comp/net virus protection
I haven't had this computer online for about 3 years.
I wasn't sure what I would need for virus protection because I just figured I'd probably just load AVG.
I actually have avast antivirus, and it immediately updated. I THINK that was put on by my IT buddy at my old job who did some work on my computer.
So is that good? What about spyware and adware protection? Do I need something separate? I know spybot is out there for free.
The Cable Guy put in a wireless thingy...and I'm getting about 54 Mbps. Is that good?
Any techie opinons or advice appreciated.
AVG is actually one of the best programs out there.
Symantec has turned their product into a "kitchen sink" that turns anything made before 2004 into a boat anchor. McAfee is better, but only for their corporate deployments, and Avast! just isn't as good as AVG.
I'd actually recommend buying AVG. It's a great product, and it's better than McAfee or Symantec Kitchen Sink 2009.
Mitch
Hey Mitch - how does Kaspersky stack up against AVG. Kaspersky is kind of not cheap and I am trying to decide whether or not to renew.
I would renew your Kaspersky. It's actually as good as AVG, and their researchers contribute a lot back to the industry.
Thanks for the info. You contribute a lot to this forum.
If predictions are correct, about 30% have Microsoft's automatic update disabled by a worm. I found one machine with this problem (don't know if it is from that worm) that tested OK even by Microsoft's Malicious Software Removal tool. Apparently this recent worm remains undetected for months by most anti-virus software (at least until recently).
Thanks for the info. You contribute a lot to this forum.
Yes, I'm using Avast on his recommendation.
Wait...so is avast! good or not?
Thanks for your help! :)
Wait...so is avast! good or not?
How would one really know? If it never saw any mal-ware, then did it do its job or was it the worst anti-virus software out there?
Consumer Reports did a study (maybe one year ago) by subjecting anti-virus softwares to a large directory of mal-ware. Symantec that was once touted as a best was then something like 1/3rd from the bottom in that Consumer Reports study. Finding an answer backed by valid reasoning is difficult.
Now, if 30% of machines are contaminated by Conflcker, well, where are the many Dwellers who reported their anti-virus software found and removed it?
Wait...so is avast! good or not?
Thanks for your help! :)
Yes, I've had good luck with it nailing incoming crap before it could build a nest.
we have avast at home (can't beat the price,) and every once in a while it stops a download of something I click on because it's detected something bad about it. Our computer runs just fine. I do windows updates every month too.
Yes, I've had good luck with it nailing incoming crap before it could build a nest.
Yeah, I'm confused. mb said that AVG blows avast! out of the water, but you say he told you to use avast!
Maybe I misread?
Help me out?
:p
Go ahead and use both.
I do, with no problems.
ZoneAlarm, AVG, and Avast! along with a pop-up blocker.
I do use a pop-up blocker.
What about spy/adware blockers? Pardon me if I'm being dense; I just want to make sure I've done what I need to do.
I use AVG and Clamwin, Spyware Terminator and Ad-Aware, and Comodo Firewall. I also use Firefox with NoScript. Between them, they seem to deal with almost every problem. I should look into anti-rootkit programs too, but I just haven't had the time yet.
AVG8 does both, which is why I am recommending it now instead of Avast! or AVG.
It works incredibly well. Running both AVAST! and AVG will kill machine performance.
Oh, I see.
Thanks for your help!
And BTW,
Using more than 1 good AV or AS program is overkill and gives you little return. Using Firefox with NoScript gives you better protection than IE with a ton of AV/AS programs because the major root cause of infections is bad DLLs that run code as LocalSystem. Putting a ton of protection up via multiple AV/AS programs and using IE is like using a condom while putting holes in it.
You're not fixing the root cause of the issue, and you're making your system run like crap with mostly useless protection.
One good AV/AS program like AVG, Firefox, NoScript, FlashBlock, and keeping your products updated will make your system run well and well-protected.
... and keeping your products updated will make your system run well and well-protected.
As I noted, if what I saw was a latest virus, then both Microsoft's Automatic Updates and the manual updates using
www.windowsupdate.com do not work. If what I saw was a virus, then Microsoft's patches to avoid this latest malware do not get detected as missing and therefore do not get downloaded from Microsoft.
If Conflcker is as prevalent as predicted, then some here should have seen their anti-virus software detect it. As I understand from what is not being said, some anti-virus softwares do not detect or do not remove this widespread new worm.
TW,
The latest MS patches from January guard against Conficker.
Some AV programs do not detect it. I believe AVG does.
The latest MS patches from January guard against Conficker.
Some AV programs do not detect it. I believe AVG does.
Conficker exists because some did not download the MS patches. The problem gets worse, as I understand it. The latest patches would not download if Conficker has already disabled Microsoft Automatic Updates, downloads using
www.windowsupdate.com, and a few other Windows programs. A conundrum.
Apparently Microsoft's Malicious Software Removal tool and Symantec do detect Conficker. But that means the January version of the Malicious Software Removal tool must be downloaded manually from
www.microsoft.com/downloads .
Above is what I have read; not confirmed. However this could be a benchmark for which anti-virus products are better.
If you're going with a free product, I like Avast much better than AVG. If you're willing to cough up a few bucks, NOD32 and Kaspersky are the best.
Also make sure you've got Microsoft Defender installed and updated. Recently my mother got something pretty screwed up and I ended up installing a product a friend recommended called SuperAntiSpyware and it worked really well and detected and cleaned stuff that other products couldn't.
Microsoft Defender, honestly, is not that good.
AVG, in my experience, has had the best track record at removing the really nasty viruses. I have used it to clean up things Symantec and Trend Micro (usually the gold standard) would not and could not clean up (AntiVirus 2008 Spyware/Malware). Avast! is a step behind.
I use it integrated with the Ultimate Boot CD on a USB stick to boot into with the latest definitions to clean up malware-laden machines, and it works really well. It will pick up things that other programs will not.
AVG 8.0 also has anti-spyware built in (it's nothing but additional definitions for a virus scanner when you get down to it), and that works incredibly well. Doing things such as having really long HOSTS files and a lot of manual ActiveX blocks actually causes your machine to run slowly (think several minutes for a DHCP lease).
Windows Defender, in my experience, has been pretty weak. If you want a free anti-spyware program that works, I recommend AVG, SuperANTISpyware, or Spybot. The latter two don't run in real-time (like AVG, McAfee, or other products), but they work well.
I outright recommend you run away from Webroot SpySweeper. It was good at one time, but is now a POS.
As an IT Professional with over 20 years experience in the field, I can say without a doubt that Avast is better at getting rid of viruses and spyware than AVG. This isn't debatable, it's a fact.
Microsoft Defender is not a bad free product. Who knows better how your Microsoft system should run than Microsoft? That being said, it's also a free product, so they obviously aren't to spend a huge amount of time or money developing something that really cleans you up like SuperAntiSpyware.
I recommend you don't use AdAware.
Spybot is weak, but I do like the tool they include to edit your startup processes.
Shawnee123. I'm not trying to come off like an arrogant douche or anything. I've just tested both products and I'm speaking from experience. If you don't believe what I'm saying google "avast vs avg" and read what people say.
Avast has boot time scans, scans in the background when the screensaver is running, is better at detecting and removing trojans, has several small updates per day rather than one huge one every week, etc.
Radar,
http://www.icsalabs.com/icsa/topic.php?tid=b220$1ba2cc09-52eb29d6$8979-a7f252c0
http://www.icsalabs.com/icsa/product.php?tid=dfgdf$gdhkkjk-kkkk
http://www.av-comparatives.org/seiten/ergebnisse_2008_11.php
http://www.av-comparatives.org/seiten/ergebnisse_2008_08.php
http://www.av-comparatives.org/seiten/ergebnisse_2008_02.php
Both products are listed here. Both will work, and it's a trade-off depending on what reviews that you read. The reason I recommend AVG is because it does both and because I have seen it find and remove things that Symantec, Trend, and other products won't. Think very specific, targeted malware.
I also, when I find an infected machine, power it off and use Ultimate Boot CD with no networking on a USB stick to scan it so that I can get the machine in a state where I can scan it using a known good OS (I use a signed ISO downloaded from Microsoft's Volume Licensing Site), drivers, and anti-virus, and where I can scan and check for malware without using a compromised OS.
AVG actually publishes Plug-ins for their full version for the Ultimate Boot CD. Avast! only publishes a little "virus cleaner" like McAfee does for the Ultimate Boot CD/BartPE. Spybot Search & Destroy has a full version, as does SuperAntiSpyware. Their little "startup" tool works with BartPE/UBCD installations too.
Maybe if Avast! did what AVG does for those of us who scan infected machines that way, I'd be as bombastic in supporting them as you :).
It's been quite obvious from the torrents of malware out there that Microsoft has had major issues with security over the past few years. I wouldn't trust an AV or AS product from them because it's not fixing the underlying issues causing the infections in the first place. Vista/Windows 7 and IE 7/8 are good first steps, but nowhere near where Linux or FreeBSD are at this point (Mac OS X has the same issues, too).
Shawnee123. I'm not trying to come off like an arrogant douche or anything. I've just tested both products and I'm speaking from experience. If you don't believe what I'm saying google "avast vs avg" and read what people say.
Avast has boot time scans, scans in the background when the screensaver is running, is better at detecting and removing trojans, has several small updates per day rather than one huge one every week, etc.
Oh I didn't think you were. When I first read your post it stopped at "the" and was unfinished. I wondered what came next. It said "but I do like the" and stopped. You never got to "tool..." :blush:
I appreciate all the advice and opinions.
I have AVG, SuperAnti Spyware, Spybot, Malwarebytes, Crap Cleaner and they work very well with each other and together they catch everything and they are free!
I have AVG, SuperAnti Spyware, Spybot, Malwarebytes, Crap Cleaner and they work very well with each other and together they catch everything and they are free!
