I recently got the "VirusBursters" virus/malware thing on my computer. I have found several anti-virus programs that will FIND the virus but require me to register a.k.a. pay them money to remove it. There are a few reasons why I can't buy the full-versions of the programs...
* I am a high schooler with very little money to spare for anything other than insurance and gas.
* If my parents find out I got virus they're going to be pissed and most likely take away my computer, which is just as bad if not worse than having the virus in the first place.
Does anyone know of any 100% absolutely free programs that will remove "VirusBursters". Or would be kind enough to e-mail me one.
2006-11-22 11:01:19 · 21 answers · asked by Anonymous in Computers & Internet ➔ Security
Oh, and it doesn't show up in a McAfee virus scan. Believe me, I have been scanning my computer for 2 days straight.
2006-11-22 11:03:17 · update #1
I don't think it showed up in an AVG scan either.
2006-11-22 11:05:51 · update #2
Get a good antivirus program. Here you have some free options:
http://askcomputerexpert.ws43.com/download/security.htm
2006-11-25 02:05:08 · answer #1 · answered by crys.roxy 3 · 0⤊ 0⤋
2
2016-08-22 07:52:31 · answer #2 · answered by ? 3 · 0⤊ 0⤋
Free is good, and in this case you can get way more that you paid for. In a well protected computer it must have a layered security scheme.
Good security has several levels and except for hardware it will not cost you anything.
1. Antivirus Only1 More than one will cause OS conflicts
2. Firewall Only 1 More thab ine will cause OS conflicts (software)
3. Several antispyware programs
4. Keep your operating system up to date
5. Pre-install online scan software and use it regularly (once a month)
That is all the free stuff.
I recommend
Avast (AntiVirus)
Spybot, Defender, Adaware, SpywareGuard, SpywareBlaster, and AVG antispyware. (AntiSpyware)
Sygate 5.5 (Software firewall)
I also strongly recommend a router with NAT. If you are on dialup I would recommend you aquire an old computer and set it up as a router. The software for the router does not need an OS and is free.
There is a site with all this software on it and also programs to help remove the malware.
2006-11-22 11:23:23 · answer #3 · answered by acklan 6 · 0⤊ 2⤋
There is no shortage of good antivirus software programs. The 3 most popular are: Antivir, Avast and AVG. All 3 programs can be found on: http://www.filehippo.com/software/antivirus/
All 3 are free for non commercial personal use. There is no time limit on the software - basically free forever. "Free" does not mean inferior. All 3 programs are very effective and reliable. They will scan and remove any virus detected. For a review of these programs, read:
"Review: Free Antivirus Software" -- written by Mary Landesman,about.com (http://antivirus.about.com/od/antivirussoftwarereviews/a/freeav.htm)
Now, back to your problem with the VirusBuster. Any of these 3 programs should remove the virus. However, just in case they can't, I have include instructions on how to manually remove it. The information is provided by BitDefender, which PC World Magazine rated to be the best antivirus software program for 2006. Here is the link to the instructions:
http://www.bitdefender.com/VIRUS-1000054-en--Win32.MyDoom.AE@mm.html
( Win32.MyDoom.AI (Symantec), Win32.MyDoom.AL (VirusBuster) )
Spreading: MEDIUM
Damage: MEDIUM
Size: ~32 K (~74 K unpacked)
Discovered: 2005 Jan 17
SYMPTOMS:
Presence of the files lsasrv.exe, version.ini and hserv.sys in the Windows System folder.
The registry key HKLMSoftwareMicrosoftWindowsCurrentVersionRun contains the item "lsass" that points to the "lsasrv.exe" file in the system directory.
The registry key HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon contains the item "Shell" with a value of "explorer.exe %system%lsasrv.exe".
TECHNICAL DESCRIPTION:
This e-mail worm arrives in mail messages. The worm has its own SMTP e-mailing engine; it also contains code to spread across peer-to-peer networks, such as Kazaa, Morpheus, eDonkey, etc.
Spreading across file-sharing networks
For some of the file-sharing software, the worm contains code to get the actual shared directory; for others, like LimeWire or eDonkey, the worm uses default, hardcoded values: "C:Program FileseDonkey2000incoming" or "C:Program FilesLimeWireShared".
The worm writes itself to these shared folders using one of the following file names:
porno, NeroBROM6.3.1.27, avpprokey, Ad-awareref01R349, winxp_patch, adultpasswds, dcom_patches,
K-LiteCodecPack2.34a, activation_crack, icq2004-final, winamp5 with randomly chosen extensions, chosen from "bat", "exe", "cmd", "pif", "scr" or even "zip".
