Computer Security

Bondy111,

My son or daughter "accidentially" downloaded the predecessor to this antivirus 2009 ("antivirus 2008") a few months ago, and getting rid of it was a pain. The malware got progressively more nasty with each boot-up, it suppressed the start menu, disabled right mouse clicking, kept task manager from launching, and numerous other troubles...

Affter several false starts, and following some bad advice, I was able to rid my computer of this malware.

You will need to do a google search for "Malwarebytes Anti-malware", and download & install that free program.

You may want to follow these step-by step directions:

http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009

You will need to run the anti-maiware program more than once, including an initial run while the computer is booted in the "safe" mode.

If you follow the directions referenced above, you should be free of this problem in less than an hour.

Good luck.

================================================================

Just my $0.02...

Oh! The stupid Antivirus XP 2008(2009) people just won't quit. They got me a couple months ago. And these guys are good at being bad. Went right past my firewall after I opened a site from a Google search.

Their program is very quick and made several mods into my registry, dumped several true trojans in, and even modified the display properties windows to remove the desktop tab and that "You have a security problem" screen was actually just a bitmap file that they put on the desktop background. They removed the tab so I couldn't change my background picture back. That was the hardest one to undo.

I know my machine so it didn't take long to find the files they dumped on me. I rooted it all out and got most of it out of my registry, sticking it all in a temp file. It installed under a file called rhcgvhjoec2p that took my free version of adaware two days to update and spot. My paid version of Trend Micro got it in 3 days. A month ago AVG still hadn't spotted the files on a full scan.

This thing also brought along several little malware friends like 1.exe and a couple of fake svchost files, along with some others.

I absolutely would not make the mistake of ignoring this. Root it all out carefully, and until you KNOW it is gone do not use that machine for anything with sensitive passwords like banking.

MY CONDOLENCES!

I sincerely hope you have a second machine available to download safe virus removal software. That particular malware will redirect you to look alike websites but the so called anti-virus solution simply masks the symptoms, but continues to run in the back ground. DO NOT KEEP REBOOTING. DO NOT LEAVE IT CONNECTED TO INTERNET

If you do, it will start spamming and get you black listed like it did to me. Thought I had eradicated it, because I removed the virus warning and the known files beginning with rch or whatever. The file names keep mutiating so you can't find them all.

If you have electrically erasable BIOS look out! It corrupted mine so I could not boot from a CD. That pretty much killed my machine recovery efforts.

The local computer shops got so busy and charged so much to repair infected computers it was cheaper to replace the hard drive and reload a fresh copy of the OS.

GOOD LUCK!

Yesterday, following posting the question, AVG updated, so I did a scan, to find there were 16 trojans, 2 trojan downloaders, and something else to do with trojans. I healed them all, and now the security warning hasen't popped up in a day! I deleted the antivirus 2009 from prog files, and then went onto add or remove programs, which deleted the now useless shortcut.

I think it's fixed.

But, now IE7 and Opera won't work. I found the right bit on the tools menu of firefox, but can't find it on the other two. Does anyone know how to configure the proxys?

On firefox, it had switched to manual detection, so I switched it to automatic detection, on the advanced tab, but can't find how to on IE7 and Opera

The only thing I would add to Bondi111 is download a copy of CLAMWIN, it's free and a very good anti-virus program. Another program is called Spyware Terminator.

You do have my sympathy.

Hello Orpheuse:

how are you?

I will check out the CLAMWIN? There will be a time when even the must trusted anti virus is not able to find an infection you know is causing havoc! And has to be changed. .............Can it be used with xp?

Thank you..........

Hi babybear, your lenghty description is good. However I would like to add some comments about the AntivirusXP malware that started this thread. For starters it erases ALL previous restore points. That was my first response to seeing the warning message. It installs one restore point that coincides with the last time you booted up. Next reboot, it erases it's own restore point and sets a new on. Secondly the first thing it does is infect IE and Outlook email program. If you are using third party browsers and email like Mozilla, these are only affected when you attempt to go online. Firefox browser is also redirected if you try to link to any of the known anti virus software websites. I noticed that all the known free download now had a price tag. That is a clue you are at the wrong website even if it looks identical to what you expected. And these are remarkable look alikes, Unless you know exactly how it should look, you may not be able to tell. What is worse, many companies frequently update their websites to look "fresh" so how is someone to know if the slight changes are legit or a result of a substitution?

All attempts to use a browser to get to a download website for a solution will eventually result in a "fatal error" message and either a lock up or a software induced reboot. You can't stop the reboot. And of course every reboot will regenerate the malware from a kernel. When I finally obtained some software tools, I discovered not one or two infected files but 8 different folders and locations. The program morphs the virus file names and has at least two different strings of prefixes to its own files. If you are persistent enough to keep trying to erase /remove it; the malware may encrypt the entire drive as hidden files. My infected drive is now invisible and I have not found a way to read it.

I dropped the drive into a portable hard drive frame with a USB adaptor circuit. The computer will detect the presence of a USB device but says it cannot read or identify it. Doesn't seem to matter if I set the drive to be Master or slave. I actually saw the drive disappear from the screen right before my eyes. First time I plugged it in as a USB removable drive, it showed up. But when I clicked on the icon to read the drive it vanished. Now the computer sees a USB device plugged in but cannot red or identify it.

I had also read in a CNET note that the virus makes its own folders and files hidden by making them appear to be read only or hidden files. I tried for two weeks to eradicate this from my computer. Being my only working computer I had no choice but to try. Fortunately I was able to continue reading emails using Thunderbird from Mozilla and friends sent me the relevant notes from CNET as email attachments. It would not surprise me to learn that newer editions of this malware has now plugged this loophole. When my efforts at eraicating the virus failed I cobbled together a computer from parts in the toy box. I also scrounged several old computes from the edump and from friends. Result six infected hard drives and two more infected computers. so much for a virus only being able to go active in a master drive and with a loaded OS. Apparently the virus was able to become active from a slave drive or a backup USB drive.