Where is a single example of mal-ware being caught? Just because a virus was not detected does not mean anti-virus software is working. After all, that computer (in a previous post) had anti-virus software, and then had Microsoft's Automatic Update and wwww.windowsupdate.com both disabled. Are those same functions disabled on your machine? How would you know? Or did anti-virus software detect, remove, stop, and announce that malware?
So how many have seen their anti-virus software detect Conficker - the current widespread worm? If anti-virus software has not reported mal-ware, then is it really doing anything?
That MAY all be true, but what would tell me if I have never been infected? There is no way to prove that is there? or is there?
I have Spyware Doctor and VirusScan - they update like every week or so.(don't really pay attention, but it is frequent. I know that much. I get and read the report when they run a scan. IT tells me what was found/stopped killed.... I run it again after the bad stuff was removed till I get a clean report. What else can I do here?
That MAY all be true, but what would tell me if I have never been infected? There is no way to prove that is there? or is there?
If it reports what was found and removed, then you know an infection existed. If it reports it stopped contamination or found something suspicious, again, then you know the anti-virus software did something. I don't know of any anti-virus software that would fail to report such actions.
I often hear how good the anti-virus software is. But I never really hear why they know.
Some reports insist that 30% of computers are infected by Conficker. If true and if anti-virus software is so effective, then some here should have reported anti-virus software either stopping or removing that worm.
I have observed anti-virus software updating typically about once a day. Microsoft updates are available every Tuesday if there is anything to update.
Who knows better how your Microsoft system should run than Microsoft?
You mean the company that designed a virus/malware/spyware welcome mat disguised as a web browser?
our main downstairs computer has a pop up problem.....or maybe something worse.
it's been throwing windows open with websites and ads in them....both IE and Firefox. i have the pop up blocker set on in both.... i tried to dl avg, but when i went to install it, i got the blue screen of death. so then i got spybot.....but that wont update( says it cant connect to the server) and therefore wont run. i tried to run the free kasperski scan to see what it was, but that wont d/l either.
it's like it knows i'm trying to fix it, and it's actively thwarting me.
oh, and when you do a google search, you click a link, and instead of taking you there, it takes you to a semi related ad instead. i think it's got a demon.
That's pretty common, viruses that hijack your links so that you look at stuff they promote. Try downloading AVG or spybot from another computer and load it from a USB thumb drive.
Well hell...I just noticed my computer time is off. Huh? How does that happen...isn't it just automatic?
At least the year 8021 isn't showing again.
Now it's normal again...I did a synchronize thingy. But how did it do that?
If it reports what was found and removed, then you know an infection existed. If it reports it stopped contamination or found something suspicious, again, then you know the anti-virus software did something. I don't know of any anti-virus software that would fail to report such actions.
I guess what I was asking is this. How do I know an infection exists if my software doesn't detect it?
our main downstairs computer has a pop up problem.....or maybe something worse.
it's been throwing windows open with websites and ads in them....both IE and Firefox. i have the pop up blocker set on in both.... i tried to dl avg, but when i went to install it, i got the blue screen of death. so then i got spybot.....but that wont update( says it cant connect to the server) and therefore wont run. i tried to run the free kasperski scan to see what it was, but that wont d/l either.
it's like it knows i'm trying to fix it, and it's actively thwarting me.
oh, and when you do a google search, you click a link, and instead of taking you there, it takes you to a semi related ad instead. i think it's got a demon.
I'm willing to help you with this, if you're interested.
Lumberjim,
The best thing you can do is find someone who has the Ultimate Boot CD for Windows with the AVG 7.5 or other AV plugins updated and available either on CD or USB key.
You are at a point where you cannot boot into Windows to clean the PC. You need to boot into an alternate environment and run AV tools from there on your machine to clean it. That is the only way you will be able to clean your machine of viruses that do a good job of cloaking themselves from the currently running copy of Windows.
That's one thing a lot of people don't understand (and TW, this is how I found a Conficker variant on someone's laptop). You can't accurately scan a known infected machine for viruses using a virus scanner and be 100% sure you got something. It's like fixing a house with a bad foundation. You have to take more direct measures, especially when the Windows API provides many holes to hide DLLs and other injection methods (and you can get the book Security Warrior from O'Reilly, which will show you how to do it).
And yes, Norton AntiVirus used to do this effectively many years ago (boot CD).
Yes, we can talk about how great certain AV programs are, but if you don't have the right methodology for getting at the really nasty ones, it's all moot.
That said, Lumberjim, make friends with someone who has that CD or bootable USB stick. You will find many interesting things.
So how many have seen their anti-virus software detect Conficker - the current widespread worm? If anti-virus software has not reported mal-ware, then is it really doing anything?
All these programs have log files. I had 50 yes count em 50 trojans on my machine that have been eliminated/quarantined. I had the Rogue virus quarantined as well as several adware programs.
I had 50 yes count em 50 trojans on my machine that have been eliminated/quarantined. I had the Rogue virus quarantined as well as several adware programs.
But you also said you have AVG, SuperAnti Spyware, Spybot, Malwarebytes, and Crap Cleaner. So we still don't know which software did anything and which was doing nothing.
Remember what the question is. Which anti-virus software is any good? Did only AVG detect them? Then why list Crap Cleaner if it did nothing? Only helpful is to list which programs detected what mal-ware.
i tried to dl avg, but when i went to install it, i got the blue screen of death. so then i got spybot.....but that wont update( says it cant connect to the server) and therefore wont run.
This is why I try to keep a latest copy of Microsoft’s Malicious Software Removal tool on every machine. It may remove enough that you can then download or execute other larger cleaners.
MSR tool is a less than 10 Mb executable program that may even be loaded from Microsoft, a memory stick, or CD-Rom; then executed. It is a simple tool downloaded free from
www.microsoft.com/downloads and updated every month.
Yes, we can talk about how great certain AV programs are, but if you don't have the right methodology for getting at the really nasty ones, it's all moot.
Nobody suggests an anti-virus software is perfect. However if Conficker is as widespread as reported, then every decent anti-virus software must have some solution or at least report the worm exists. Currently, you are the only one who even mentions detecting it. Others have said their anti-virus software works great, but never reported anything detected, stopped, or removed.
Currently posted is not a single useful benchmark from which to recommend any anti-virus software. Irrelevant is the methodology for one virus. More important are which anti-viruses see and do not see how many infections. Only then would a potential benchmark exist.
Tom,
My methodology/process catches a lot more than just Conficker :). It catches the viruses that hide themselves in System Restore space, and the ones that hide themselves using the Windows API and even File Streams. I've found many viruses this way. I just used Conficker as an example.
Unfortunately, you can't have a good process to "stop" a virus when the system itself is heavily flawed and allows compromise the way Windows does. The benchmarks I posted earlier were for known viruses. That just turns your AV program into a glorified pattern recognizer. That is irrelevant when many of the new viruses know how to subtly change themselves to avoid detection and you have to use behavior-based techniques to get at the viruses.
I don't see this situation changing any time soon. There's no good way to look at a live system considering how complex Windows is, and how it presents hundreds of hiding spots for any piece of malware. You have to find where they load from, not where they live afterwards.
The solution is to re-architect Windows, and that has only just started with Vista and Windows 7. The solution is not the multi-billion dollar malware defense industry. While it keeps many very smart people employed, it's all for naught if the underlying system has the issues Windows does.
Take a look at Green Hills Integrity, Kadak AMX, QNX, or even OpenBSD to see how an OS can be resistant to such attacks.
I don't see this situation changing any time soon. There's no good way to look at a live system considering how complex Windows is, and how it presents hundreds of hiding spots for any piece of malware. You have to find where they load from, not where they live afterwards.
I am not discussing 'fixing the problem'. Windows is what it is. Now, which anti-virus software does its job best given that Windows is what it is?
I have spent time trying to remove malware without any anti-virus software. Some were simple - an entry in the registry. (AOL belongs in that category as far as I am concerned.) Others were almost amusing - new tasks with random names appear as other pieces of the malware were removed. I could not remove all the pieces fast enough. I once manually removed a virus on a Windows that would not even boot. That was particularly fun.
Interesting is how 'System Internals' detected the virus installed by Sony from numerous music CD-Roms. I have also done that. But that is not relevant to the question.
Given that Windows is what it is, what benchmarks does the OP have to identify the better anti-virus software? Not even a good benchmark. We still don't provide a bad benchmark to answer the OP's question.
A bad benchmark might have been Nirvana's post IF it listed which 50 malware was removed or quarantined by what program. Currently, we don't even have a list of viruses categorized by the program that detected and removed it. Currently we have others claiming their anti-virus software works good without any indication that the anti-virus software even detected or removed anything.
Without a list of current malware X removed by anti-virus software Y, then the OP only has blind recommendations. Recommendations provided without the always necessary reasons 'why'. Currently the OP has few useful answers. Even the best answers are only subjective.
Symantec once was recommended for having detected and removed most known malware. Today, Symantec does not appear to have the same reputation. Why? Why is AVG better?
Consumer Reports once tested maybe 15 different anti-virus softwares using malware. Don't remember when. I recall that Trend Micro was highly recommended. That could be a benchmark to answer the OP's question because it also says why each was rated.
Microsoft only recently changed attitude. The resulting meeting with anti-virus manufacturers was reported to have gone on all day, all night, and up to lunch the next day. So yes, we should expect some improvements from Windows in the future. But that is not relevant to the OP's question. Given what we have is what we have, what benchmarks exist to rate anti-virus software?
I once manually removed a virus on a Windows that would not even boot. That was particularly fun.
*Pictures tw hunched over a motherboard with a pair of tweezers, cursing softly, as he pulls a worm out of its hole in the processor.*
Tom,
On the data sets provided (see the links I sent), someone did a subjective test against a known data set, which proved that AVG and multiple other programs (including Avast!) were much more effective than Symantec's product. This test is repeated periodically with different data sets.
