year Virus 2012.
Everything is running slow.
First clue was I got a notice about “iteratorutils.jsm:117” failed to start. That of course is not a sign of virus, it is a sign that something is running slow, since script time for Mozilla is 10 seconds, The computer is running so slow, it exceeded the 10 second script load time . Not perfect science but enough to get me alerted. Yesterday was a busy day. My computer was running at full speed, smooth and nice. I never once searched anything on the web. I just worked on my drawings and records. Today, slow. Everything is loading at a crawl.

I am now running scans but it seems Microsoft essentials has locked up. And the only thing I have that will run, is spybot search and destroy, and Rouge Killer (linked below). Rouge Killer did find a couple registry anomalies that were labeled regular stuff you would normally overlook, I deleted the instances anyway. My machine might not boot back up because of that. but it’s worth a shot. I am sure the I.T. guy here and I can get the office computer back up and I will report back here as to do or not do what I did. I am sure I have to reboot because what regestry was showing, is that 3 items were loading on start of the computer. Since my computer is still running, then the items are still running and I only removed what starts them.If I don’t report back before you read this….. Don’t do it!.

Will report back when I find more to see if there is an actual virus that has been dormant waiting for Leap Year 2012. Possibly bundled with Antivirus 2012

If you notice the same issues, Please describe below, and check back often. I will be updating this as the day progresses.

**update** Microsoft essentials finally finished update. Scanning now. but so far nothing is showing up.

***Update. I have no idea what happened, 3 hours into my work day, and my computer just started working normal. Reboots really slow now, but it works again.
No virus scanners found anything. So I have no clue if they just don’t have the virus signature yet, or if it was a fluke bug, or what.

XP Antivirus 2012 – Scam

Well a technician at the office got the virus “XP Antivirus 2012” for me to remove from his hp mini.
steady pop ups. No executable files would run.

To fix your .exe executable files to work again, you need to edit your registry and change one insert to say exefile
open regedit by right clicking the file in your windows folder, select RUN AS, uncheck the box that says “protect my computer and data from….” and then click ok. The regedit.exe will open
HKEY_CLASSES_ROOT
Scroll down till you find the folder icon labeled “EXE”
look for (Default). Right click it and select “modify”. a text box will pop up and just type: exefile
and then click ok.
Now your executables are restored to functioning again.

reg fix for Xp

Now… Since the virus runs as a spin off of an old virus that has been floating around, the fix is similar for each version of windows it was created for so here is the fix for the windows 7 version of this virus

Just scroll down till you see the virus scanners and all of that and use them all. They are all very important in removing this stupid thing.

RogueKiller.exe
ATF-Cleaner.exe helps clear up what’s on your computer in folders that you got locked out of in the attack.
Spybot
ESET Online Virus Scanner  to clear out the Virus
[Microsoft Essentials Windows 7] | [Windows Defender Windows 8]Not a bad free Virus Scanner. Works pretty good.
unhide.exe will get your icons back and your files back if they disappeared when the virus hit you.

If I didn’t make it clear before. This is not a real virus scanner. This is not a real antivirus. This is a virus and will cause stress on your regular computer usage. You will be at your best interest to remove this resource hog bloated garbage and do not give these people money. do not give these people your personal information.

THIS IS A VIRUS!

Fake Windows Repair On Windows 7

last month I wrote about fake system restore on windows Xp.
Well I can say without a doubt that the repair restore virus hits windows 7 also.
On windows 7 I got a notice that Google updater needs to update. The virus would not let me select “no”. I uninstall all Google updater and Google toolbars. So I know that there should be no reason for a Google updater program to want access to my computer.
This is the first Windows virus I have experienced on Windows 7. But being a veteran of this specific virus. I knew what to expect. Main thing, is don’t click any of the pop ups. At all.
Push the “windows” logo button on your keyboard and the letter “R” at the same time. because you are about to have everything on your computer hidden from you.
once that opens type in “c:” and press enter. That will take you to your C drive. You can now watch everything look as if it is getting deleted off of your computer. Actually what the virus is doing, is making all of your files “hidden” similar to what you see in this image.

looks like files deleted

hidden files

Don’t worry, your files are not deleted, they are just hidden.
How to get your files back
This pretty creative of the virus writer, because the warning you will see, will look legit and they will say that your hard drive is corrupt or having write errors or that you have a bad sector. So when you look into “my computer” all of your files are gone.. they aren’t gone. If they were gone, you’d be looking at a blank screen.
Well the link I gave above, is the fix, it works the same with windows 7 as it does for windows xp.