This malware gets nastier and nastier with every reboot. And you can't stop the fatal error automatic shut downs induced by the malware. That is how it keeps alive. since it has multiple copies imbedded in the OS, chances of you erasing all of them is not that great. Only chance is if you isolate the computer as soon as you get the error message and never click on the X or even the cancel button. In my case this seems to trigger additional activity. Among the other activity it shuts down Norton symantec and Microsoft Defender fire walls. Evidently this enables it to call home for a massive download of additional help to screw up yor computer. With fire wall down you do not see this activity. By the time you notice a slow down in responce, its too late!

And as for "safe computing" even tha tis no guarante of protection. I and several other that 'I know of got infected when we opened an email from what looked like a major courier company. Subject line is "tracking number" Well who doesn't get pagkage deliver these days? Look at the email and bingo you got infected. Except you won't know about it for several hours or until you reboot th enext morning.

Hello elnav:

my mind is in gear now and I understand the reason for this thread.

The last huge infection with Trojans and others I had, also stopped my restore from working. But by accident I found going into safe mode and running anti virus etc, solved this problem.

Sorry about the lengthy details.

And it sounds like you are more experienced than me. Though it is not until you get hit, and have to find your own solutions that you really start to learn!!!!!!!!!!!

When I am dealing with an infection I can see a mind eye pictured schematic of what has to be done. Or at least what I think from past experience should or has to be done. That last major infection was down to me relying on the trusted (kaspersky) anti virus, which started letting stuff past. And just not 'seeing' it when I knew it was there.

I think the most important thing to do is to get any updates you can if you still can use your browser, then pull the telephone connection and work from there. I have read in Mags I get that as people were cleaning the computer of virus other virus were downloaded. That cannot happen if there is no connection to the ISP and web.

I am still not saying it is easy, because you have to think what have I done and what do I need to do to make this or that work. And try to work in an order, just as I detailed.

To clean my machine with no reload of XP, took me two weeks. But I could not have done it without safe mode.

With regard to the number and different types of infection you had..............I too had no idea I had so many. I had a 'newer' version of the 'Security Centre' download itself and thought it did not look quite right, as you describe. And for a day or two I was working 'through' this fake Security Centre and achieving nothing, other than allowing more malware in! Yes, mine to morphed and had maybe 12 to 20 different strings. One had 89! And every time I cleaned it there would be more shown.

I agree will all you say as you could be talking of my infection!

Finding out exactly what you are looking for and finding it is without doubt the most 'difficultist' thing I can think of. But I have learned from it. Until it happened to me, I thought it was something which happened to people who did not have anti virus etc. But I did!

Can I ask, is there stuff on the hdd which does not function anymore you want to keep? Because, if not why not just smash it and put a new drive in?

They way you got infected, by clicking on 'tracking #'s in emails. That should not have happened. I always know roughly what emails are before I open them and do not open any I do not know about or expect. If it was a proper email from someone they will find another way to contact you if it is important.

After all I have said, I agree with you entirely! And, when on the web, you just never know when one of these buggers is going to hit you as you click on an icon you have clicked hundreds of times before.

I think there should be jail sentences for any known malware sender or writer. They may think twice then?

Thank you, and take care................

The last huge infection with Trojans and others I had, also stopped my restore from working. But by accident I found going into safe mode and running anti virus etc, solved this problem.

REPLY

One of the early bits of advice I got came from a forum discussions about fighting this virus. One person advised against going into SAFE mode since it apparently triggerred yet another aspect of the malware. Supposedly this was based on their own experience. My experience was going into SAFE mode triggered an shut down.

Don't ask how the virus did that but it happened.

As for the content of the infected HDD, yes it contains about 25 Giabytes of very hard to replace or regenerate data. Plus of course the O/S and some 3rd party software for which I have lost the install key. I had about 75% of it backed up but not all. Unfortunately now I also lost the back up external drive. I didn't think that could happen but my computer can no longer read the external USB hard drive.

I did try to substitute another hard drive and that is when I discovered Microsoft also tried to hold me up for ransom. They refused to validate the newly installed software until I paid them $199 USD which would have cost me $240 Cdn. According to them XP is a one time installation and yo upay a subscriber fee annually to be allowed to keep using it . Read th eEULA. Their position was the computer I had was not in the registered area and it was not the same computer since it had a new HDD. Don't ask me how they knew I had moved from the place I lived in when I bought the computer two years previously. So as far as they are concerened it was a second or new install and I had to pay.

Bottom line being; everyone demanded money from me I did not have. I live 40 miles from the nearest town. I had no money available to buy new replacement computer stuff or softweare and at the time I got the virus infection I only had one functional computer plus a box full of old obsolete computer parts. I had seveal 3GB HDD and one 10GB HDD. I tried to fix things with what I had on hand. I had to wait for my next pension check before I even had any money for fuel to be able to drive the 80 mile round trip into town. Up here we pay $5 per gallon for gas and more for diesel.

Hello elnav:

Sounds like you had a hard time, sorry.

But we can all mostly get round a problem when we need to!

Your knowledge certainly seems to come to the rescue here?

I too have had to wait before doing anything to my single computer with no spares, other than software. That's life I guess.

Perhaps the answer is to have two or three hdd big enough to at least take all of the OS or your saved files you want to keep. I have two. Only the main OS hdd has ever been attacked. You could then remove one or just leave it where it is and not use it, making one of the 'good' disks your default?

I do not have the thousands of dollars it would cost to recover the stuff on the disk. So it is not like I can through my computer out and buy another just like that, you know?

With ref' to safe mode, there is several ways of running in safe mode and it may have been in a particular mode that this person you mention was allowing the Trojan or virus to take over? Who knows?

