Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Comptuer Virus Help

Reply
Thread Tools

Comptuer Virus Help

 
 
herbdove
Guest
Posts: n/a
 
      11-13-2006
Hello all,

I'm wondering if someone would kindly me with what appears to be a
virus on my computer.

I turned on my computer yesterday, and all my bookmarks in Firefox
disappeared. Other oddities: I am receiving the error message:
"Error: LiveCode is not defined line:19", certain (but not all)
graphics on a webpage will not load and sometimes when they do the
resolution will be bad, spacing on the page will be off, font size will
be strange, etc. Another oddity--when I will click on a link of any
sort, or click on an e-mail message, etc., the page that comes up will
simply be blank. Things are running very slow overall.

I run Symantec Anti-Virus at all times, and have a firewall through
ZoneAlarm. I ran Ad-Aware and Spybot, and updated all. When no
viruses were detected, I downloaded AVG Anti-Virus, and Microsoft
Baseline Security Analyzer. So luck with these either. I've
uninstalled Firefox, and re-downloaded it again. Nada.

Any suggestions on how I should proceed?

Thanks a million...
matt

 
Reply With Quote
 
 
 
 
Sebastian Gottschalk
Guest
Posts: n/a
 
      11-13-2006
herbdove wrote:

> I'm wondering if someone would kindly me with what appears to be a
> virus on my computer.


It doesn't. It appears like a generic software bug.

> I turned on my computer yesterday, and all my bookmarks in Firefox
> disappeared. Other oddities: I am receiving the error message:
> "Error: LiveCode is not defined line:19", certain (but not all)
> graphics on a webpage will not load and sometimes when they do the
> resolution will be bad, spacing on the page will be off, font size will
> be strange, etc. Another oddity--when I will click on a link of any
> sort, or click on an e-mail message, etc., the page that comes up will
> simply be blank. Things are running very slow overall.
>
> I run Symantec Anti-Virus at all times, and have a firewall through
> ZoneAlarm. I ran Ad-Aware and Spybot, and updated all. When no
> viruses were detected, I downloaded AVG Anti-Virus, and Microsoft
> Baseline Security Analyzer. So luck with these either. I've
> uninstalled Firefox, and re-downloaded it again. Nada.
>
> Any suggestions on how I should proceed?


1. Rebuild your Firefox profile. This should fix the issue.
2. Uninstall Symantec AV and ZoneAlarm, this will protect your computer.
3. Stop wasting your time with all kinds of scanners for a problem that
could hardly be related to malware.
 
Reply With Quote
 
 
 
 
David H. Lipman
Guest
Posts: n/a
 
      11-13-2006
From: "herbdove" <(E-Mail Removed)>

| Hello all,
|
| I'm wondering if someone would kindly me with what appears to be a
| virus on my computer.
|

You presume wrongly !

Please don't Multi-Post.
Please Cross-Post to pertinent, On Topic, news Groups instead.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


 
Reply With Quote
 
erewhon
Guest
Posts: n/a
 
      11-13-2006

> 1. Rebuild your Firefox profile. This should fix the issue.


Ok

> 2. Uninstall Symantec AV and ZoneAlarm, this will protect your computer.


Less AV and less firewall = More protected?

I'm aware they create a false sense of securty for 0days and bespoke code,
but I think you are full of **** if you think that their removal improve
security.

All code has flaws. However, a software firewall (even with possible
vulnerabilities) is certainly better than a core o.s with NO firewall and
AV.

Don't believe this fool - get multiple AV's installed, then be careful what
you browse and open.

> 3. Stop wasting your time with all kinds of scanners for a problem that
> could hardly be related to malware.


I may be related to malware. It may not. Searching for it, and not finding
any (since it may slip under the radar) is certainly not a futile excercise.
Malware is detected more times than not. That's not to say you have no
malware, just that you have a higher probabilty of finding it if you look
for it.

Not looking for it, is akin to sticking your head in the sand.

Search, but always remain a liittle sceptical that nothing found does not
always equal nothing present.

Do not take this fools advice of no protection and no looking to keep
protected.

erewhon
alt.hacker


 
Reply With Quote
 
Sebastian Gottschalk
Guest
Posts: n/a
 
      11-14-2006
erewhon wrote:

>> 1. Rebuild your Firefox profile. This should fix the issue.

