Reading mode: Light Dark

HELP ! - anybody - virus problem

  • Thread starter Thread starter EJN
  • Start date Start date
Go to last post
EJN,

there is a wonderful free software: Ad-Aware ( http://www.lavasoftusa.com/ )

It deletes all sorts of Spyware and Adware.

Kind regards,

Michael Keuer
EJN said:
Tried the Register search for 'searchweb' andit DID find a couple
of entries...but they were as left in a sub-Key for what seems just
a record of 'Runs' - I don't think it does much except keep a
record. There is though , in one sub-Key in the Register ..called
'Domains' ...under something or other...and it literally is the
record of all the domains the computer can look in as it wishes,
covereing it seems pretty near anywhere you've been...a sort of
Registry Cookies. I'm half inclined to delete THE LOT , then
re-enter the 'Domains' sub-key (then empty) for following use, as I
suppose it can be helpful for a lot of genuine reasons...but it DID
hold the searchweb etc and a few others I'm not happy with. I think
I did clear Searchweb before, on the note of some other Google
Forum note, but you know how these things multiply themselves like
rabbits so ANY entry can be resurrected easily it seems. Most seem
to have TWO locatons and if you only delete one, it comes back
from the other. So-and-so !!!
EJN said:
Stinson said:
As I recall the person that had the problem awhile back I read that
the culprit was a file in the system directory that was mislabled.
So instead of it being an .exe it was a .dll or something like
that. The item has a fake file extension I guess. Good luck.
--
Stinson
Click to expand...
I had an excellent tip from someone to look in Windows+system+sys32
dirs to see if I could spot a file with a creation date/time to
match the start of the problem - as I know almost for certain
exactly when it started - within 30 mins or so of 5pm on 30th May -
but I've just looked yet again to be sure and there's NOTHING.
Plenty that were new and created LATER than evening..those would
surely be what came from a variety of NEW progs I was then adding
from recommends, after running my own that were already
pre-logged...all others that day are around the 11pm slot , give or
take an hour or two...when I WAS using/adding new progs...but
NOTHING to pin down to that 5pm slot.
Pity the 'Search' on this Forums site is so poor - you just seem
unable to get anything that goes back as far as you ever seem to
want - and of course this Oly one moves like lightning .. anything
about a week old can be 15 or so pages back !!! so finding anything
a month or more ago is hopeless. Did a lot of Google searches in
other similar Forums on such trouble but again, no clue. They all
said CWShredder had cleared it , fine...it does NOTHING for me
except say I'm clean !!
--
EJN
Click to expand...
--
EJN
Click to expand...
--
Michael Keuer
 
Michael Keuer said:
Michael Keuer said:
Tried the Register search for 'searchweb' andit DID find a couple
of entries...but they were as left in a sub-Key for what seems just
a record of 'Runs' - I don't think it does much except keep a
record. There is though , in one sub-Key in the Register ..called
'Domains' ...under something or other...and it literally is the
record of all the domains the computer can look in as it wishes,
covereing it seems pretty near anywhere you've been...a sort of
Registry Cookies. I'm half inclined to delete THE LOT , then
re-enter the 'Domains' sub-key (then empty) for following use, as I
suppose it can be helpful for a lot of genuine reasons...but it DID
hold the searchweb etc and a few others I'm not happy with. I think
I did clear Searchweb before, on the note of some other Google
Forum note, but you know how these things multiply themselves like
rabbits so ANY entry can be resurrected easily it seems. Most seem
to have TWO locatons and if you only delete one, it comes back
from the other. So-and-so !!!
EJN said:
Stinson said:
As I recall the person that had the problem awhile back I read that
the culprit was a file in the system directory that was mislabled.
So instead of it being an .exe it was a .dll or something like
that. The item has a fake file extension I guess. Good luck.
--
Stinson
Click to expand...
I had an excellent tip from someone to look in Windows+system+sys32
dirs to see if I could spot a file with a creation date/time to
match the start of the problem - as I know almost for certain
exactly when it started - within 30 mins or so of 5pm on 30th May -
but I've just looked yet again to be sure and there's NOTHING.
Plenty that were new and created LATER than evening..those would
surely be what came from a variety of NEW progs I was then adding
from recommends, after running my own that were already
pre-logged...all others that day are around the 11pm slot , give or
take an hour or two...when I WAS using/adding new progs...but
NOTHING to pin down to that 5pm slot.
Pity the 'Search' on this Forums site is so poor - you just seem
unable to get anything that goes back as far as you ever seem to
want - and of course this Oly one moves like lightning .. anything
about a week old can be 15 or so pages back !!! so finding anything
a month or more ago is hopeless. Did a lot of Google searches in
other similar Forums on such trouble but again, no clue. They all
said CWShredder had cleared it , fine...it does NOTHING for me
except say I'm clean !!
--
EJN
Click to expand...
--
EJN
Click to expand...
--
Michael Keuer
Click to expand...
 