I know that safe mode has helped me in a similar situation to yourself. Once or twice I have also had a 'blue screen of death' rise its ugly head. But persistence will out!

Take care, and thanks for the post, it all helps someone, right?

"Perhaps the answer is to have two or three hdd big enough to at least take all of the OS or your saved files you want to keep. I have two. Only the main OS hdd has ever been attacked. You could then remove one or just leave it where it is and not use it, making one of the 'good' disks your default?"

REPLY: Correct. That is my plan as money permits. Meanwhile I decided to make use of the old junked computers on hand. I also scrounged a couple destined to be tossed out by friends. These computers will be loaded with LINUX or maybe a dual boot. Windows Win 2K is no longer supported but works well. It is stable. Drivers can still be downloaded from websites like Drivers.com

The latest versions of LINUX are still free and comes with desk tops that are similar enough to Windows that a Windose user can learn without too much trouble. Mozilla provides internet browsers and email clients that are available in both windows and Linux format. With this you can download and Save antivirus tools and removal tools to help you recover from a virus attack. By saving to a USB thumb drive or other portable media you can transfer the tools to your infected machine and hopefully affect a repair or cure.

Best of all LINUX will run on slower machines with less memory capacity and smaller hard drives than is needed for Windows. So these junked or obsolete machines are usable with LINUX.

The one drawback to simply plugging in another hard drive lies in the fact Windows will percieve this as an illegal install and may not run. This was what I tried as a first response.

Hello elnav:

I may not be replying to your post in order, sorry.

Old computer are a goldmine, as long as you are prepared to take time and set them up properly. If you have two or three you can play around with OS on one, and keep your personal files on another, neither of which need go on-line, and any stuff you find on your 'good' computer you can save to the others. I am going to get other solid-state drives as soon as they are big enough and available. No moving parts which sounds like they will last a lot longer than hdd?

Mind, when you think of the work a hdd actually does in a day let alone a year, and people are still surprised they only last 8 years?.....Common get real folks, you know? That is the reason I planned mine with at least two hard drives. Can't recall how big but, I think one is 100gb and the other 200gb I have two partitions on each.

I must say, I do not really understand Terabyte hdd, or anything approaching that size. Can you imagine having a Terabyte hdd going down with say, the picture of all the Museums details, or the Families in the UK's photographs? It is alright saying you can have half a dozen virtual drives on one disk but, you have no drives if that one disk breaks down down............Which it will for sure. Especially sooner rather than later if you work them hard.

Hey thank for talking to me.......

Take care............

Back in the days of DOS I always ran dual drives. But today's software often do not allow you the luxury of defining exactly where you install a program or store some things. Click save and more often than not, the darn stuff goes to "My Documents" and if you move an application later, it will not start from a D:\ or E:\ drive; it has to be in C:\

I even had what was equivalent to a RAID controller, but strictly for 8 bit machines running DOS and it doesn't even come close to mating with the slots on modern computers boards. Plug-in boards then were 8" or 12" long. My experience with processor boards goes back to the first 6800 series Motorola chips that predated Apple. The Intel 8008 was considered a big step forward and when the 8080 came out WOW! We used to struggle to make a program fit in a 2708 Eprom with 2K of memory. My first three computers didn't even have hard drives. Then came Apple IIe and then came the PC revolution. Imagine having at least 64k or ROM and it included a hard drive. Never mind it was a 5.25 HD and weighed a ton. 5Mb was considered big. The drive was also 3" tall.

Only thing bigger was the removable media 12" drives you got on an IBM or DEC mini computers. 8" floppies was considered an upgrade. <grin>

Computer theft was something that required a moving van to carry the hardware and a 300 baud moden was good. 1200 baud was blindingly fast and the models cost a months wages if not more. Oh yeah; the times have changed!

Sadly ever since the advent of Win 95 I have fallen further and further behind the curve. Who has time to keep on top of all the changes on a daily basis unless you do it for a living. Even then, it's more than a full time job.

Hello elnav:

About drives........my first drive was 6Gb. I doubt you would fit Vista on it now?

I think the hdd as king is coming to an end. I have read of 100 and 200Gb of solid state now available. Of course they cost the earth but, give it a year and you will probably get one for under $100 ?

I find it hard to decide what to save stuff on, to archive, you know? Because the stuff which come out 5 years ago is no longer updated and so is not of use.

Good point! I have something like 835 floppy disks. I have two Colorado tape drives and a couple of dozen 120MB tape casettes. I have ZIP drives and a dozen cassetes for that. Not to mention a couple of hundred CD's. Never mind DVDs which by now are also obsolete. I bought a 4 port USB plug-in card which came with drivers on a 3" CD. If they become the norm, how will you play the older 5.25 CD and DVD.

Lomg term archieving is an issue that doesn't seem to get much attention these days.

There is a legal issue such as tax and business records. Suppose you do archive them but the media is no longer supported or even accesible by any contemporary methods. Are you requird to also preserve the hardware to read the media?

If not then what is the point?

Museums and government record libraries. How would they ever store and retrieve century old records? We all know that ordinary paper disintergrates from the sulphur retained from the manufacturing process. Supposedly archive grade linen paper is durable but where is the proof? Same thing with photographs. Micro fiche is better but will it be accessible 100 years from now. And finally what about the sheer volume of data we now generate on a daily basis? What to keep and what to discard?

Is a phone or email exchange relevant to the police ten years later. Might it be relevant in tracking the activity of someone who by chance contacts you? Like with our garbage, we will soon drown in data and the sheer quantity may well prevent us from making sense of it in a few decades. In which case it is on no use to anyone.

In one job I was responsible for converting all of our business records from the 8" floppies on a WANG word processor to the newer 5.25 floppy disks. It was a government contractual requirement. But where do you go now to read that data?

Magnetic media was never considered durable and stable for multi decade storage. We learned long ago that even studio quality magnetic tapes might not last for 20 years unless particular care and precautions were observed.