This is one site:
http://www.checkvir.com/
This is another (Virus Bulletin):
http://www.virusbtn.com/vb100/archive/results?display=summary
The registration for Virus Bulletin is free. Their methodology is posted there. What I found interesting is that Avast! failed on Vista Business but passed on XP Pro. Same with McAfee.
Why is AVG better? I'll give you a simple reason: because Symantec's product managers, in an attempt to shoehorn as many features as possible into the product to get people to buy the product from year to year, have concentrated more on extraneous features than actual Anti-Virus. This leads to the epic fail we call Symantec Endpoint Security 11, which has IPS protection that would block all connections to Active Directory servers after about 20 minutes, thereby effectively shutting down networks.
And yes, I used to work with a former Symantec product manager who has confirmed their marketing strategy to me. I also ripped them a new one over what happened with SEP at a customer before I moved into my current job.
Surprisingly, their Linux Mail Server solution for Antivirus isn't half bad. It needed some work (aka a fix to the XML file that generates the Postfix configuration files on service restart that Symantec forgot to do) to work in a multi-homed environment, but it screams on the 2 8-core HP Proliant servers I have it running on (hey, that's the lowest-spec I can get for SMP servers these days!).
I bet that's (the symantec v11)what fucked my HP laptop 2 months ago.
wow - thanks guys - now I'm afraid my computer may have problems that don't exist. I turn it on, it works. Guess that'll have to do for now.
Something I'm curious about - Why don't macs have these issues?
wow - thanks guys - now I'm afraid my computer may have problems that don't exist. I turn it on, it works. Guess that'll have to do for now.
Something I'm curious about - Why don't macs have these issues?
While I'm sure that Apple works hard to make sure that OS X is secure, the real reason that Macs don't have this problem is that people aren't writing viruses for OS X. Virii are platform specific. As Microsoft continues to step on its own whatever, and OS X gains a larger market share, you'll start to see virii for Macs.
On the other hand, OS X is built on top of BSD (a well worn Unix variant). So it could be that virus writers will have a tough time making headway there.
uh ok :) - thanks for that. I think i got some of what you said. I am rather illiterate when it comes to computers though.
TW you just like to lord your "imagined" superiority over people, good for you, you have a purpose in your life. :rolleyes: I listed the programs that would work for S123. She does not care how they work or what viri they trap or what exact mal ware they prevent.
None of your posts are helpful at all. You are the very definition of bloviate.
Bloviate;"to speak pompously and excessively," or "to expound ridiculously."
noun; bloviator, someone who holds forth on subjects in an arrogant, tiresome way.
Dar,
There are viruses and trojans for OS X, and a lot of working exploits for OS X Server and applications that run on top of it (Wordpress, anyone? :)) due to the nature of PHP and Perl-based exploits that affect all UNIX-based web servers.
Apple ships OS X with a set of default system services, which are ports of their Unix brethren (PHP, OpenSSH, OpenSSL, BIND, mySQL, ClamAV, Sendmail, Apache, Perl, etc.). Some of these are enabled by default on OS X Server.
Apple's had a history of not patching their ports of Open Source software as quickly as vendors such as Red Hat, Novell/SuSE, or Sun do. Apple was way behind patching the "Kaminsky" DNS bug. They also have been behind in patching the other ports of Open Source/GPL software they ship as part of OS X.
There's been working exploit code for OS X circulated. The last major exploit for OS X was a trojan within a pirated copy of iWork '09 that was circulated on BitTorrent.
Their kernel and part of the userland is Open Source. Their display technology is closed-source, and from what I understand, has some issues. Apple also allows regular users to write to locations on the hard drive that they shouldn't on a standard UNIX platform.
Some viruses are not platform-specific (such as the Wordpress bugs that can turn your machine into a bot given perl, wget, and a few other tools), and have already affected OS X Server.
OS X on the desktop isn't far behind. It's been done, but the real reason why you don't see the viruses for that platform is that it takes more time to craft for OS X or Linux than Windows.
Microsoft just makes it too damn easy, and the other software packages out there that have exploits (Adobe Reader, Adobe Flash, Java Runtime Environment, Firefox, AIM (yes, I have seen working AIM exploit code), Yahoo! Messenger, Skype, and even some AV programs) make it even easier to target tons of Windows PCs and turn them into unwitting zombies.
No OS is perfect. OS X is slightly better than Windows, but not as secure as Ubuntu Linux or FreeBSD. When Apple starts patching their ports of Open Source software as quickly as Red Hat, Ubuntu, SuSE, or Solaris, and fixes their directory permission issues (which while they are better than Windows, are not as good as many Linux variants), then I'll believe it's because they've made it really hard to write viruses for.
The trojans are already there because some OS X users don't want to pay for iWork '09. There are probably trojans within the pirated versions of Adobe CS4 and Final Cut Studio making their way around the various BitTorrent trackers.
While I'm sure that Apple works hard to make sure that OS X is secure, the real reason that Macs don't have this problem is that people aren't writing viruses for OS X. Virii are platform specific. As Microsoft continues to step on its own whatever, and OS X gains a larger market share, you'll start to see virii for Macs.
On the other hand, OS X is built on top of BSD (a well worn Unix variant). So it could be that virus writers will have a tough time making headway there.
Lumberjim,
They installed network drivers at such a low level that did not work and were ridiculously (i.e. Blue Screen of Death) unstable. Did I mention the uninstaller did not work?
A little bit of fishing with the Ultimate Boot CD took care of it for me on XP and Server 2003 by removing the driver references from the registry, but one of my admins had to reinstall a server due to their ineptitude. Thankfully it was not at my current place of work.
The problem was that even their uninstaller wouldn't remove the drivers, and that it would leave the system in an unstable state. For a server, that is unacceptable. I do not need to be removing low-level device references to uninstall an AV program, and 99.9% of users who get that type of error will rebuild the whole system due to that.
What a waste.
I bet that's (the symantec v11)what fucked my HP laptop 2 months ago.
Personally I looked at Avast and AVG, free versions. Ended up goin with Avast because it has more protection. Altho I don't doubt mbpark's conclusion the AVG is better at getting the especially nasty stuff, thats the version that costs, and I don't feel like paying for things. So if you want freeware, I would go with Avast over AVG just b/c Avast gives you more types of protection. AVG free just gives you anti-virus and anti-spyware.
http://www.avast.com/eng/download-avast-home.html
http://free.avg.com/download-avg-anti-virus-free-editionmorethanpretty,
I used the free version to find what I found :)
http://www.checkvir.com
http://www.virusbtn.com/vb100/archive/results?display=summary
For the most part, brand name anti-virus software all tend to work consistently.
However I have also seen some bad behavior from Symantec. One recent Symantec release literally destroyed a Windows 2000 OS. For example, it destroyed any log on abilities except at the administrator level. And Symantec would not uninstall.
Symantec's reply: that newer Symantec version should not be installed on Windows 2000. So why did it let that user do it?
Other than that Symantec experience, apparently minor differences exists between the major anti-virus names as both
www.checkvir.com/ and
www.virusbtn.com demonstrate. Best anyone can do use what those recommendations suggest - and hope later versions do not do, for example, what Symantec did to that user.
morethanpretty,
I used the free version to find what I found :)
Ok well what I was trying to say is that you get more features with the Avast. With it you get anti-rootkit, daily updates, network/web shield, ect. AVG ONLY gave you anti-virus and anti-spyware. Their anti-virus might be better, but you don't get any of the other protections that you do with the free Avast.
Morethanpretty,
You get all of that with AVG as well (and they also publish an anti-rootkit utility).
Like I said, a toss-up.
You get all of that with AVG as well (and they also publish an anti-rootkit utility).
Has anybody seen a root virus? I don't believe I have but then I am not entirely sure what its symptoms are.
I don't know, but I have been having problems with my computer and I don't know if it's the computer or the wireless or bad software...or what.
It just stops acting like it's even connected yet the icon at the bottom says 54.0 Mbps...which is good, right?
I'm going to have to call geek squad or something.
TW,
A rootkit is a type of virus/malware that uses "cloaking" techniques to hide itself from the OS and end user. If you've read what I've mentioned, the Windows API makes it really easy to create one.
And, yes I have seen them. Rootkits are the reason why I scan machines with a bootable CD that has the latest virus definitions and tools I can use to determine what loads when a machine boots up. The only effective way to get rid of a rootkit is to scan the machine with a known good alternate OS, not the OS itself. When you have a rootkit, the only way to be sure is to use an alternate OS.
Anti-rootkit technology is nothing more than AV technology that scans for the API hooks that rootkits use to cloak themselves. It's effective a good portion of the time, but I've seen rootkits get past the Sysinternals tool (Rootkit Revealer).
UNIX, Linux, and Windows have this issue, as does any other OS that runs on a Von Neumann architecture where the OS and program data are loaded into the same memory banks and intermingle.
The best way to rid yourself of a rootkit is the same on UNIX, Linux, Windows, or any other OS. Boot into an alternate OS and scan that way, because you cannot be sure that the OS that has been compromised has any integrity.
Shawnee,
Open a command prompt, and type in:
netsh winsock reset
Then reboot. Make sure you have the latest Wireless drivers as well.
I don't know, but I have been having problems with my computer and I don't know if it's the computer or the wireless or bad software...or what.
It just stops acting like it's even connected yet the icon at the bottom says 54.0 Mbps...which is good, right?
I'm going to have to call geek squad or something.
Thanks. I'll try that later. It seems to be OK right now. :)
Anti-rootkit technology is nothing more than AV technology that scans for the API hooks that rootkits use to cloak themselves. It's effective a good portion of the time, but I've seen rootkits get past the Sysinternals tool (Rootkit Revealer).
Other than appropriate software, any symptoms to detect or suspect that rootkit? For example, IP activity? Unexplained processes? Excessive CPU time? Unexplained disk activity? Disabled functions? Registry entries?