Good luck. Took me only 45 minutes this time.
The first time it took 6 hours to solve the issue because I was the first to fix it and post on it. :-)
So yeah.. you are in luck.. you found the right site because everything I link to, to fix the virus, is free.
So have fun with it.

netsession_win.exe Uninstall

netsession_win.exe
popped up on thousands of firewalls yesterday.
I am not sure but I assume it is all people who do not have a router with a built in fire wall.
found a post of how to uninstall netsession_win.exe

To remove it, this is the file path. Enter it into Search on the Start menu and there is an Uninstall.exe file in the folder.

C:usersUSERNAME HEREappdatalocalakamai

It prompts that the uninstall will possibly cause problems with downloads or streams and that you may be prompted to re-install at a later date.

Not sure what it will effect, but that is the method I found to uninstall netsession_win.exe.
So do it at your own risk

Many people saw that their firewall blocked it while playing video games. or doing something that is streaming. Could be part of Netflix so if your netflix goes down from this, Remember I said “at your own risk”. Some say it might be iTunes. Currently there is no confirmation as to where this comes from. As many people say they haven’t recently installed anything on their computer. Some suspect netsession_win.exe is an automatic update.

Others think that netsession_win.exe is a virus or malware. Some weirdo said something about a conspiracy.
I have uninstalled it and I am running fine. Haven’t found any programs unable to function just yet. but I am on a computer at the office. So…. Can’t really do much. I don’t have any media streaming software nor do I have any games installed.
Here is the site claiming responsibility of the netsession win.exe
Check with akamai site and see if the software is being used by someone who knows it’s exploits, and see if you have anything on their list, that might be installed on your computer. I suggest you read it carefully.

 

Here is a Quote from the akamai site:

 

The Akamai NetSession Interface DOES:

  • provide client networking technology to enable applications to enhance their video and file download capabilities.
  • enable secure, closed peer-to-peer networking so that websites can deliver files to their users economically and with faster downloads.
  • provide in-depth information about what the Akamai NetSession Interface does and how it works.
  • provide simple ways for the user to turn the netsession interface off
  • provide a simple uninstall process
  • provide an AdminTool for the user to see utilization system resources and client activity

It DOES NOT:

  • monitor your browsing or other Internet activity
  • pop-up ads
  • interrupt your web viewing experience with prompts or other annoying software tactics
  • interfere with other applications on your machine
  • hide itself on your system
  • take over your computer, nor monopolize your computer’s resources

Is there any way to see the Akamai NetSession Interface’s networking activity and other settings?
The Akamai NetSession Interface has an advanced settings interface. Most users can access the administrative tool in C:Program FilesCommon FilesAkamaiAdminTool.exe

  • Launch AdminTool from the command line
  • AdminTool supports information about cached files, network activity, and other applications utilizing the client library
  • AdminTool also provides ability to uninstall and turn the client off

Fake System Restore is a Virus

Fake computer repair/Restore software infects your computer with a bad virus that is hard to remove, hides your desktop icons and all of the items in the start menu and makes all of your folders hidden and read only. The Virus Also kills Task Manager.
On Windows XP windows 7 and windows vista.
The program has been called pc repair, system restore, pc restore, and probably a few more names I haven’t expected yet.


The pop up tells you that your hard drive can’t be read and your video card is overheating and that this semi-legit looking (except for the buy now button) can fix the issue.
This Virus is a bad one. Killed my computer at work. First Got a pop up that looks like System restore (kind of. never really looked at it) Except in the corner it says “buy Now” and across from it is the cancel button. Now me being a vet of these pop ups I assumed that by clicking the red X in the corner I have better odds than if I click either of the offered buttons.
Boom. all of my icons Vanished and my start menu became emptied, completely. Start menu was completely void of all options. Everything I had in my quick launch deleted off also.Not cool.
I tried the ol 1-2, and rebooted. Nope. Blue screen of Death. Safe mode, nope blue screen of death. Put another hard drive in and use it as the primary hard drive and scan the first hard drive with it’s virus scanner. Which was Windows Essentials. Found the ROOT KIT right away. After the delete and another reboot, blue screen of death.
But after about 6 hours of freaking out hoping the boss does not see. I get my computer restored
Here’s what I used.