Hello elnav:

I know that Microsoft are going to or have already started to archive the British Library in London. I think it will be recorded on something a little safer than us mere mortals can use! And kept in the dark once it is online I guess? I would not have thought that kind of thing the correct thing to do anyway.

Regarding your remark on linen. My Fathers naval records are hand written on bleached white linen and it is at good today as it was when it was written in the 40's.

Take care,............

They way you got infected, by clicking on 'tracking #'s in emails. That should not have happened. I always know roughly what emails are before I open them and do not open any I do not know about or expect. If it was a proper email from someone they will find another way to contact you if it is important.

REPLY: "should not have happened" oh sure but it did! I also talked to an IT guy in CA who did exactly the same thing. He was lucky! He checked the company emails and saw an email from DHL supposedly with a tracking number. As soon as he clicked on it the system security alert went of. Fortunately he had the presence of mind to isolate that machine from the others. Like most small companies with XP machines they relied on a LAN, not a major dedicated server where every other computer is only a dumb terminal. Despite being the IT professional and having additional machines with which he could download som ehelp, it took him more than a day to eradicate the malware. Subsequently I have learned that the favored distribution method for this virus is using a fake message from FedEx, DHL, or UPS, not to mention faking an update from Yahoo. Who doesn't get parcel delivery from a courier company. I was expecting two important packages. FedEx has problems finding our place out in the country and has already lost two shipments in the past year. You bet I take tracking numbers seriously. The email looked perfectly legit, just like the legitimate emails I had previously received from FedEx.

These days it seems many companies and people include a validation or security signature with their emails and these show as an attachment in my email preview pane. I get roughly 100- 200 emails per day. About half of these have such attachments. Which is why I rely on email scanners to cach virus and malware.

Courier companies do not send repeat notices of tracking numbers. They only send one! Given their past record of lost parcels no way am I going to just wait and see if it arrives. Not when the parcel is a vital money check that I really need ASAP.

Hello elnav:

I did not mean to criticize you in any way when I said "should not have happened".

And I do understand they way things are as anyone has always got 'something in the post' these days. We or more correctly I get just about all of my stuff on the web. And there is certainly times when I may not be concentrating and I think that happened when I clicked an attachment which led to 'disaster! That is what it felt like at the time. I needed my computer for personal reasons of email and such, and the one time I most want it I can't use it! Aint it always the way?

Still, as with me, it was a learning thing in the end..........I have had a few of them 'learning periods' of late. Don't want any more for a while thank you!

Emails are one area which I have asked friend's to put certain things on the subject line, otherwise they do not get opened. I will open just the Company emails I expect, like the one telling me my tracking order number today. I had asked for it so all was cool.

Unfortunately, fake links on a lawful site are really impossible to see, before it is too late

I get about 170 mails per day during the week, but virtually nothing at the week-end, other than CR4 stuff.........Secod thoughts, I will just live at the week-end, problem solved..........Well perhaps not then!

I hope you have no problems at the moment?

Take care

I do not have any problems at the moment. Howver, both the ISP that I use have recently had "issues" and I suspect, judging from their evasive reponses to my questions as to why service failed, that they may have suffered malware attacks of their own.

Waiting till the week-end won't change anything since all your emails from the week are stored on a server until you access the emails. And if you wait till the week-end then the total download is one huge chunk. Now you have a lot more work in one session. Whether you use webmail or direct download doesn't really matter. You still have to look at subject line and delete as required. I find webmail slower for processing large volume of emails.

I think there may be a slight advantage to reading webmail, in terms of protective filtering and scanning but only if your particular ISP employ good email filters. Some do not. Some claim to do, but rely on inadequate software. Who knows?

Hello elnav:

We will have to stop meeting like this!

Wish had not told me about why I should not wait for the weekend, I was looking forward to a rest...! Only joking of course.

I actually get around 350/420 email daily. I have three web mails and the Microsoft.

Problem is with ISP's, you join one because it is caring and answers the telephones! Then after a year they get taken over by one of the 'big boys? There was a time when it was hard to any answers because BT, UK's largest phone company, and any land based ISP would blame each other for slow line or breakdowns. The small ISP's run their signals down BT cables, and it is awguable sometimes about who is at fault. It is hardlt an issue now that we have reasonable speed.

And it the UK at least any ISP who does not listen to advice from OFCOM, who deals with complaints, are in trouble. There is so much competion out there who wants to stay with an ISP which keeps breaking down or just does not work for you.

I've successfully used clamwin on everything from Server 2003 to XP Pro RC3. It's the energizer bunny.

The only problem with Spyware Terminator is that it is over zealous. Anything not written to HTTPS (pay attention to that last "S") will bring up a screen that will tell you, in detail, all the pop-ups, spyware, malware, on a given site, including, believe it or not, The New York Times, The Washington Post, Huffington, and the Jerusalem Post, and you will have to keep hitting the "Allow" button.

If you are a complete "newbe" then use it, other wise it just slows me down too much.

Keep in mind, I do 4 different virus scans and a back up every night.

Good luck, BB. Keep us posted.

/Ari (Orpheuse)

is

Hello Orpheuse:

thanks for the details. I would not use Spyware Terminator just because it seems to bring up window at every turn.

I will look at CLAMWIN though. And I am not a newbie, I just forget how to do stuff now and then.

Take care.............

For Spyware I use Spybot which is freeware. It works for me.

Hello Bondy111:

yes Spybot is a good tool for sure! However, I had Spybot and Ad-Aware, but had to get rid of Spybot as having those two particular anti spyware apps, they were fighting all the time. I would say just use the one, and if that does not find what the problem is, temporally un-install it and download another.

Take care...............

Wow, after reading this thread I feel worried about my imminent purchase of a new computer. I had planned to buy a Windows machine (because they cost less), but now I think I might be safer with the Mac OS. I would appreciate hearing any informed advice about this. I guess that there's also LINUX, but how well can it emulate Windows? Or are good LINUX versions of WORD and EXCEL already available?