Never looked at Systeminternals Rootkit Revealer because I never saw any reason to need it.
It just stops acting like it's even connected yet the icon at the bottom says 54.0 Mbps...which is good, right?
First the wireless connects to the wireless router. When that happens, your have a digital connection; in your case 54 Mbps.
Next, your machine must ask for an IP address. The router's DNS server provides (leases) an IP address to your wireless card.
I have seen some routers make the connection (ie 54 Mbps), but the DNS server refuses to lease an IP address. The solution was to power cycle the wireless router.
Don't know why. Never had sufficient time to learn why. But if you are having the same problem, the Geek squad would never see the problem and still charge you.
First suggestion: determine if the problem is in the router. IOW any computer that has not connected wirelessly to that router in over a day would demonstrate the same problem. (Any computer connected wirelessly in less than a day may not see the problem.) If both connect at some speed but will not talk, then you have saved yourself a payment to the Geek Squad.
A second suggestion: enter "IPCONFIG /ALL" in the same command window where "netsh winsock" was entered. If the IP address for your "Wireless Network Connection" does not start with 192.168.xxx.xxx or 10.xxx.xxx.xxx, then an IP address is not provided by the router.
A computer can connect. But without an IP address, it still will not communicate. Later in the day, that routers DNS server can fail. But your computer would continue to work for the next 24 hours - when the lease for the IP address expires and it was ask the router's DNS server for an new address lease. No new lease from a failed DNS server means it would again connect only to the router at 54 Mbps, but not connect to the network.
Shawnee,
Open a command prompt, and type in:
netsh winsock reset
Then reboot. Make sure you have the latest Wireless drivers as well.
I did the first part. Still had trouble.
I don't know how to check the wireless drivers?
First the wireless connects to the wireless router. When that happens, your have a digital connection; in your case 54 Mbps.
Next, your machine must ask for an IP address. The router's DNS server provides (leases) an IP address to your wireless card.
I have seen some routers make the connection (ie 54 Mbps), but the DNS server refuses to lease an IP address. The solution was to power cycle the wireless router.
Don't know why. Never had sufficient time to learn why. But if you are having the same problem, the Geek squad would never see the problem and still charge you.
First suggestion: determine if the problem is in the router. IOW any computer that has not connected wirelessly to that router in over a day would demonstrate the same problem. (Any computer connected wirelessly in less than a day may not see the problem.) If both connect at some speed but will not talk, then you have saved yourself a payment to the Geek Squad.
A second suggestion: enter "IPCONFIG /ALL" in the same command window where "netsh winsock" was entered. If the IP address for your "Wireless Network Connection" does not start with 192.168.xxx.xxx or 10.xxx.xxx.xxx, then an IP address is not provided by the router.
A computer can connect. But without an IP address, it still will not communicate. Later in the day, that routers DNS server can fail. But your computer would continue to work for the next 24 hours - when the lease for the IP address expires and it was ask the router's DNS server for an new address lease. No new lease from a failed DNS server means it would again connect only to the router at 54 Mbps, but not connect to the network.
I found the IP address with 192...
For the first part, are you saying check with another computer? I don't have another, but maybe I misunderstood.
Guys, thanks so much. I know that irl folks like you get paid to help people like me, so I appreciate the free advice. You don't have to keep helping if it seems I am taking advantage.
I am just amazed at IT people...you speak a whole other language. :p
Thanks again.
Tom,
It's DHCP server :).
There are many issues with the IP stack in Windows. When certain pieces of malware "attach" to your Windows installation, one of the first things many of them do is attack to the TCP/IP stack to subvert DNS and redirect name lookup traffic to a DNS server that will return erroneous (i.e. more malware, advertisements, bad Windows Updates) traffic to it.
Running "netsh winsock reset" restores the TCP/IP stack to a known good state without malware or the "hooks" that would point to the DLL files and executables that malware uses to redirect traffic.
If you don't run this after removing malware, your TCP/IP stack may be broken due to those hooks existing and pointing to nowhere.
First the wireless connects to the wireless router. When that happens, your have a digital connection; in your case 54 Mbps.
Next, your machine must ask for an IP address. The router's DNS server provides (leases) an IP address to your wireless card.
I have seen some routers make the connection (ie 54 Mbps), but the DNS server refuses to lease an IP address. The solution was to power cycle the wireless router.
Don't know why. Never had sufficient time to learn why. But if you are having the same problem, the Geek squad would never see the problem and still charge you.
First suggestion: determine if the problem is in the router. IOW any computer that has not connected wirelessly to that router in over a day would demonstrate the same problem. (Any computer connected wirelessly in less than a day may not see the problem.) If both connect at some speed but will not talk, then you have saved yourself a payment to the Geek Squad.
A second suggestion: enter "IPCONFIG /ALL" in the same command window where "netsh winsock" was entered. If the IP address for your "Wireless Network Connection" does not start with 192.168.xxx.xxx or 10.xxx.xxx.xxx, then an IP address is not provided by the router.
A computer can connect. But without an IP address, it still will not communicate. Later in the day, that routers DNS server can fail. But your computer would continue to work for the next 24 hours - when the lease for the IP address expires and it was ask the router's DNS server for an new address lease. No new lease from a failed DNS server means it would again connect only to the router at 54 Mbps, but not connect to the network.
tw,
I've seen rootkits that have patched Windows DLL files and caused functions which other programs depend upon to be disabled.
If a rootkit is going to infect your system, it's going to patch the Win32 APIs for IP Activity, Unexplained Processes, CPU Time, and Registry Entries, and patch other functions as needed. This is what rootkits do via APIs on Windows, and via APIs or trojaned copies of ls, ps, and other file utilities on Linux or UNIX variants.
Your average user will not be running Wireshark on another PC and scanning their network to see the unexplained IP traffic. If they did, chances are that they are smart enough to not get rooted.
I caught one because it didn't patch functions well enough and I was able to use Rootkit Revealer to figure out its existence due to that.
Other than appropriate software, any symptoms to detect or suspect that rootkit? For example, IP activity? Unexplained processes? Excessive CPU time? Unexplained disk activity? Disabled functions? Registry entries?
Never looked at Systeminternals Rootkit Revealer because I never saw any reason to need it.
I found the IP address with 192...
If the problem is with the wireless router (not with your computer's wireless card), then the other computer also would not lease an address. It was an attempt to isolate which component is causing problems so that the Geek Squad does not try to fix a perfectly good computer.
If after 24+ hours, you always have the 192.168.xxx.xxx address and the computer does not connect over that 24 hours, then then your wireless card has connected to the router. Then the DHCP (not DNS) servers is working. Move on to other suspects.
IOW the "IPCONFIG /all" does not report anything useful if the computer is working. It only reports useful facts when the computer will not connect.
And you have also manually started and executed the long anti-virus software scan?
"No problem found" does not say your wireless is working. It just says it is working at a lower level. Malware can exist at higher levels. Or other problems exist.
Proper drivers: depends on the machine. Better machines (ie Dell or HP) mean you go to their web site and check for updates. Sometimes,
www.windowsupdate.com will download a corrected driver - not always.
Further information is found in Device Manager and in the System (event) logs. If you don't know where these are (and it cannot be told here because even the OS was not listed), then use Windows' Start>Help and Support - or whatever the help is called on your machine.
Well, maybe it has been connected all along. But your firewall (or anti-virus software) is blocking access to some site.
Time to better define what you mean by no connection.
Using that command prompt, enter
PING 192.168.1.1
It should ping your router and report echoed back replies.
PING cellar.org
It will also report useful facts.
From the browser (ie Internet Explorer), enter as the address:
192.168.1.1 or
192.168.2.1
That should talk to the server inside the router. What happens.
If Windows puts up a screen about no connection and has somewhere to diagnosis a connection, well do that. Windows should report if the computer is not connected, why, and may even correct it. But again. What computer? What OS?
Just some ideas. None are intended to fix anything. Every one is only to report the minute detail that actually says what is wrong. First and more important - identify the problem. Fixing comes later.
Your average user will not be running Wireshark on another PC and scanning their network to see the unexplained IP traffic. If they did, chances are that they are smart enough to not get rooted.
I routinely see unsolicited probing lately of port 445 - a file download port and what is used by Microsoft Download Service. Don't recall seeing these many months ago. These unsolicited probes are now numerous - more numerous than the constant message from China that attempts to pop up and says, "Your computer is corrupted. Click on this to download a cleaner." I once would see (and block) that one maybe every 40 minutes.
Is there somewhere to look at a currently stored DNS table? Is that where a rootkit would corrupt DNS? (Had not thought about that type of corruption).
Popups are supposed to be blocked on my machine. However zedo.com does get their advertisement pop up when I access one web site. I have their IP address blocked in the firewall. However that has always bothered me that that their popup gets through.
TW,
Port 445 has been scanned for since 2000, since Windows 2000 and up use it for file sharing, instead of ports 137-139.
The Messenger service, which is the reason for many pop-ups, has been disabled by default since Windows XP Service Pack 2 in August, 2004.
Port 445 has been scanned for since 2000, since Windows 2000 and up use it for file sharing, instead of ports 137-139.
Still see, every so often, attempts to access ports 139 and 135. Never saw so many post 445 requests previously and wonder if this has something to do with Cornficker.
Still don't know how that web site permits c5.zedo.com to open a popup. But the popup enters on a new window using port 80.
Meanwhile, you have roused my curiousity. I must try that Rootkit Revealer.
Well guys, I got rid of avast, and downloaded AVG and Spybot. I ran spybot first (before getting rid of avast) and it found 13 pieces of crap.
AVG seems friendlier to a novice like me.
After all that I ran netsh winsock reset and rebooted.
So far so good. Later I want to look at some of the stuff tw wrote about.