Aside from the fact that your response is totally of no use to EJN in solving his problem, since moving to a Unix base in their OS, Macs are subject to all kinds of security issues as well, and Apple seems to be just as (un)responsive as Microsoft in addressing them.

Ref: http://www.securityfocus.com/news/8742

From the article:
stereotaxic said:
The hole was discovered by a German techie called "Lixlpixel," who claims to have reported the bug to Apple on February 23rd. It wasn't until nearly three months passed without any response from the Cupertino, Calif. computer maker that Lixlpixel went public with the hole, when discussions about it began showing up in online forums, he says. Security services firm Secunia confirmed the vulnerability and released a formal advisory on Monday. Secunia rates the bug "extremely critical."
Click to expand...
I can't find the link right now, but the initial release of the patch didn't even fix the problem fully.
 
I don't think he was being "unfriendly", but there's a lot of misconceptions with respect to the security of Macs. To some extent, because their distribution is far smaller than Windows, they're less likely targets of script kiddies and worms/viruses, but that doesn't make them inherently any more (or less) secure.

EJN expressed a clear aversion towards having to reformat and rebuild his PC. Moving to a Mac would require even greater effort -- not to mention the cash outlay. From that angle, the suggestion that buying a Mac was a "solution" to EJN's problem was way off the mark.
Stinson said:
Yes we prefer a friendly forum around here.
--
Stinson
C-750, D-40, B-300, Nikon 4T macro, PS CS
http://www.StinsonsTerra.StinsonsC750Gallery.PhotoShare.co.nz
http://www.photosig.com/go/users/view?id=64739

Click to expand...
 
Inigo Montoya said:
Ref: http://www.securityfocus.com/news/8742

From the article:
Inigo Montoya said:
The hole was discovered by a German techie called "Lixlpixel," who claims to have reported the bug to Apple on February 23rd. It wasn't until nearly three months passed without any response from the Cupertino, Calif. computer maker that Lixlpixel went public with the hole, when discussions about it began showing up in online forums, he says. Security services firm Secunia confirmed the vulnerability and released a formal advisory on Monday. Secunia rates the bug "extremely critical."
Click to expand...
I can't find the link right now, but the initial release of the
patch didn't even fix the problem fully.
Click to expand...
 
Why buy a Mac?

Well it was my impression EJN wanted to use the computer and not be constantly worried about some malicious code.

It was my impression that EJN wanted to be able to get work done and not be constantly fighting the operating system to do it.

It was my impression that EJN was a creative person that wanted to spend more time with photography than trying to keep the computer running properly.

I have been using a Macintosh since the late "80s and I have never, ever, had a problem with a virus.

You can dismiss this if you want but the fact is, as a practical solution to EJN's problem, buying a Macintosh is, to me, the most straightforward solution.

If EJN had been using a Macintosh there would not be over 100 posts concerning a problem that would never have developed in the first place.

It is absolutely astonishing to me that Windows users put up with this sort of situation.
 
stereotaxic said:
Why buy a Mac?