Look at UBUNTU Ver 8.04 just released. KUBUNTU also looks good and some say runs better (faster) I now have copies of both. Both now have a desk top that makes it easier for WinXP users to get acquainted. UBUNTU comes with Open Office included in the live CD so transitioning is even easier than before. Be warned there is a learning cuve involved.

I finally did end up getting a new (to me) Windows box because I use AutoCAD for my work. But with several infected but otherwise working older machines on hand I decided to give LINUX a try. Wipe the drive and reload with Linux in your choice of flavor. LINUX is comfortable with slower and smaller machines (memory and drives) compared to the code bloated windows XP. The Live CD does have an emulator which allows you to test drive before installing it.

My long term plan is to migrate away from Windows. It pisses me off that I had to buy a new copy of XP. I already paid for it once. Now M$ say I only rented it for a while, repayment of annual licemce fee is now mandatory. And if you attempt to reload your existing XP you may find it impossible unless you validate. That is how they get you. No validation no updates. Because I had changed the HD and upgraded memory M$ said I was trying to instal lXP into a "different" machine. they refused to validate and demanded payment for another copy. Many new virus packages will not load into a non validated XP machine. I obtained a legal, paid for copy of Trend Micro and it would not load. While trying to download a copy of FREE AVG I picked up nine virus in 2.5 minutes of being online. Two of them could not be erased or nullified by AVG Free edition. No way was I going to do a finacial transaction online to buy a "professional" grade software with a keylogger lurking in the back ground.

Swengali wrote: I guess that there's also LINUX, but how well can it emulate Windows? Or are good LINUX versions of WORD and EXCEL already available?

Check out on-line discussion forums on the subject of OPEN OFFICE to see for yourself. My copy of UBUNTU has a copy included. and you can also get even better packages from Red Hat. Although these cost something it is nowhere as much as M$ charges. If you are upgrading will you keep the old machine? If so; it is a perfect candidate for a LINUX trial. You can even set it up as a dual boot machine.

Thanks for the info. I am buying a new laptop. My brother, a programmer, has encouraged me to switch to the LINUX OS, and I am willing to do so if I can still run WORD & EXCEL, as well as emulate Windows for running other more specialized software not available as LINUX versions.

I've heard that LINUX is much safer than the Windows OS. Correct? But why shouldn't I just get a Mac that can also emulate Windows? Isn't a Mac much more resistant to viruses & worms than a PC?

Mac has switched to the Intel chip set which is why MAC can now emulate Windoze but that is also a vulnerability. Mac now has more in common with widoze.

Although virus are far less common for MAC, the growing popularity of MAC is also an enticement for virus and trojan software writers to make code to attack them.

These days random vandalism is passe. Most malware is now better described as extortionware intended to scam you out of your money or exploit your computer to spew out spam without being caught and blocked. Its the victim that ges nailed by the spam cops not the original perpetrator. More subtle malware uses keyloggers to record financial data and account numbers, pass words etc.

Someday if LINUX also becomes the target for virus and malware, we will have to find yet another solution. Unless of course we have caught all the malware virus program writers and broken their fingers.

Swengali wrote: I've heard that LINUX is much safer than the Windows OS. Correct? But why shouldn't I just get a Mac that can also emulate Windows? Isn't a Mac much more resistant to viruses & worms than a PC?

Nothing is immune to malware if the code is specific to that OS. LINUX is considered safer these days because so few people are using it compared to M$ Windoze. the return to malware writers is low compared to targeting M$ machines. In addition , at this time Linux is more likely to be used by knowledgable users who may be better equipped to cope wit hvirus attack. Perhaps some knowledgable programmers can comment and expand on this. Is there an inherent immunity to a virus targeting Linux?

As to MAC versus Linux, cost is the big difference. MAC cost $$$ but Linux is open source and you can get usable programs for much lower cost. Many of them are free.

Thanks elnav for lots of enlightening advice. My brother the programmer agrees with everything you've said, including recommending Ubuntu. I'm seriously consider going for a LINUX box. My 2nd choice would be a Mac, although these are much more expensive as you mentioned.

At this time I have one WindowsXP machine with an AMD 2.1 Ghz chip and 1/2 gig of RAM. Its a three year old machine. For the UBUNTU LINUX I am using a five year old eMachine that has an INTEL Celeron and 256MB of RAM. The hard drive is 60GB. A friend gave it to me because he planned to junk it. But he had already loaded LINUX. Neither machine is state of th eart.

I decided to upgrade to the latest UBUNTU because I found free CD at a computer store I visited.

I had also donwloaded an ISO image of KUBUNTU which is a slightly different variant of LINUX. Note the difference in spelling. KUBUNTU loaded and ran on an old Pentium III with a 6GB hard drive and 512 MB of RAM. (slow RAM I might add)

As you can see LINUX will run well on an older machine that would choke XP. Best of all, you can probably find such older machines at the dump, a second hand store or at garage sales for only a few bucks or maybe for free.

Be advised all of the LINUX ISO images that yo ucan download for free coms to about 690MB - 700 MB and required a high speed connection for a reliable download.

Or else you get it from a computer store like I did.

Both versions of LINUX that I have tried, have a desk top and they run a web browser that is similar enough to Windows that you will feel comfortable. You can choose to download Mozilla as an email client (Thunderbird) and a web browser (Firefox). Both of these programs are also available for Windows if you wish to try them out in XP as a get acquainted try out. Yes there is a learning curve but given LINUX is immune to Windows targeting virus; it makes the effort worth while.

You type in the URL in the command line and once you get to a website, it looks the same as with Windows. Unfortunately a few websites will not display except in Windows Explorer. (Probably more prone to have M$ virus lurking)

Purchase Norton Internet Security. I have'nt had a virus or anyspyware for 2 years with NIS. The free programs are always hacked because everyone is using them

Hope that makes you feel a little bit more secure about purchasing a CPU.