>
> Ok
>
>> 2. Uninstall Symantec AV and ZoneAlarm, this will protect your computer.

>
> Less AV and less firewall = More protected?


Generally yes. More code = more complexity = insecurity. Beside that
ZoneAlarm is no firewall.

Even further, Symantec AV and ZoneAlarm have known unpatched security
vulnerabilities that make the computer vulnerable in first place, and
they're totally broken.

> All code has flaws. However, a software firewall (even with possible
> vulnerabilities) is certainly better than a core o.s with NO firewall and
> AV.


Wrong. Take a secure computer, install such a software, and now you made it
insecure.

> Don't believe this fool - get multiple AV's installed, then be careful what
> you browse and open.


Believe whatever you want. Reality doesn't care for you unjustified believe
in virus scanners.

Real protection against viruses is provided by ACLs, implementing a global
no-exec policy and by not allowing automatic code execution.

>> 3. Stop wasting your time with all kinds of scanners for a problem that
>> could hardly be related to malware.

>
> I may be related to malware. It may not.


Default assumption: It is not related.

> Do not take this fools advice of no protection and no looking to keep
> protected.


Installing pseudo security stuff has nothing to do with protection.
 
Reply With Quote
 
erewhon
Guest
Posts: n/a
 
      11-14-2006
>> Less AV and less firewall = More protected?
>
> Generally yes. More code = more complexity = insecurity.


What nonsense. You seem to be mixing quality and quantity. One line of
vulnerable code is an insecurity. A million lines of non-vulnerable code is
secure. More code does not equal more complexity hence more insecurity.

Poorly written code is insecure. Well written code is not.

Having a good quality AV and firewall product prevents more issues than they
cause. Of course, a badly written one can introudce ADDITIONAL exploit
paths, however, not having one at all guarantees vulnerabilty in a o/s with
many dozens of high severity vulnerabilities, and many more to be found
before next patch tuesday.

> Beside that
> ZoneAlarm is no firewall.


It is a firewall - although I never stated it was a very good one.

> Even further, Symantec AV and ZoneAlarm have known unpatched security
> vulnerabilities that make the computer vulnerable in first place, and
> they're totally broken.


No - they make it vulnerable to those attacks which attempt to exploit them.

The vast majority of exploit and virus code is written to target the largest
available footprint. Whilst custom code can be used to **** over certain av
and firewall products, the vast majority of this code targets core o.s or
browser vulnerabilities. As such, a user should focus their efforts on using
apps which can sit on top of the o/s and filter, block, detect and remove
such malware to reduce their exposure.

As I stated, they are not going to work on 0day code, or the latest bespoke
code - however, they are certainly better than none at all, contrary to your
assertion.

>> All code has flaws. However, a software firewall (even with possible
>> vulnerabilities) is certainly better than a core o.s with NO firewall and
>> AV.

>
> Wrong. Take a secure computer, install such a software, and now you made
> it
> insecure.


Of course - except there is no 'secure computer' in this context. M$, Linux,
Mac - all have code flaws which are exploitable. Having protection on top of
the o/s makes sense. Of course a badly designed app adds to the holes, but
the type and # of holes it brings are only relevant if they are commonly
targeted.

>> Don't believe this fool - get multiple AV's installed, then be careful
>> what
>> you browse and open.

>
> Believe whatever you want. Reality doesn't care for you unjustified
> believe
> in virus scanners.


The last time I checked, my PC was protected against several thousands of
viruses esp. those which use vulnerabilities to attain prividge escalation
or known holes to run. Any one of these viruses that attempts to run on my
PC will fail due to AV protection. Any PC without AV will not be stopped -
ACL's or no ACL's.

> Real protection against viruses is provided by ACLs, implementing a global
> no-exec policy and by not allowing automatic code execution.


Nonsense. I could login as run as guest and have o/s policies and setting in
place to limit the possibility of running certain code. This does NOTHING to
protect me against malicious code injected into a vulnerable app or via port
which fails to trap such code, and allows exploit as system. What the hell I
am logged in as, and ACLs and "a global no-exec policy" will do the square
root of **** all to prevent a DCOM exploit, if I've got no AV, no vendor
patch and no firewall.

>>> 3. Stop wasting your time with all kinds of scanners for a problem that
>>> could hardly be related to malware.

>>
>> I may be related to malware. It may not.

>
> Default assumption: It is not related.