Well it was my impression EJN wanted to use the computer and not be
constantly worried about some malicious code.
Click to expand...
No, I think he said he wanted to rid his system of this particular piece of malicious code.
stereotaxic said:
It was my impression that EJN wanted to be able to get work done
and not be constantly fighting the operating system to do it.
Click to expand...
I don't recall seeing him say that... I probably missed it. Can you provide a link to that post?
stereotaxic said:
It was my impression that EJN was a creative person that wanted to
spend more time with photography than trying to keep the computer
running properly.
Click to expand...
See above.
stereotaxic said:
I have been using a Macintosh since the late "80s and I have never,
ever, had a problem with a virus.
Click to expand...
That's great. I've had only a bare minimum of incidents -- none requiring much effort to address. In the meantime, I've also had the pleasure of having access to the widest variety of applications available for any computing platform. As an avid gamer in the 90's, I enjoyed dozens of titles that were wholly unavailable to Mac users. It's all about trade-offs and risk management. The Macintosh is a very capable platform, as is Windows. Neither are the be-all end-all in terms of either security or functionality.
stereotaxic said:
You can dismiss this if you want but the fact is, as a practical
solution to EJN's problem, buying a Macintosh is, to me, the most
straightforward solution.
Click to expand...
If this was an automotive forum and EJN had posted the he owned an early 90's Chrysler minivan and was having transmission trouble (a common problem with them), would "buy a Ford" be the most straightforward (or cost effective) solution?
stereotaxic said:
If EJN had been using a Macintosh there would not be over 100 posts
concerning a problem that would never have developed in the first
place.
Click to expand...
No, he might instead have been posting that his system had been compromised and trashed by hackers exploiting the Mac security issue I already posted about. But again, what you think he should or should not have done back when he made his original system purchase decision has no bearing on how to help him now.
stereotaxic said:
It is absolutely astonishing to me that Windows users put up with
this sort of situation.
Click to expand...
Viruses, malicious code, rogue web sites, Internet worms... all facts of life in today's environment. If everyone switched to Mac, that would become the platform of choice for hackers and spamware, etc. to target.
 
I'm beginning to think you're the unfortunate recipient of a new variant that has yet to be picked up by all the sweeper apps.

Just like anti-virus signatures can only alert you to "known" viruses, these apps can't report on spyware they don't know about. Such scanner tools are useful, but the addition of a "behavior blocker" such as what you've done to protect your registry entries is the additional piece needed to protect against "unknown" sources of intrusion.

Since you seem to be up and running ok for now, I'd leave things as they are, and wait and see if future updates to the sweeper apps catch up to what's in your system.
EJN said:
Puzzle is - why does NO prog AT ALL , for the purpose, do anything
or say anything. They all tell me I've got a clean machine, and
after sweeping with about 4 programs at least it ALL comes up with
NO result, apart from the odd Spyware/Adware type , relatively
harmless and which my progs clear off anyway to stop any
accummulation.
Click to expand...
 
stereotaxic said:
It is absolutely astonishing to me that Windows users put up with
this sort of situation.
Click to expand...
I think we got hooked by low prices and lots of programs and now can't give up all of the investment.

I should warn you however....I have read that those residing in mac world will not be as safe as they once were.....the nasty little virus writers have already done the dirty and are starting to spread their wares.

Maybe well all need to go to lenix and then the v-writers will follow.
wj
 
Inigo Montoya said:
I'm beginning to think you're the unfortunate recipient of a new
variant that has yet to be picked up by all the sweeper apps.
Just like anti-virus signatures can only alert you to "known"
viruses, these apps can't report on spyware they don't know about.
Such scanner tools are useful, but the addition of a "behavior
blocker" such as what you've done to protect your registry entries
is the additional piece needed to protect against "unknown" sources
of intrusion.

Since you seem to be up and running ok for now, I'd leave things as
they are, and wait and see if future updates to the sweeper apps
catch up to what's in your system.
Click to expand...
Inigo -

Thanks for fighting the battle for me - I'm actually doing just as you say - since I put my own 'devised' blocker in the Register (I've just assumed hopefully rightly that these merchants tend to work through the 'Administrator' rights as having more complete control) ...I've just stopped ('Denied' ) it rights to change or alter. It still thinks it's doing it but actually isn't...so my machine presently works just as it did for all time before. It's just ME that's annoyed that I cannot locate it, otherwise I don't know it's there.

But as to Mac...who's to say that is the panacea of all ...I'm quite sure no such thing exists...and I've certainly no intention of spending a ton on another machine...and one that as you say, does NOT support so many progs to this day - progs that I want to have...so where does a Mac leave me !!

EJN
 
wymjym said:
I should warn you however....I have read that those residing in mac
world will not be as safe as they once were.....the nasty little
virus writers have already done the dirty and are starting to
spread their wares.
Click to expand...
There are thousands of viruses for Windows.

Thousands!

The problems you refer to above (two I think?) for the Macintosh OS X have not affected any users.

I am sorry if I come across as a Mac zealot in this forum. Just realize I look at the situation much like a person who was born into a safe country and not one constantly besieged with turmoil.

I thank my lucky stars that I decided to use the Macintosh when I did and mean no disrespect to my Windows friends.

But I repeat, it is astonishing, that in the presence of an alternative so many continue to struggle.
 