Steve

Hate to say it but that is what I was running when Antivirus XP 2008 blew right thru it and shut down the firewall. Later on I heard similar reports to the effect that Norton never even detected this variant when it first appeared. And Norton was one of the few sites they didn't even bother to immitate. They already knew they coul defeat any new udates.

Not surprising given that Norton is one of th ebig names. Like Microsoft, norton gets targeted more often simply because it is a leader.

Hello elnav:

Yes, I also used Norton until three years ago, when I found my computer had reach a 'crawl'. I tried another @kaspersky, and it found two Trojans and I am guessing but, think it was 30 odd viruses?

It would take a lot to get me to use that Norton again.

Take care

Both Kasperkey and NOD32 received high praise in Europe Both apparently outperformed Norton in some tests conducted by the editors of a German magazine. I did note that Kasperkey is Russian in origin so maybe that is why they are more sucessful in dealing with the virus spawned from Russian rogue programmers.

Hello elnav:

The kerspasky I had for about two and a half years. Until it stopped seeing major Trojans. Which caused me to be of-line for almost three weeks. Every anti virus has its day and all will fail when a brand new and virulent bug comes out.

The new Kaspersky, now about a year after I stopped using it may be fine. I think it also depends on the apps you have and the way each is configured as to whether a virus can seemingly run havoc on one machine but, may not be nearly so serious on another?

I this the Russians are good at riding people who do this stuff, because they go in all guns blazing kind of thing. For two people they want, there may be a dozen or more Police rush them. They are caught off guard.

Baby bear wrote: I think it also depends on the apps you have and the way each is configured as to whether a virus can seemingly run havoc on one machine but, may not be nearly so serious on another?

REPLY: I would disagree on that point. The first defense is your firewall. Virus and malware then target your O/S not individual apps. Neither is dependent on whether you are running specifc apps at the moment. Only after they have already overcome your defenses will the malware attack specific apps like your web browser or email clinet. The hardest to remove malware nest in your disk partition sectors, or master boot record or some other place that is critical to running your computer operating system. Only after they have done that, will it replicate itself and place duplicate copies of itself in individual app folders.

I have to agree, when I realized what had happened I killed it in task manager ( I keep it running so I can see how things work and what hogs resources).

HP would not let me remove the file even from the command line. It stated contact my admin you don't have authority to uninstall this program. I was in the admin account.

I turn off the machine to have time to plan.

At start up HP's safe mode had to do it's thing before I could get the task manager in show all mode. Killed it again down loaded Spyware doctor,Threatfire after contacting McAfee and getting a root kit Trojan remover.

Booted in command line safe mode and killed the Trojan. Took out 32 viruses and 7 Trojans after that.

Tried to patch up my fragged files but I was done.

Moved all my files I wanted to save to my external drive and reformatted and rebuilt.

From our small data set I think it uses various apps to attack the OS. Uses the OS's Programs svchost system to spread and embed itself. As the new OS master it downloads or opens a nasty can of parisites that do the same. Game over.

Brad

Hi UV

Assuming we are in fact talking about the same version of malware, I first noticed it when I saw the bogus warning superimposed on the screen. Apparently this is also what most other people see. The so called warning screen is a bit map and is imposed on top of the normal desk top or other screen display. But I suspect that long before this materializes the virus kernel first kills the fire wall with a command. Next, it calls home to go ahead with a larger download. This download goes undetected since the fier wall is turned off. This larger set of files do not do anything, hence will not attract attention of any resident virus detector. Another part of the download would be an executable file that is not activated until the next boot up.

Maybe it gets installed in the startup menu. It probably would not be difficult to supress any message regarding need to reboot to launch this program.

When you next boot up the machine does its normal thing. Checks for updates etc. This may be another opportunity for a download of aditional malware. Except for displaying the bitmap warning message, nothing nasty happens. Even heuristic analysis would not see this as malignant. Not until you click on the X or the Cancel button does something get activated. But it's already too late!

By clicking on any of the butons you have initiated the virus program.

Fire wall is already shut off and the prepared counter measures to Norton and other virus checkers are initiated during boot up and updates.

If you are gullible enough to try and pay for a solution, the key logger records your account number, pin number and fiscal details. Even if they only deducted the stated amount they now have your financial details for later use.

Since you have allowed and are expecting a download, they let you have it.

If you clicked on the X to close the window the malware initiates aggression #1 and takes over IE and slow down Outlook Express or Outlook whichever you are using.

I was using Thunderbird. Evidently the malware did not twig on to that at first. However it subsequently did interfer and slowed down email transfers.

Firefox was not inhibited but IE got nothing but Error 404 site not found messages.

Fierfox kept getting redirected to bogus websites that looked like the real thing but now demanded a fee for what should be a free download. I tried about a dozen I could think of off the top of my head. Every time I shut down and rebooted, the malware became more aggressive. I recieved a note from CNET with instructions on how to deal with it. That note said not to use safe mode since that supposedly triggered something worse. Now I wonder where that advice came from.

I found and tried to delete named files beginnng with three letter and was told the file names morphed so go by the first three letters. A search for xxx*.* yielded lots of hits. I also got the message that I was not allowed to delete this and to ask my administrator. And I was in Admin mode already .

When I tried to back up files to my external drive I must have picked up infected files because the virus emerged again on another compute when I tried to read my "saved" files.

Many infected files were suddenly locked and some became hidden read only files. None could be found and deleted.

A friend emailed me some AVG files when my internet browser could not make a connection. That scan found many more infections but was unable to remove all of them. Using task manager I tried to hunt down the specific culprit. All that got me was a sucession of forced shut downs and subsequent reboots. Naturally this only served to regenerate the malware from the kernel which I was unable to find and destroy. Eventually the drive became unbootable. At that point I decided to reload XP on an old blank drive and start over. And so it went. Two computers and six drives infected.