Wrong. Default assumption is to assume nothing, investigate everything.


>> Do not take this fools advice of no protection and no looking to keep
>> protected.

>
> Installing pseudo security stuff has nothing to do with protection.


For fear of banging my head against a brick wall - yes it does. Calling it
"pseudo security stuff" does not your case a valid one.

erewhon
alt.hacker


 
Reply With Quote
 
Sebastian Gottschalk
Guest
Posts: n/a
 
      11-14-2006
erewhon wrote:

>>> Less AV and less firewall = More protected?

>>
>> Generally yes. More code = more complexity = insecurity.

>
> What nonsense. You seem to be mixing quality and quantity. One line of
> vulnerable code is an insecurity. A million lines of non-vulnerable code is
> secure. More code does not equal more complexity hence more insecurity.


Seems like you're pretty ignorant towards reality.

> Having a good quality AV and firewall product prevents more issues than they
> cause.


On a well-secured computer it can't prevent any issue.

> Of course, a badly written one can introudce ADDITIONAL exploit
> paths, however, not having one at all guarantees vulnerabilty in a o/s with
> many dozens of high severity vulnerabilities, and many more to be found
> before next patch tuesday.


And this is a reason why you have to add more vulnerabilities, especially
known ones.

>> Beside that ZoneAlarm is no firewall.

>
> It is a firewall - although I never stated it was a very good one.


It is no firewall. It's a host-based packet filter, and a pretty lousy one.
And it's unsuitable for building a firewall.

>> Even further, Symantec AV and ZoneAlarm have known unpatched security
>> vulnerabilities that make the computer vulnerable in first place, and
>> they're totally broken.

>
> No - they make it vulnerable to those attacks which attempt to exploit them.


So, you admit that there's a problem.

> The vast majority of exploit and virus code is written to target the largest
> available footprint. Whilst custom code can be used to **** over certain av
> and firewall products, the vast majority of this code targets core o.s or
> browser vulnerabilities. As such, a user should focus their efforts on using
> apps which can sit on top of the o/s and filter, block, detect and remove
> such malware to reduce their exposure.


Bullshit. You should focus on using operating systems with well-supported
updates on O.S. core components, and vulnerabilities in webbrowser are
unacceptable.

> As I stated, they are not going to work on 0day code, or the latest bespoke
> code - however, they are certainly better than none at all, contrary to your
> assertion.


Well, believe whatever you want. Statistics tell otherwise.

> The last time I checked, my PC was protected against several thousands of
> viruses esp. those which use vulnerabilities to attain prividge escalation
> or known holes to run.


So, was it? Why? Don't tell me that it has anything to do with your virus
scanner or your you'd-like-it-to-be-a-firewall.

> Any one of these viruses that attempts to run on my
> PC will fail due to AV protection.


What AV protection? Your virus scanner? No, it won't fail.

> Any PC without AV will not be stopped


It will. Just implement the relevant policies.

> - ACL's or no ACL's.


With correct ACLs the damage is limited. Now that's a real security
measure.


>> Real protection against viruses is provided by ACLs, implementing a global
>> no-exec policy and by not allowing automatic code execution.

>
> Nonsense.


At this point I looked up the headers, and they stated that you're posting
with Microsoft Outlook Express. Therefore I should simply stop listening to
you, as you have obviously no idea about real security.

> I could login as run as guest


No, you can't.

> This does NOTHING to protect me against malicious code injected into a
> vulnerable app


For the very same reason, you virus scanner fails so blatantly even on
malware it knows.

> all to prevent a DCOM exploit,


OK, you're really too stupid to simply no offer any DCOM services on the
net?

> if I've got no AV, no vendor patch and no firewall.


You obviously are stupid. Of course you should install patches. A virus
scanner or a firewall won't prevent such an exploit, or at best by luck.

>>> I may be related to malware. It may not.

>>
>> Default assumption: It is not related.

>
> Wrong. Default assumption is to assume nothing, investigate everything.


And as there's no reason to assume that the issue is specifically caused
the malware...

>> Installing pseudo security stuff has nothing to do with protection.

>
> For fear of banging my head against a brick wall - yes it does.


No. That's why it's called pseudo.

> Calling it "pseudo security stuff" does not your case a valid one.


It's called pseudo because it has no technical background.
 
Reply With Quote
 
erewhon
Guest
Posts: n/a
 
      11-14-2006

>> Calling it "pseudo security stuff" does not your case a valid one.