Thanks so much for all your help, and for teaching me a few things. If you're ever in my neck of the woods let me know. Dinner's on me. :)
I was having trouble again last night. Tonight I will look around some more. I may call one of my old IT buddies. Any of them would do it for a couple drinks, but I would like to offer a little better than going rate for a housecall. Just to make sure everything is good. What is the going rate?
I was having trouble again last night. Tonight I will look around some more.
Maybe I have not explained it properly. Posted are not solutions. Posted was what you execute when it is working. Then execute again when it is not working.
Not to fix it. Long before fixing anything, first the problem must be identified. Currently nobody even knows yet what your problem is.
So, you did all those "PINGs" when it worked fine. Then when it was not working, you did those "PING" programs again. Those are critically essential facts.
Same with "IPCONFIG /ALL". What did the anti-virus scan report some hour plus later when it finished working? Where is the information from system logs and Device manager? Those also were not idle questions. They were critically important facts that reported your system was still completely failed when you thought it was working.
What were the lights doing on the wireless router both during good and failed operations? What is your OS? What is the computer?
You probably have access to talent far superior to anything that the Geek Squad or you friend can provide. But you are stifling it by not answering all questions and doing everything requested - regardless of whether the machine is working or not.
Are the wireless drivers current? That also was not a question to avoid because you did not understand it. What did
www.windowsupdate.com report? What does the manufacturer report as the latest drivers? Again, not to fix anything (even though it might). To identify a problem that still exists even the machine appears to be working.
What exactly did "netsh winsock reset" report? Nobody can be helpful if you filter out facts.
Command prompt provides an easy way to cut and past every numeric detail from that window. Right click on the C:\ icon in the top left corner. In Edit, Select Mark. Then select everything on the screen to copy. Right click on the icon again to select Copy. Now the critical numbers that mean nothing to you can be pasted in a post. Those unanswered questions and every fact that means nothing to you is probably the critical fact that says what is wrong. Therefore you have stifled your help.
Numerous questions and requests for information were posted. Most were not answered. Answers them all. Otherwise spend money on a less knowledgeable repairman. What's the going rate? $70 per hour? Either you can do the labor or pay someone else to do these same things.
tw, you do realize this isn't a bullshit session in the geek break room, don't you?
AVG seems friendlier to a novice like me.
I think Shawnee speaks for the majority there, I know I'm in the same boat.
You and Mitch post great information, but the fact is most of us only grasp bits and pieces of it, and to attempt to accomplish your diagnostic procedures is frankly intimidating. IPCONFIG, Command prompt, and stuff like that, are a completely foreign language.
When our machines start making funny noises, or break down beside the road, we appreciate the help but keep in mind we're drivers, not mechanics. :o
IPCONFIG, Command prompt, and stuff like that, are a completely foreign language.
Then ask details so that the next reply adds new information. Otherwise spend $70 per hour and learn nothing.
Only reason to fix things is to learn. If the solution is posted and not understood, then ask or quit. Those are the two options. Therefore learn or not learn.
Most every reason for doing those things (netsh winsock reset) were never provided - intentionally. If not done, then one does not learn why they were so critically important. But again, fix things first and foremost to learn. Or stay ignorant and pay someone $70 per hour to do what is not really complex. It only looks complex because it is unknown.
Again the point because so many are bad at problem analysis. Don't try to fix it immediately. First objective is to only learn what is wrong. Fixing comes much later. Those who never fixed things always want instant solutions. Rarely learn how to break problems - even non-technical problems - down into parts.
Command prompt is where Shawnee entered "netsh winsock ..." IPCONFIG is also entered there. You would not know that if you had not yet done what Shawnee did. If you also do not do it (if you only read), then you also do not learn anything.
I never used that "netsh ... " option. So I too did what mbpark recommended. Why? Otherwise I also would have no idea what he posted. To learn means 1) all those actions must be performed, 2) all those questions answered, and 3) anything not understood requires asking for details. Only other option is to quit and learn nothing.
Furthermore, its a two way street. All parties (not just Shawnee) learn from the experience.
Personally, you lost me long ago on this issue. I wouldn't know where to begin and I'm afraid that if I messed something up while attempting some of what you said to try I wold have no net access and then be double screwed as I couldn't post for more help.
Hence I've been reading along trying to absorb some of what you are all talking about.
Now you just seem nasty and condescending. You gotta realize that there are others with no idea what you, any of you, are saying.
Now you just seem nasty and condescending. You gotta realize that there are others with no idea what you, any of you, are saying.
You are being emotional rather than dealing with reality. Did you also do what Shawnee did? If not, then reading was wasted time. You cannot read this stuff and learn. As I noted, the reasons why were intentionally not provided because those reasons why come AFTER do the work. Nothing here was complex. Enter some commands. See some results. Learn what those results mean later. But many want immediate gratification only by reading.
Just like in Science lab. If you did not execute Command Prompt, then you have no idea what Shawnee learned. If you did not do IPCONFIG or PING, then there was no reason to provide additional information. That’s not condescending. In short, if you only read, well, welcome to technology - you learned nothing.
People who do not fix things are poor at breaking problems into parts – making problems easier to solve. Too many want an instant solution. An experienced problem solver first finds a defect – fixes things later. Another famous sound byte that says the same thing: Patience, grasshopper.
That may be condescending to those who don't do the work. Silly emotion is not relevant. Fact. Either you do what Shawnee did or you learned almost nothing from this thread. In which cause, you could only become emotional - and therefore 'feel' condescendence.
Your choice. Did you do as mbpark suggested? Did you enter “netsh winsock reset”? If you feared you might break something, then did you post, “Can I do this without breaking something?” Learning by doing is that simple; not condescending. Nothing useful could have been learned by only reading. But that also is obvious from doing rather than only reading.
Of course you have no idea what is being said if you also did not execute those programs yourself. I know that. You apparently did not only because you did not execute those programs.
In a parallel thread, GIF is discussed. Did you understand those posts? Only if you also did the lab work. If you did not execute the program, then you had little grasp of that discussion either.
Well guys, quit it! ;)
I think tw is right. I do want to learn these things. To be honest, I have not tried everything he has mentioned because I'm too lazy to write it all down (I need printer ink) and go through it. I go through cycles of what I do on my computer, and I just haven't felt like putting in the work right now.
When we got our very first computer, my exes cousin came from IL and made the ex put it all together and set it up. He learned a lot. Cousin's reasoning was "if something goes wrong you'll know how things work..." and it came in handy.
But I will, eventually. I just need to be in that "mood" so to speak.
Anyway, I appreciate everything.
But I will, eventually. I just need to be in that "mood" so to speak.
Danger. Be very careful of that mood. The sun will go down and come up again ... and you won't even know it. These kind of problems can sometimes be addictive.
TW,
I did post why that command (netsh winsock reset) works in great detail. It's one of the enhancements MS added to XP SP2 for consumers to fix a large problem with spyware attaching itself to the TCP/IP stack by replacing the Winsock (TCP/IP) stack with a known good set of settings.
Then ask details so that the next reply adds new information. Otherwise spend $70 per hour and learn nothing.
Only reason to fix things is to learn. If the solution is posted and not understood, then ask or quit. Those are the two options. Therefore learn or not learn.
Most every reason for doing those things (netsh winsock reset) were never provided - intentionally. If not done, then one does not learn why they were so critically important. But again, fix things first and foremost to learn. Or stay ignorant and pay someone $70 per hour to do what is not really complex. It only looks complex because it is unknown.
Again the point because so many are bad at problem analysis. Don't try to fix it immediately. First objective is to only learn what is wrong. Fixing comes much later. Those who never fixed things always want instant solutions. Rarely learn how to break problems - even non-technical problems - down into parts.
Command prompt is where Shawnee entered "netsh winsock ..." IPCONFIG is also entered there. You would not know that if you had not yet done what Shawnee did. If you also do not do it (if you only read), then you also do not learn anything.
I never used that "netsh ... " option. So I too did what mbpark recommended. Why? Otherwise I also would have no idea what he posted. To learn means 1) all those actions must be performed, 2) all those questions answered, and 3) anything not understood requires asking for details. Only other option is to quit and learn nothing.
Furthermore, its a two way street. All parties (not just Shawnee) learn from the experience.
Danger. Be very careful of that mood. The sun will go down and come up again ... and you won't even know it. These kind of problems can sometimes be addictive.
There's that, too. I'll be obsessed. :p
I did post why that command (netsh winsock reset) works in great detail.
But most of what you posted would not be evident to most readers unless (and maybe not until) after they had run the programs (and then came back to better learn what the catalog was).
It was actually a bad example of my point because you discussed some things that others still would not understand even after running the program. Few really would know what the TCP/IP stack is even after resetting it.
netsh involves much of the black art. I have mostly avoided netsh because so little of that program actually solved something that was not otherwise repaired by a driver reload. I will have to play with it more.
I suspect few really grasped what you had posted. But the point is that without executing those programs, one really cannot grasp them.
TW,
Unfortunately, Windows is a complex beast. I'd need a whole series of posts to explain what I've picked up over the past 11+ years of working with Windows NT and its successor OSes.
It is this complexity that is the reason for Windows having the issues that it does. Even when you execute these programs, you can't tell what they do.
It is this complexity that is the reason for Windows having the issues that it does. Even when you execute these programs, you can't tell what they do.
Spaghetti code. What happens when a project does not have a strong architect with a clearly defined architecture. Windows has prospered by trying to do everything. Windows has suffered for the same reason.
Well guys, quit it! ;)
Well, excuuuuuse me.:p
I'm not dissing your ability or sincerity to the fix, just reminding him to remember he's talking to (other than you) novices.
TW,
Unfortunately, Windows is a complex beast. I'd need a whole series of posts to explain what I've picked up over the past 11+ years of working with Windows NT and its successor OSes.
Series of posts? :mg: More like you'd have to write an encyclopedia to explain what you know about this stuff.
I'm certain tw knows a lot about this stuff too, but he's grouchy. :haha:
What good is having knowledge if. . .
oh nevermind.