RogueKiller.exe
ATF-Cleaner.exe helps clear up what’s on your computer in folders that you got locked out of in the attack.
Spybot
Believe it or not I used ESET Online Virus Scanner  to clear out the Viruses that this System restore thing gave me (worked great on Xp computer, did just okay on windows 7)
Microsoft Essentials Not a bad free Virus Scanner. Works pretty good. Makes the computer a bit slow though. I uninstalled it after I used it. This one finds the trojans left behind from the System Repair virus on Windows 7, and finds some for the system restore virus on xp. and windows 7
unhide.exe will get your icons back and your files back that disappeared when the virus hit you.

 

Then to get my icons back in order on my desktop, killed Explorer and restarted Explorer. To get the Explorer to run, I hit Windows button and the letter “D”, until I could right click on my desktop. You might have to do this three times or so. once you can right click, select “New” and select “Shortcut” Then it will ask you what you want to name it and where you want to point it. point to “C:\Windows\System32\taskmgr.exe” and save. Now double click that shortcut, and kill all instances of Explorer.exe. Then while still in taskmanager on the applications tab, look at the bottom, click the “new task” button. when it opens, type Explorer.exe.

Your folders are not gone, they are hidden and put into “read only” mode. You have to navigate to drive c: find and empty space (no icons in the way) Right click and select “properties” find the view tab. Scroll down and make it makes hidden folders visible folders. Click apply . Now you have to go to each folder one by one, or you can just use that program I posted up there called “unhide.exe” Does all of the unhiding of the folders again. Not sure which one but one brings back all of your uninstalls and fills your start menu again. It’s not a perfect science but it gets you closer with a mess ton of less work. One of those files looks like you have to register, don’t fill anything in just hit ok, it will work in trial mode.. you’re just going to use it once anyway. I did it backward and manually started doing all of this while my friend looked up what to get, by then I was about 30% into it, so some stuff the programs were to do, I already did it and some stuff I did, I bet the programs don’t do. but run all of those before you get to far into it that way you can see for yourself what they fix. Should make a lot of stuff much easier once you use the virus scanners and empty all of that stuff out.
Eset, I never liked them until this. They did quite a bit, and Microsoft essentials found the root kit.

That’s what did it for me.
Hope this works for you.

If this works for you, please share the link or comment below, let me know I am helping. If you need any ideas or tips or better understanding of anything, post below. I will do my best.

In the comments section of another post, someone made a connection between this virus and the software I noted . Netsession_win.exe

PS… If you are here because of Reddit. Hook me up with some Karma. !

Microsoft to End Pc Gaming

Microsoft is giving out an xbox 360 to students who purchase a new computer. Article on M$ website. Code name Windows 8, is to be predominantly touch screen, and we all know that the hippy hipsters will jump at the chance to have the fastest reaction touch screen and the most accurate touch screen monitor, and the most touchy video card. This forcing monitor manufacturers to focus more in the direction of interaction, and video card companies to do the same.
When Code name Windows 8 comes out, you will be a cave man if you have a keyboard and a mouse. you will be the dorky kid in the tuff skins pants. And that my friend is how Pc gaming will die.
Code name Windows 8, is not the final hatchet, just the precursor to the inevitable world of not having local storage on your pc. and the biggest seller is there is no maintenance and no hacking and no virus. because your operating system will be on someone’s server somewhere else and completely out of your control.
How fat and lazy and stupid do you have to be to not be able to do three clicks and start and finish a virus scan?

Cold Call Computer Scammers

There are people who are cold calling victims and telling them that they work for Microsoft and are detecting many errors. They get the victim to install software that allows them open access to the computer. compromising the computer.
The caller pretends to be from Microsoft and have detected issues from your computer.

Part 1

Part 2

Part3

a pretty cool one with a kid pwning the Fake Microsoft computer repair scam callers.

What I don’t get is that at the beginning of the call the caller says they are from Microsoft. but by the end of the call they do not say it again. I have been hoping one of you would get them to confirm it at the beginning of the video and again near the end before you download the software they are looking for you to install. I have not yet received this call.
Can’t help but wonder if the call is because you have your phone number listed on the internet publicly for some website somewhere.