I actually caught it before the bitmap desktop, the codex didn't act right. If I had built the system I think (don't know) I could have stopped it.

I think by the time I downloaded the codex I was already infected with a file that disabled the codex (if the video was real), if not redirected the down load to the malware. I'm sure it is the same malware, just another flavor.

I shut down my external drive before I restarted and did not resume using it until my system was clean and could kill the remnants. By then my OS and programs were toast. Semi stable in safe mode but my registry had 147 ? bad links.

Then I checked the external drive and moved my data to it. checked it again and shut it back down until I had rebuild/reloaded my systems software from scratch.

Still not happy. 10 years ago they would be toast. I have not the skills, resources, or systems now. To much has changed and I'm out of date. I still managed to track them some but without the right tools I can't tell how accurate it was. I'll wait and watch. I may just be able to return the favor someday.

Brad

Sounds like you have above average knowledge of computers. In a previous message you recommended Threatfire. Any comments about co -habitation ability with other programws like AVG, Spybot, NOD32, or whatever?

Threatfire seems to cohabitate well. PC tools markets it on its ability to augment other security software. I've only ran it with McAfee, Spyware Doctor (PC tools), and Apps. It is not 64 bit yet so My system can't use it.

Above average knowledge 10 years ago, I was 2 years ahead of the public. Not a lot of use for a computer in the Ariz. desert, I did take some hardware courses in 2001-2 but I've only been actively learning/relearning for the past year and a half. So I understand their function better than most but have a ways to go to be totally current.

Frankly I don't see the improvement there should be. A lot of whistles and bells but not much ability for a 20 fold speed improvement.

UV wrote:

Frankly I don't see the improvement there should be. A lot of whistles and bells but not much ability for a 20 fold speed improvement.

REPLY: Of course not. M$ is now into marketing, not original R&D for product development. The general public doesn't need leading edge technology for the usual applications they like, family email, photos, and entertainment. But to keep gulling them; M$ has to keep presenting additonal bells and whistles at least twice a year. Just like cosmetic changes to cars. That sells and makes profits.

Meanwhile they are not dealing with better security in any substantial way. At least not to the extent they should be. Otherwise why does M$ have such gaping holes in their O/S security that virus programs continue to exploit. Code bloat guarantees there is too much territory to cover. That is the crux of the problem we all face.

It remains to be seen if Mac or Linus are much improved over Windoze in terms of security. So far it has not been profitable enough for the virus programmers to bother with. If a substantial portion of the population shifts to either or both; then what?

...it has not been profitable enough for the virus programmers to bother with.

I guess that is the part I don't understand, What profit? If they are Anti - M$ then build their own OS and put MS out of business.

I had a lot of time to think out in the desert working. I've designed processors and all types of stuff.

If a dozen hackers (the benefit of the doubt) created a tight machine code OS and then started Cracking apps to run on it. Then sell the cracked programs back to the apps owner cheap so others can run it on your OS. (hey its no more un ethical than Intel and MS have done) Obviously they have the ability.

Brad

The profit lies in theft of identity and scams to get gullible people to pay for useless virus removal software. It used to be malware simply mined data like email addresses. Such lists can be sold to advertisers and polling companies that do market studies for corporate clients.

These days they look for financial data if you do online banking. Account data like access codes and PIN numbers can be a gold mine. I saw one article that reported the police estimated the amount of computer theft amounted to $50 million CDN in Vancouver alone. Steal $10 from every account in a bank and see what you get. Even numbers with only one or two digits may be ascribed to an accounting or computer glitch. Only after a pattern develops would alarms go off. Odd numbers with both dollars and cents are easier to track and identify. Remember the movie Cool millions with Peter Ustinov?

You wrote: I guess that is the part I don't understand, What profit? If they are Anti - M$ then build their own OS and put MS out of business.

LINUX is exactly that. Right now it seems to be supported mainly by people who would love to see M$ monopoly broken. Right now its a trickle, but every time someone gets hit severely by malware servesto encourage more people to switch. Right now I am communicating with a LINUX based computer that was destined for the dump. The software is free. and the computer screen is yet another piece of hardware salvaged from the dump.

I am not yet fully up to speed because I am still in the early stages of the learning curve. UBUNTU which is the version I am using comes with a desk top and several apps included.

One of the Apps is Firefox. It's an internet browser. There is also a neat set of games and many accessories not to mention a word processor ,a spread sheet and a photo graphic program.

It may not be exactly equal to M$ at the moment but looks like it soon will be. I'm sold on it.

Until such time the hackers spend the time to write code to infiltrate Linux I feel more secure.

Hello elnav:

sorry, I did kind of get things a little confused.

What I meant to say was:

The NEW Trojan or virus would need to have got past the firewall to make the attack in the first place. And from there it can choose to screw up your browser, email, or video apps. In fact anything as far as I can see. Because your machine does not 'know' there is anything wrong. It can screw up the root files also. Until things start to freeze. But up to then the UNKNOWN and NEW virus is treated like any other bit of script.

The better anti virus software uses heuristic analysis and scans continuously. This can be a nuisance since it also flags routine activity as potential virus activity. Anything that tried to access your root files or change system OS files etc would be flagged. You may have to first disable such programs when you install a new application. Another safeguard is the automatic signature analysis scans. each file is scanned and assigned a unique checksum. If for any reason a virus tries to hide inside such a file the check sum changes and this is now flagged.

I am just now installing Threatfire on my WinXP machine since it apparently is a friendly cohabiter with other antivirus software. Looks like another trip to the recycle shed at the dump is called for.