TW,
It is that reason why Mark Russinovich's company (Sysinternals) was bought by Microsoft. He was brought in to clean it up.
Spaghetti code. What happens when a project does not have a strong architect with a clearly defined architecture. Windows has prospered by trying to do everything. Windows has suffered for the same reason.
It is that reason why Mark Russinovich's company (Sysinternals) was bought by Microsoft. He was brought in to clean it up.
I always considered the purchase of System Internals to be what Bill and Dave did to grow Hewlett and Packard and what John Chambers did for Cisco. They bought innovative technology from companies not yet surrounded by large structures - to fill gaps in their company product line.
Microsoft basically had no useful analysis tools for Windows. System Internals are informative tools.
That spaghetti code is a symptom of poor planning at the architect's level. Is probably why the head of Windows was removed because of Vista's development. Are Russinovich and Cogwell working as architects for Microsoft Windows?
Well, excuuuuuse me.:p
I'm not dissing your ability or sincerity to the fix, just reminding him to remember he's talking to (other than you) novices.
I know. I appreciated that as well. I just wanted to point out that I do need to learn...or be a slave to others forever. I wouldn't make a good slave. I'm too mouthy. ;)
Yeah, but you'd look great in a Princess Leia slave outfit. :yum:
TW,
Mark Russinovich is one of the lead Windows architects now. He was one of the forces behind MinWin, which was the refactoring of the Windows code to remove dependencies and make it easier to build and maintain the product.
I always considered the purchase of System Internals to be what Bill and Dave did to grow Hewlett and Packard and what John Chambers did for Cisco. They bought innovative technology from companies not yet surrounded by large structures - to fill gaps in their company product line.
Microsoft basically had no useful analysis tools for Windows. System Internals are informative tools.
That spaghetti code is a symptom of poor planning at the architect's level. Is probably why the head of Windows was removed because of Vista's development. Are Russinovich and Cogwell working as architects for Microsoft Windows?
Mark Russinovich ... was one of the forces behind MinWin, which was the refactoring of the Windows code to remove dependencies and make it easier to build and maintain the product.
Never heard of MinWin. What is it for? What dependencies are being removed?
TW,
MinWin, as I stated, is the re-architecture of Windows itself to remove circular dependencies and build issues. It's a complete refactoring of the base of the system itself and the components to make it easier to build, maintain, and debug. Windows, before Windows 7, was devilishly complex to debug and fix issues with. Mark Russinovich did something nearly impossible, which was to help resolve that.
You have no idea. ;)
We would if you'd put on the costume and take the picture. ;)
I came across an item on the MSN home page for Sunday, 08 FEB 09 that reminded me of this thread. It was a link titled
Ranked: Security software which led to an article by PC World on evaluations of security suites (pay for packages).
Though a bit off topic, I found the ranking of security suites in that article versus the ranking of components in this thread to be interesting; so, I linked it here FYI.
MinWin, as I stated, is the re-architecture of Windows itself to remove circular dependencies and build issues. It's a complete refactoring of the base of the system itself and the components to make it easier to build, maintain, and debug.
So MinWin was a redesign of the entire kernel to create Windows 7. Did not address peripheral programs such as Paint, Notepad, and Defrag. Minwin was not another and new Windows product.
How many architects does Microsoft use on Windows? And what happened to Bruce Cogwell?
We would if you'd put on the costume and take the picture. ;)
Uh, dude, I just looked that costume up online and uh, yeah...no. :p
TW,
Somehow I think re-architecting the core of the product is more important than addressing Paint, Notepad, Solitaire (which got a redesign for Vista anyway), or Defrag (which Microsoft does not own, and is licensed from the Diskeeper corporation) :).
Microsoft doesn't publish how many architects they use on Windows. They just publish the ones that are the most famous, such as Mark Russinovich, David Cutler, and Bryce Cogswell (who is still at MS from what I understand).
So MinWin was a redesign of the entire kernel to create Windows 7. Did not address peripheral programs such as Paint, Notepad, and Defrag. Minwin was not another and new Windows product.
How many architects does Microsoft use on Windows? And what happened to Bruce Cogwell?
so, a friendly dwellar pointed me to the ultimate boot cd, and helped me with the creation of a boot cd that runs a basic windows environment. this allows you to run the utilities it contains....one of them is AVG.
i'm running it now.....we're up to 15 threats...no 16....5 are viruses, 11 trojan horses
ooop...19~and counting.....jeesus.
183......and still scanning
:blush
even after this avg cleanup, i still have spybot coming up repeatedly with kewedojisu trying to change some registry.....i blocked it, but it keeps coming back...
is this a normal thing, should i let it do it's thing?
Lumberjim,
Boot back into the Ultimate Boot CD and open a command prompt.
Go to c:\windows\system32 and type in the following:
attrib -r -h -s kewedojisu.*
erase kewedojisu.*
This will un-hide the file and erase it.
One other thing to try. Download malwarebytes anti-malware from malwarebytes.org and run that.
I've been testing that and have found it to be actually pretty decent at cleaning up "unknown" processes like that.
Jim, I had that problem and after trying a bunch of removal crap, I just had to go to the "control panel" then "add and remove programs". Found the strange program and removed it. I don't remember the name, but you should be able to spot a program that you don't know, if you have the same problem I had.
im running spybot that came with the boot cd.....its finding stuff too. the version i have installed wont update....
after i ran avg from the boot cd, I went online and tried to dl and install the free avg, but when i went to instal, it said it wouldnt work with my puter. it referred to windows 2000, although im using xp on this machine
it did fix the pop up problem it was havng though. which was the main complaint.
Lumberjim,
Give malwarebytes a try and let me know how it works :).
that found 69 items and fixed them
start up took forever afterwards
Did it work well otherwise?
seems to have. either the malware one or the spybot from the boot disk got rid of the kewets...thing. i ran them back to back
thanks a million for your help. i was ><thsi close to nuking it.
From the Washington Post of 12 Feburary 2009:
A Little Economic Stimulus: Free AntivirusI came across an item on the MSN home page for Sunday, 08 FEB 09 that reminded me of this thread. It was a link titled Ranked: Security software which led to an article by PC World on evaluations of security suites (pay for packages).
Interesting that they didn't even review
NOD32.
I read the review of Kaspersky (my weapon of choice) and have to agree that its confusing as hell to configure although I think it works better than the author does - nothing gets by Kaspersky. I even get warnings (including the IP address) when anything other than the browser I have open attempts to connect to the internet.
And as a general tip to the class, if the protection software you are running has a registry guard, enable it. If it doesn't, get one that does. A registry guard stops anything from making a change in the registry and asks for approval first. I think Spybot has one.
-----EDIT
Since MSN didn't think NOD32 was worth reviewing, I was not surprised to learn that opinions vary. Check out this
side-by-side comparison.
I've given up. I've pinged and ponged and looked and rebooted and researched and jotted and even tried drinking it into submission, and I am so sick of my computer I could scream.
I'm calling my friend.
I'm calling my friend.
It won't do any good. It'll behave perfectly while he/she's there. ;)
Heh...probably. Guess we'll have to drink while we wait for it to eff up.
I've given up. I've pinged and ponged and looked and rebooted and researched and jotted and even tried drinking it into submission, and I am so sick of my computer I could scream.
None of those suggestions were solutions. Those were how you get facts and numbers that mean nothing to you and that result in useful answers from others. Currently nobody can help because the necessary details are still missing.
I know.
I wrote a bunch of stuff down, but it's at home.
I saw that the lease expires like every hour?
It showed the same thing on IPCONFIG/ALL when it was working and when it wasn't, as far as the 192 whatever thingy.
My OS is Windows XP...pentium 4 something 2.66 and something 512...
When I tried to type my IP address in the address bar, nothing happened. I can't remember if I was able to get online or not when I tried that.
That's all I can remember.
I saw that the lease expires like every hour?
It showed the same thing on IPCONFIG/ALL when it was working and when it wasn't, as far as the 192 whatever thingy....
When I tried to type my IP address in the address bar, nothing happened. I can't remember if I was able to get online or not when I tried that.
First, leases typically expire in 1440 minutes. That would be defined in the router. Leases expiring every hour could be the symptom of failure. How do you know if and when a lease expires?
Once a computer has an IP address, it remains even if the router has gone defective. IPCONFIG /ALL will remain unchanged even when failure occurs. But the information is important for first locating the failure. IPCONFIG /ALL fixes nothing and typically does not change when failures occur. After reading data from IPCONFIG /ALL, then try IPCONFIG /RENEW. Then see what changes in IPCONFIG /ALL.
If the router's DHCP server can lease a new address, then it will do so only when IPCONFIG /RENEW is executed.
BTW, another address - the MAC address. It will read something like 00:aa:bb:cc:dd:ee where lower case letters represent digits. Important is that number remains consistent and is never all zeroes.
When a computer is working, the information for PING or TRACERT to the router's IP address and to cellar.org can later be compared to when computer is not accessing the internet. Difference is informative.
Previously posted was how to copy that information from the Command Prompt window and then paste it in Notepad (to record it) or to a Cellar post. No reason to remember anything when cut and pasting is so easy.
When accessing a web page that does not respond, then Windows puts up a message about diagnosing the connection. When internet access fails, click on that diagnostic to learn what has failed. Of course, it will mean nothing to you - now. But that message is critical to anyone who might provided assistance and show you how easy network problems are broken down.
Don't type your own IP address in the title bar. Enter the IP address of the router. You don't want to talk to a server inside your computer. You want to talk to the server inside that router.
Since your computer has no server, then entering your IP address gets no reply from a non-existent server.
For example, if your IP address is 192.168.a.bbb, (a and b are digits), then the address of that router is 192.168.a.1 . Enter that address both when the system is working and later when the system is not working.
Important is information from a router's status page. Also, if you can find the DHCP server, all computers that have leased IP addresses are listed - including yours.