Anti-anti-virus protection
When the worm detects the presence of another virus, or an antivirus engine in the computer's memory, it attempts to terminate the process. The file names it checks are:
i11r54n4.exe, irun4.exe, d3dupdate.exe, rate.exe, ssate.exe, winsys.exe, winupd.exe, SysMonXP.exe, bbeagle.exe,
Penis32.exe, teekids.exe, MSBLAST.exe, mscvb32.exe, sysinfo.exe, PandaAVEngine.exe, taskmon.exe, wincfg32.exe, outpost.exe, zonealarm.exe, navapw32.exe, navw32.exe, zapro.exe, msblast.exe, netstat.exe.
To avoid virus updates, the worm disables access to the following list of anti-virus servers, by adding the line %server% = 127.0.0.1 in the %system32%driversetchosts file:
grisoft.com, www.grisoft.com, www.trendmicro.com, rads.mcafee.com, customer.symantec.com, liveupdate.symantec.com, us.mcafee.com, updates.symantec.com, update.symantec.com, www.nai.com, secure.nai.com, dispatch.mcafee.com, download.mcafee.com, my-etrust.com, www.my-etrust.com, mast.mcafee.com, ca.com, www.ca.com, www.networkassociates.com, www.kaspersky.com, www.avp.com, kaspersky-labs.com, kaspersky.com, f-secure.com, www.f-secure.com, viruslist.com, www.viruslist.com, liveupdate.symantecliveupdate.com, mcafee.com, www.mcafee.com, sophos.com, www.sophos.com, securityresponse.symantec.com, www.symantec.com.
E-mail spreading
The e-mail spreading engine is classic. The worm harvests e-mail addresses from files likely to contain them across the hard disk drive. It avoids to send infected e-mail messages to servers that contain one of the strings below:
accoun, certific, listserv, ntivi, support, icrosoft, admin, page, the.bat, gold-certs, feste, submit, help, service, privacy, somebody, soft, contact, site, rating, bugs, your, someone, anyone, nothing, nobody, noone, webmaster, postmaster, samples, info, root, AD_KNX.K:, mozilla, utgers.ed, tanford.e, acketst, secur, isc.o, isi.e, ripe., arin., sendmail, rfc-ed, ietf, usenet, fido, linux, kernel, google, ibm.com, fsf., mit.e, math, unix, berkeley, foo., .mil, gov., .gov, ruslis, nodomai, mydomai, example, inpris, borlan, sopho, panda, hotmail, msn., icrosof, syma.
The "From" e-mail field is obviously spoofed; it's generated automatically using first and last names from predefined lists.
Removal instructions:
1) Terminate the viral process
2) Manually delete the files lsasrv.exe, version.ini and hserv.sys from the Windows %System% folder (or let BitDefender do this for you)
4) Delete the key "lsass" from HKLMSoftwareMicrosoftWindowsCurrentVersionRun
5) Modify the "Shell" field of the key HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon to "Explorer.exe".
6) Reboot your system.
2006-11-22 12:36:52 · answer #4 · answered by What the...?!? 6 · 0⤊ 2⤋
As you have already found out "standard" anti-virus apps such as McAfee, Norton ans AVG cannot even detect never mind remove VirusBursters.
Your computer has a Smitfraud infection. You will need to use a specialised removal tool such as SmitFraudFix v2.111:
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
or
RogueFix:
http://www.internetinspiration.co.uk/roguefix.htm
To remove this pest.
Good luck.
2006-11-22 12:10:54 · answer #5 · answered by Anonymous · 0⤊ 1⤋
AVG will no lonbger be free after the 15th of Jan.07.
2006-11-25 04:40:08 · answer #6 · answered by adhil12 3 · 0⤊ 0⤋
AVG--- free
It's easy to get a Virus. I got one once by playing
a music video. I guess someone was mad at the
popular Music Artist.
2006-11-22 12:22:25 · answer #7 · answered by elliebear 7 · 0⤊ 1⤋
http://www.bleepingcomputer.com/forums/topic70074.html
found it!
this is the auto fix:
http://www.bleepingcomputer.com/resources/link243.html
this is how to use it:
http://www.bleepingcomputer.com/forums/topic70074.html#automated
I still recommend using avg but you need a tool aimed at this one(my links).
also if you run 2 anti virus programs at the same time it can cause problems.
2006-11-22 11:02:40 · answer #8 · answered by Ryan E 3 · 1⤊ 1⤋
this is the 3 i use, all free, avg anti virus, spybot search and destroy,,and ad-aware from lavasoft, these 3 work great.it may not be a virus .but spyware scan with spybot it's a safe download plus it will get rid of any pop ups you get.
2006-11-22 11:05:45 · answer #9 · answered by Anonymous · 1⤊ 3⤋
I can give a few links that offer free virus and spyware removers...!You may be having a virus or spyware installed on your PC. Norton, AVG , Avast are free antivirus software. Ad-aware, Ewido are free spyware removers. You can download free softwares at
http://fixit.in/antivirus.html and http://fixit.in/spywareremover.html
2006-11-22 11:21:08 · answer #10 · answered by RAS 3 · 0⤊ 3⤋