I have owned macs and loved them!

most all mac users I know do fall into the zealot lot (with no disrespect meant/implied etc)

your name ....stereotaxic....the stereo part gives it away
until recently that was the only way to edit...no longer

but bottom line is, it is investment....in time and money and not being willing to change( or relearn what took months-years to semi master, while hoping for improvments. (sounds like Bush doesn't it?)

wj
stereotaxic said:
wymjym said:
I should warn you however....I have read that those residing in mac
world will not be as safe as they once were.....the nasty little
virus writers have already done the dirty and are starting to
spread their wares.
Click to expand...
There are thousands of viruses for Windows.

Thousands!

The problems you refer to above (two I think?) for the Macintosh OS
X have not affected any users.

I am sorry if I come across as a Mac zealot in this forum. Just
realize I look at the situation much like a person who was born
into a safe country and not one constantly besieged with turmoil.

I thank my lucky stars that I decided to use the Macintosh when I
did and mean no disrespect to my Windows friends.

But I repeat, it is astonishing, that in the presence of an
alternative so many continue to struggle.
Click to expand...
 
Inigo Montoya said:
If this was an automotive forum and EJN had posted the he owned an
early 90's Chrysler minivan and was having transmission trouble (a
common problem with them), would "buy a Ford" be the most
straightforward (or cost effective) solution?
Click to expand...
No I think I would suggest, next time, buy a Lexus.
Inigo Montoya said:
Viruses, malicious code, rogue web sites, Internet worms... all
facts of life in today's environment. If everyone switched to Mac,
that would become the platform of choice for hackers and spamware,
etc. to target.
Click to expand...
This is fuzzy logic that does not deserve a detailed response.
 
stereotaxic said:
Inigo Montoya said:
If this was an automotive forum and EJN had posted the he owned an
early 90's Chrysler minivan and was having transmission trouble (a
common problem with them), would "buy a Ford" be the most
straightforward (or cost effective) solution?
Click to expand...
No I think I would suggest, next time, buy a Lexus.
Click to expand...
Meanwhile the Chrysler still sits with a troubled transmission. Lexus, Ford, Studebaker, it doesn't matter. Telling him to buy another car/computer does not address the present issue. He was not asking about "next time".
stereotaxic said:
stereotaxic said:
Viruses, malicious code, rogue web sites, Internet worms... all
facts of life in today's environment. If everyone switched to Mac,
that would become the platform of choice for hackers and spamware,
etc. to target.
Click to expand...
This is fuzzy logic that does not deserve a detailed response.
Click to expand...
It's not fuzzy logic. It's an opinion formed from experience and observation of history. You don't see many new DOS viruses out there do you? Why is that?

I do however acknowledge that when faced with something difficult to respond to, it's simply easier to claim it doesn't deserve one.

On the other hand, I'm curious why you didn't just cut out that part of my post. That way there'd have been no response at all -- the same way you ignored where I asked you to provide references to EJN's posts that you based your impressions on.
 
I have to look after about 50 PC's in our office, I've followed this thread with interest. It would appear you have "something" at least that has been modified, or altered/replaced with a trigger that keeps relaunching. Have you tried completely uninstalling and reinstalling TCP/IP? If something has been changed in your TCP/IP stack or winsock, what the heck, I'd give it a shot.

--
http://www.pbase.com/galleries/donald_spencer (pbase supporter)
 
Don Spencer said:
I have to look after about 50 PC's in our office, I've followed
this thread with interest. It would appear you have "something" at
least that has been modified, or altered/replaced with a trigger
that keeps relaunching. Have you tried completely uninstalling and
reinstalling TCP/IP? If something has been changed in your TCP/IP
stack or winsock, what the heck, I'd give it a shot.

--
http://www.pbase.com/galleries/donald_spencer (pbase supporter)
Click to expand...
http://www.bitdefender.com/bd/site/downloads.php?menu_id=21#

Online scan, works for Me.
--
tsiya
 
You must log in or register to reply here.

Keyboard shortcuts

f
Forum
m
My threads
Mobile site
About
Editorial content
Cameras & Lenses
Community
All content, design, and layout are Copyright © 1998–2025 Digital Photography Review All Rights Reserved.
Reproduction in whole or part in any form or medium without specific written permission is prohibited.
When you use DPReview links to buy products, the site may earn a commission.
©GPS Media - Guides, Products, Services.
Back
Top