>
> It's called pseudo because it has no technical background.


Oh I see. Symantec. McAfee. They're all in 'it' together. Lying about why we
need them. Praying on fear and ignorance. Offering zero value.

It's a conspiracy theory.

Now I get it.

You're not stoopid. You're a ****ing kook!


 
Reply With Quote
 
Jim
Guest
Posts: n/a
 
      11-14-2006
herbdove came up with this when s/he headbutted the keyboard a moment ago in
alt.computer.security:

> Hello all,
>
> I'm wondering if someone would kindly me with what appears to be a
> virus on my computer.
>
> I turned on my computer yesterday, and all my bookmarks in Firefox
> disappeared.


That's a bug I've seen before. And reported it.

> Other oddities: I am receiving the error message:
> "Error: LiveCode is not defined line:19",


Not sure what this is: possibly something you're missing in your system
configuration (.NET?)

> certain (but not all)
> graphics on a webpage will not load and sometimes when they do the
> resolution will be bad, spacing on the page will be off, font size will
> be strange, etc.


Misconfigured browser. I have mine set with small fonts (large fonts have a
tendency to mung the spacing not only between characters but between rows
as well - depends on how the page is coded), and images from the
originating site only. Stops a lot of the ads.

> Another oddity--when I will click on a link of any
> sort, or click on an e-mail message, etc., the page that comes up will
> simply be blank. Things are running very slow overall.
>


Very possibly a busted Firefox. Try another browser to see if the behaviour
is repeatable on that.

> I run Symantec Anti-Virus at all times,


My experience and observation: Symantec AV is most often at the top of the
list for malware to disable in any way it can before it delivers its
payload. A nineteen month old buffer overflow exploit (which still hasn't
been patched by Symantec) is a favourite vector. Once the exploit is
triggered, NIS/NAV simply stops working. Apart from that, NAV/NIS is a hog
anyway; you would be much better off using AVG and something like Panda AV,
along with Spybot S&D and Ad-Aware.Even those four programs have less of a
footprint than Symantec's offering, and you will notice a /dramatic/
difference in the responsiveness of your system. As for a softwall, use the
one provided with XP. It (surprisingly) does what it says on the tin. You
don't need Zonealarm or anything like that (which will most likely clash
horribly with XP's own firewall anyway). Remember, this is experience. Not
BS.

> and have a firewall through
> ZoneAlarm. I ran Ad-Aware and Spybot, and updated all. When no
> viruses were detected, I downloaded AVG Anti-Virus, and Microsoft
> Baseline Security Analyzer. So luck with these either. I've
> uninstalled Firefox, and re-downloaded it again. Nada.
>
> Any suggestions on how I should proceed?
>
> Thanks a million...
> matt


--
-*- Linux Desktops & Clustering Solutions -*- http://dotware.co.uk
-*- Registered Linux user #426308 -*- http://counter.li.org
-*- Linux is like a wigwam: no Windows, no Gates, and Apache inside.
-*- <discl mode="Boilerplate" />
 
Reply With Quote
 
kurt wismer
Guest
Posts: n/a
 
      11-15-2006
Sebastian Gottschalk wrote:
[snip]
> Real protection against viruses is provided by ACLs, implementing a global
> no-exec policy and by not allowing automatic code execution.


by acls i imagine you're making a reference to least privilege... fred
cohen's early experiments with viruses demonstrate fairly unequivocally
that least privilege does not stop viruses... it is a speed bump, not a
road block - it will interfere with those viruses that were made with
the assumption of having admin access and that's about all...

as for trying to control execution, determining executable data from
non-executable data is undecidable in the general case...

they can be valuable additions to a defense in depth approach, but they
are not, by themselves, a solution to the virus problem...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Comptuer Virus Help herbdove Computer Support 1 11-13-2006 09:26 PM
How can I output comptuer video to TV? i-cable Computer Information 3 09-10-2005 09:54 PM
Comptuer troubleshooting problems AJENSEN@neb.rr.com Computer Information 0 08-27-2004 04:06 PM
Can't access secure websites when comptuer is left on... Slacker Computer Support 1 06-04-2004 03:35 AM
winxp IE will not let you exit, and my comptuer / other folders will not let you open them. Daniel NZ Computing 2 05-11-2004 02:02 AM



Advertisments