BTW, this is why I always install at least one hardwired Ethernet port to a router. When failures occur, a hardwired port almost always still works to find and fix problems.
Not listed is who made the computer. Better computers have comprehensive hardware diagnostic specifically for problems such as yours. Executing that diagnostic only on the wireless card can (but is not likely to) provide further useful facts.
Sometimes Windows also has a wireless diagnostics from the wireless card manufacturer (ie Broadcom). Again performed both when the system is working and when failure occurs.
Don't try to fix anything. First is to define which has failed - computer or router. An example of breaking problems down into parts. Too many want instant fixes. But the easy fix starts by using simple tests (such as above) to first learn which side has failed.
Again, you may not know that the error has been identified. Even significant timing changes in PING may be a seriously critical piece of information - that would mean nothing to you - yet. Doing this stuff is how complex computers become less complex than a kitty cat - and don't make you bleed blood or money.
S123, wait. Nobody has actually troubleshooted your problem. You said it "stops acting like it's even connected". What is it doing when that happens? You're in a browser and the page stops loading? It can't find any web pages?
Does it come back by itself or do you have to reboot at that point? Does a reboot always fix it right away?
A reboot is not a guarantee that it will work when I reboot. I've rebooted sometimes more than once hoping it will log into my homesite (
CNN.com) When I got home from work I rebooted 6 times. Yeah...frustrated.
It never fails when I'm in Toontown and I wondered it that is because it is constantly sending data bak and forth.
It seemed like it go worse as time went on, yet tonight it has not booted me out since I logged in at eight o' clock and something
When it won't "connect" i get that screen where you can choose to do a diagnosics....I have a copy saved ...would it help?
It's always on wireless when this happens?
All I have is wireless... installation dude wouldn't run a cable to my comp.
Can you run your own cable? What's the box that they put in, does it have a manufacturer/model #?
By "box" do you mean that little light up thingy with an antenna? :)
It hasn't messed up since yesterday...knock on wood. It's like aliens took it over for a while and are now gone.
Yes, if that's the only box they seem to have installed.
OK cool. On the back of that unit are four RJ-45 jacks. And somewhere on your computer is an identical RJ-45 jack. You'll know it when you see it because it is like your phone jack, except wider.
You are perfectly free to buy an Ethernet cable, male-to-male RJ45 and plug one end into that Netgear and the other end into your puter. These are the most common of cables, widely available in computer stores and office maxen and such. You can get 3 foot, 6 foot, 10 foot, 25 foot whatever you need. You don't need the most expensive one. Anything "Cat 5" or above will be fine.
So if the system starts going out again, it might be a good idear to wire it up wired, and reboot and see if that fixes it straightaway. You may be near something or a neighbor that causes wireless interference.
Oh yes and also, you can look at the lights on that box and that might give us a hint. I don't know what the "i" light means but the one arrow means upstream traffic and the other means downstream traffic. Se what lights are on now, when it's working, and then check it when it's not working to see if the lights are different.
Right now there's the on light, the i light, the squiggly arrow pointing down, and something that looks like an old test pattern.
OK, then when I sent this the squiggly arrow pointing up lit up.
If I have problems again I will look.
See all the stuff I'm learning? :)
[useless anecdote]
When I was in college--i.e., in the days before reasonable and inexpensive wireless--my roommates and I just ran direct cable like UT is talking about all throughout the house, into five separate bedrooms.
Except it wasn't our house, we were renters. So we didn't do it inside the walls with fancy jacks or nothin', we just got a hundred foot spool and ran it down all the halls and through the doorways.
Oh, and we were too cheap to get actual bits of plastic to secure the cable to the walls. We used scotch tape.
It was awesome.
[/useless anecdote]
That is the ideal installation, except that you should use duct tape.
I had trouble connecting again this morning. I will stop on my way home tonight and get a cable.
The i light wasn't lighting, if that means anything.
OK it looks like the i light is the connection to the cable company. So a wired connection may not even work, if the i light is not lit. You'll need to call their cust. support for this one.
After several years of using ReaConverter 4.0 Pro and a year of using Avast, suddenly Avast says ReaConverter contains a trojan. OK, dump ReaConverter and reinstall with the original disc. Avast still insists Reaconverter is infected.
Dump Avast and install AVG, full scan (2.5 hrs, over 400k items), nothing but a couple of tracking cookies.
I bought the wire. It is, again working, though.
Interesting aside, re: the Antichrist that is Time-Warner: my brother's phone, cable, and internet are out. THey called TW and they said it was due to our windstorm last week and there were area-wide outages that they were working on. Fine. So he calls a few days later and they tell him it's all fixed. Mine isn't, he responds. Oh, they'll be by on Tuesday to take a look. They might even compensate by not charging him for down time.
So I'm not putting a whole lot of my faith into customer service.
grumble
Acted like it couldn't find websites again, with the i light lit. So I hooked up the cable. There are two holes on the computer and 4 on the router...does it matter which one I use?
And is it even called a router? :blush:
Well, since I hooked up the cable I've been OK. I did have almost two days of uninterrupted service before that, so we'll see.
I don't even mind the wire stretching across the living room. Gaines had fun chasing it when I was unravelling the cable. :)
Shawnee,
May I ask what kind of laptop and wireless card you have?
Thanks,
Mitch
I don't have a laptop. I have a Dell tower...not sure what things identify it.
The installation dude plugged in whatever communicates with the router, into the back of my tower.
Shawnee,
Go to Start -> Control Panel -> System -> Device Manager and expand out the Network Adapters section. Take a screenshot and tell us what you have.
Thanks,
Mitch
I have a Dell tower...not sure what things identify it.
Provide the Service Tag number. Then anyone can go to Dell to see what your hardware is.
Those lights on the Netgear are Power, test, cable link, downstream
traffic, upstream traffic, wireless,Ethernet (1 through 4), and USB.
I assumed you were providing that critical information if it was available.
Notice what happens to lights both on your computer and the Netgear when you disconnect and connect the cable. Important information to you now and in the future.
Remember your objective at this point. Is it the Dell or the Netear. Nothing more. That cable is not to fix anything. That RJ-45 Etheret cable is to help determine where the problem is.
Shawnee,
Go to Start -> Control Panel -> System -> Device Manager and expand out the Network Adapters section. Take a screenshot and tell us what you have.
Thanks,
Mitch
3com Etherlink XL 10/100 PCI TX NIC (3C905B-TX)
Intel(R) Pro/100 VE Network Connection
Netgear WG111 802.11g Wireless USB2.0 Adapter
I just typed it all.
Shawnee,
Can you look on the back and tell me what revision it is? (v1, v2, or v3)
On the back of the thing sticking out of my tower? There's a 3 there, but no (version) v in front of it.
yes on the back of the thing on the back of the tower :)
lol...I'm clueless.
There are a bunch of stickers with UPC codes, that's all I can see. One of them has a 3 on the end. To get a good look I'll have to take it out and look?
The Dell sticker should be on the side of the tower.
I'm so confused.
The phrase "Service Tag" is followed by the alphanumeric code. Label is typically is pasted on a side panel, as well as in many other locations of the machine.
Service Tag will also be on your sales receipts.
Service Tag means important hardware information is obtained direct from Dell AND that all software updates unique to your machine are listed. Service Tag would also provide that Netgear hardware information (if the Netgear was bought with the Dell).
TW and Bruce,
The purpose of the exercise was to find out what wireless card she had so we could get the latest drivers for it, not the XP tag :)
That's what I thought you meant, Mitch. Thus, confusion.
Sorry, I am lost tonight.
All your help, from all you people, has been nice, and I thank you.
Shawnee123,
What model of Dell do you have?
Do you mean this info?
Intel Pentium 4 CPU 2.66 Ghz?
Is there a model number somewhere?
Front of the case around the power button on Dells.
The purpose of the exercise was to find out what wireless card she had so we could get the latest drivers for it, not the XP tag
That service tag number says what the hardware is and lists all latest drivers. It is not a Windows XP tag. Service tag number would have answered your version and driver questions (assuming the wireless card came with the machine)
However you performed a simpler solution - download the latest driver anyway.
Still, Shawnee - provide that service tag number anyway. Otherwise you are only stifling your help of critical information. I wish you had stated it was a Dell long ago so that I was not wasting so much time on other possibilities. You have no idea how much useful information was available if you had answered "what machine" questions the first time.
Dell Dimension and about 200 other questions such as verions numbers made available immediately from a tag labeled "Service Tag".
To know what hardware is in your machine and so that others can tell you what software corrections are required, provide the "Service Tag" number.
I thought I did provide the Dell thing...but to be honest I have no idea what is pertinent and what is not.
I see many sets of numbers on that label. Is product key the same thing as service tag?
TW,
It doesn't provide the wireless card info. Dimension 4600s didn't ship with one.
I got this computer like almost 6 years ago. See first post. lol.
So it probably didn't come with a lot of wireless options as it wasn't a huge option at the time. As long as it was cable modem ready was my concern.
Shawnee123,
Download and run the latest BIOS update:
http://support.dell.com/support/downloads/driverslist.aspx?c=us&l=en&s=gen&ServiceTag=&SystemID=DIM_P4_4600&os=WW1&osl=en&catid=&impid=
And this utility to provide better drivers for USB, PCI, and AGP from Intel:
http://downloadcenter.intel.com/T8Clearance.aspx?sType=&agr=Y&ProductID=&DwnldID=16023&url=/16023/a08/infinst_autol.exe&PrdMap=&strOSs=&OSFullName=&lang=eng
Both of these will help eliminate issues with your USB devices.
Yes, I've used a Dimension 4600 before. It's actually quite a nice machine that has onboard SATA support.
I didn't go all the way high end when I chose it, but I did try to get a nice one for a decent price; makes me feel not so dumb when you say it's a nice machine. :)
Thanks for your help. While it's working I'm going to download.
Thanks Mitch. I did those downloads. We'll see what happens.
Should I disconnect the cable, or just leave it all in place?
Hello,
Disconnect the cable and see what happens.
BTW, if you can get 1GB RAM in there, do so. It'll take standard DDR400 RAM.
How do I do that? I mean the 1 gb RAm thing.
I've been thinking about saving for a new comp. Should I? Should I go Mac? What's the best avenue?
:)
Shawnee123,
You can get a little more usage out of it by spending $40 on this:
http://www.newegg.com/Product/Product.aspx?Item=N82E16820145440
And then saving the rest for a new Dell or Mac.
right now my comp is making serious noise, like it's processing really hard.
Maybe it's running better and is shocked?
Mitch, what do you think? I wouldn't be against going completely against what I've always had, started with windows 3.1 and learning dos commands when needed, but I have friends who think Mac is the way to go. Course, these friends are graphics people. What do you think, as far as that?
It doesn't provide the wireless card info. Dimension 4600s didn't ship with one.
That and numerous other questions would have been answerd (no reason to even ask them) had another's first question ("what is the machine") long ago been answered and if the Service Tag number was provided.
All those software updates would have been known and downloaded long ago. Meanwhile, the Service Tag number still is required because it answers everything about hardware and the many software/driver updated available (and why they are available).
Still unknown is where the problem resides - Dell or Netgear router.
TW,
I have worked with netgear cards enough to know that the drivers provided are complete and utter shite. You have to download new ones.
Dell never ships Netgear cards as an OEM option, hence they would not be available with the service tag. They ship their own brand (Dell TrueMobile) or Intel wireless cards as the OEM option when you buy a PC from them.
Dell also ships several variations of the base chipset model. They have a habit of using reference Intel designs with slight changes. However, it is always important to have the latest BIOS for them due to them making a lot of changes. The Intel ones also use Intel's chipset drivers.
Shawnee123,
I am typing this on my Macbook, which also runs VMWare Fusion, and Windows XP, Windows 7 Beta, and Ubuntu Linux on that :).
I'm going to recommend what I use.
right now my comp is making serious noise, like it's processing really hard.
Maybe it's running better and is shocked?
Mitch, what do you think? I wouldn't be against going completely against what I've always had, started with windows 3.1 and learning dos commands when needed, but I have friends who think Mac is the way to go. Course, these friends are graphics people. What do you think, as far as that?
I have worked with netgear cards enough to know that the drivers provided are complete and utter shite.
I can vouch for that. I finally trashed my wireless Netgear setup in favor of a new Netgear router and I just ran CAT 5 cable to all my computers.
I was about to rip my hair out trying to get that stupid wireless thing working. I worked for years then just started skipping out.
Problem solved.
This looks handy.
Computer Repair Utility Kit in a Thumb Drive
I think I could do irreparable harm with that sucker.:D
Update:
I couldn't get online since Saturday morning. My computer said the wireless connection was excellent...all other stuff checked out as far as I knew, but it wouldn't pull up any web pages.
I was finally in the right mood to call tech support. They were friendly and helpful, and in the end decided to send a tech. I agreed to "between 3:30 and 6:00" since I could be home from mom and dad's by then. Dude showed up like 3:35, replaced the router (said the other one was pretty old, this one has a separate modem and the router box is much smaller) and the converter (said the one plugged directly into the back sucked and gave me one on a wire that I can hang somewhere) and it is now running GREAT. No additional cost to me. He wouldn't even let me tip him though I said he deserved something for coming out on a Sunday.
I should have done this a long time ago, but like I said, I didn't want to call when I was in a pissy mood, and it HAD been working off and on and...I'm a procrastinator. :)
So you're not in a pissy mood when it's Mother's Day and a Full Moon? :haha:
Yeah, I know, now you are again.
There's a full moon? :worried:
:bolt:
There's a full moon?
Look out front on the lawn. [SIZE="1"]We know where you live.[/SIZE]
Just let the pizza guy through, please.
Oh, I see you! *waves*
Oh, I see you! *waves*
So we really don't need facial recognition?
It's not like there are 1500 guys with tinfoil hats standing around out there: you don't exactly "blend."
It's not like there are 1500 guys with tinfoil hats standing around out there: you don't exactly "blend."
That pointy thing is not tin foil.
BTW, hopefully the tech showed you how to display the status page on that new router. Knowing how to display it, knowing what to look for, or even putting the hyperlink for that router status page in Favorites (or Bookmark) would go a long way to averting any future problems. Which gives you more time to watch your lawn or rescue the pizza guy.
He didn't but I'll look into it. Thanks! Now get off my lawn! Actually, having it called a lawn is hilarious...you can cross it in a few steps. :)
Actually, having it called a lawn is hilarious...you can cross it in a few steps.
It needs a little fertilizer. Done.
tw, I found the netgear smart wizard wireless assistant...he had a shortcut on the desktop. Was this what you meant? It has everything, I think. He did tell me about the network name and the key, which are there also.
Steve's Guide to Computer Branding-Speak
[list][*]If it's labeled "smart" . . . it's stupid, at best. (At worst it's stupid and harmful.)
[*]If it's called an "assistant," it will never do anything to assist you.
[/list]
tw, I found the netgear smart wizard wireless assistant...he had a shortcut on the desktop. Was this what you meant? It has everything, I think. He did tell me about the network name and the key, which are there also.
That would be one page from the router for both wireless and for wired LAN (local area network). (Record that password if required for access.)
One side of those boxes is your LAN (wireless and ethernet / CAT5 cables). Other side is the outside world - the WAN.
For example, network name and encryption code is for wireless operation. Best recorded just in case something happens. Maybe front panel lights report computers hardwired. Record those lights to know what a good connection looks like. Status page IP address (such as 192.168.1.1) also recorded for future convenience.
Another status page may have other information such as numbers for the WAN (wide area network). Don't remember. Is your WAN was cable, DSL, or FIOS (the ISP)? Each would have some numbers that define upload and download data rates, signal to noise ratios, error numbers, or something equivalent. You currently have a good system. So record (or print) those numbers just to know what a good system looks like.
Hopefully, those status pages report what is between your computer and that router/modem. Another status page reports what is between that router/modem and your ISP. If any problems, well, which page shows bad numbers? The bad page tells you which direction to go for help. No more 'try this and try that' speculation.
Old router was Netgear. Recording these new model numbers (when convenient) means, if problems occur, you don't have to fight through dust balls to read those numbers later.
Put all in an envelope under the router.
I usually write the router wireless name and security (WEP) code one a sticky label. Mount that sticky label near the router. Then a new wireless computer can connect by simply reading that number from a convenient location. Some ideas to avert future confusion.
@ sleeve: I don't think it's a wizard as you normally see, it's more of a console that has all the information and troubleshooting stuff in one place.
@ tw: I will do all that tonight. I can tell the original equip (and perhaps associated software?) was outdated; this new interface is so much easier. Thanks for your help. Now get off my lawn.
My internet is running faster too, with none of the apprehension when Toontown freezes up and I wonder if I'm getting booted. :)
Has anyone hear heard of "Personal Antivirus"? Apparently, it's a program that attaches to a computer and tries to get you, the consumer, to purchase their product. It's constantly "popping up" saying your computer is infected with miscellaneous viruses, etc.
We have Norton/Symantec - I ran that program and it didn't detect anything - maybe that's not good, cause it didn't say anything about this Personal Antivirus.
If anyone here does know anything about it - how can I get rid of it? I found instructions online from bleepingcomputer.com, but I don't know if that is "reputable" and don't want tol make it worse.
Try spyware Doctor - I had a similar issue/program/virus/whatever... It got rid of it for me. But I would wait till one of the more knowledgeable dwellars gives you some advice.
I cleaned that piece of crap off of somebody's computer just last week.
bleepingcomputer.com usually has pretty good advice. They have some FAQs on common spyware issues, "help my computer's running too slow" etc.
They gave detailed instructions on "how to". I have to download a Malwarebytes' Anti-Malware Download Link. I just wasn't sure about that.
Also, when I was at that site - bleepingcomputer - it would almost instantly come up a "black type" screen with some type of message saying this site is blocked, so I don't even know if I will be able to download that link.
Has anyone hear heard of "Personal Antivirus"? Apparently, it's a program that attaches to a computer and tries to get you, the consumer, to purchase their product. It's constantly "popping up"
A few summers ago, I monitored the internet for all incoming packets. Repeatedly found packets that say something like "Your computer has been found infected. Download this antivirus software..." These packets would arrive about every 40 minutes with a reply address that was traced to Northeast China.
Amazing how many times this spam routinely arrived to so many computers. Of course, even the Windows 98 machine ignored it because no 'Window' was waiting for a message addressing that port. IOW you may not know how many internet packets with such popups and other malware are routinely rejected by your machine even without Anti-virus protection.
Jester,
You really want to go to
www.malwarebytes.org and get yourself a copy of their anti-malware software. It is that good!
You also should visit
www.ubcd4win.com and make one of those CDs, as they are at version 3.50. It works really well.
Mitch
Malwarebytes took a couple hours to do a complete scan and found a couple things hiding in restore. I guess AVG couldn't find them, although it does a complete scan (about 3.5 hrs) daily.
I've been trying to fix this, but it's not working very well for me. The computer that's messed up won't even let me download the software. Everytime I go to the website and "click" on the link, my internet closes. While I can go back to that website the same thing happens. I went to another computer to download the file onto a disc, but once downloaded onto said computer it doesn't do anything.
Concerning the other website, ubcd4win. Not sure if I understood it enough, but it was talking about "rebooting", will that delete everything on the computer and then I will have to reload?
Jester,
Find another PC to download the items onto and transfer them onto a USB stick to install on the affected PC.
If you use ubcd4win, it doesn't delete everything. It just lets you reboot the PC into a different version of Windows that you can use to clean out malware and viruses. It works really well, actually.