Yesterday I picked up a 17" ViewSonic monitor there. I still need a decent keyboard a mouse and a DVD drive. Maybe I will get lucky. The last computer I picked up there had a good CD read write drive and it had been upgraded to XP. However it was painfully slow with a 300 Mhz CPU. The power supply was used to patch one other salvaged computer and the RAM chips boosted a 256 MB to 512 MB in another computer. Ever since BC instituted a recycling fee on computers going into land fil sites the recycling sheds have seen an increase in electronics You don't pay to leave a computer in a recycling depot. Suspecting the computer might have been infected I wiped the drive before using it in another salvaged machine.

This Virus started as a Vista codex update. From what I could tell the video is a fake that needs an unavailable codex. I tracked the origin to Russia maybe Bosnia before my system was to unstable to run well.

HP's, don't let the stupid user fix their own problems, system policies cost me my computer.

One software I would also recommend is ThreatFire http://www.threatfire.com/download/ Even Microsoft can't fart without asking permission. The bad news is it does not come in 64 bit yet. They are working to release a beta last I heard.

Brad

Hello U V:

As far as I can see this problem started off small like everything else. The villains, because that is what they are, realised pretty quickly the strategy of pretending to help is always going to be a winner as everyone is looking to solve a 'problem' of some sort all the time.

Things happen very quickly on the web, but, it has to be a whole lot of people from all over, making web pages, which have some real phone numbers and contacts, needed for the scam. All this takes a huge amount to set up and, to maintain, apart from the money made from credit card fraud etc, which all has to be laundered, right?

Perhaps the only way is for Governments to wake up, realise how big the problem is and, start advertising to say just how easily it 'could happen to you'! There is already stuff in computer

Mags but how many people get computer Mags all the time? .......NOT MANY!

Maybe a few Million out of what, over 2 billion users now?

I think it should be publicised in a real funky way, like they do with pick pocket and stuff. Asking the ISP or anyone to send out emails or letters........who is going to read them? I know I wouldn't. As soon as I saw the name of an ISP it would go straight in the bin.

This site may be seen by a few thousand at most. But if there was concerted effort from all the Legal help sites to all sing from the same page it would reach a lot more, then more, then, someone thinks, hey, what's going on that happened to my Mum, my Aunty, My Cousin......last week!

Maybe what it needs is a partition. You can start that right now by starting a blog or asking a question right now. Like the one which called for XP to be kept. That sort of thing.

Why not start one or thing a spin-line over the next few days?

Take care.........

Good luck, you will have my support!

Hello babybear,

I don't think the government is a big fan of the Internet. More negative points than positive in their book. Knowledge is power and for those that can discern it is a powerful tool.

A case in point: All public law is copyrighted. But how can you legally copyright public documents? You can't. Many private individuals are becoming proficient in the law and the colorful courts are feeling the pressure. All US Supreme court cases are now free on the net. Expect the rest to be soon.

I still think MS, HP, McAfee or PC Tools should have sent me a warning. I would have posted it here.

Brad

UV wrote:

I still think MS, HP, McAfee or PC Tools should have sent me a warning. I would have posted it here.

REPLY

Maybe they are prohibited from making a public announcement by the same people who fear a general panic movement by the public. Civil authorities are always reluctant to issue news that would cause mass panic. Military authorities have always tried to maintain complete secrecy on anything to do with them.

Can you imagine the wave of panic that would ensue if a creditable authority was to say so and so is funding a mass attack on America's computer network.

I know someone who works for HP. When vista first came out they suddenly noticed a high volume of traffic related to computers using HP and going to an unknown destination. When they queried management about this, thinking it was security related they were told in no uncertain terms to drop the subject and not to bother even tracking it. Hmm!

A couple of months later a police department arrested an international child porn ring. One constable was overheard to say it was thanks to vista that they were able to track thes people. Then the story quietly vanished and all traces of news media quotes also disappeared. Hmmm?

What else is vista doing and how closely is the internet being monitored?

UV wrote:

it has to be a whole lot of people from all over, making web pages, which have some real phone numbers and contacts, needed for the scam. All this takes a huge amount to set up and, to maintain, apart from the money made from credit card fraud etc, which all has to be laundered, right?

REPLY: Not really. A screen capture of every anti virus protection company website will suffice to give them the template. How much do you think it took to prepare for 9/11. And if you check some of the fraudulent websites you will see that some of the payments go to places like Panama or other countries which has no extradition reciprosity. Laundering? No problem. check out Grand Cayman Island. There are many tax free or tax sheltered banking services around the world. Pay enough money and you will find lots of governments will offer a blind eye as long as their own country laws are not violated inside their borders.

Hello elnav:

You are pretty much correct of course. Once a program is made it can be easily altered. I think my brain is going to sleep now. And I think I will soon!

Bye........

Actually I don't think I did write

But what I was looking at was the timing and diversity using the same system many ways. Codex, Java script, tracking number, Specific types of links.

All different ways of presenting the same root kit virus down loader.

Like 9-11 don't be surprised if the gov.s have a ready fix not in your best interest

Maybe I shouldn't give them the idea

Brad

Maybe I shouldn't give them the idea

Sheeee! hush!

Brad (UV) wrote: One software I would also recommend is ThreatFire http://www.threatfire.com/download/ Even Microsoft can't fart without asking permission.

REPLY

Brad, I tried that product but now ThreatFire will not even let my computer start. Nor do I get any sort of window in which I can select options. How do I selectively stop Threatfire from working as a test.

Right now I can't get past the initial start from the desk top. Any attempt to manually start a program simply leaves the computer stalled for hours. And one of the protection programs has flagged my HP printer program as being a virus. It can't be, since the computer has not been online. And the enabled virus protection keeps saying the mahcine is clean. I can't even get started in SAFE mode. What key do I push during boot up to get SAFE mode going? None seem to work at this time.

Hello elnav:

It can't be, since the computer has not been online.

I know this post was not to me, but if can 'poke my helping nose' in here?

I am not saying you have a virus. (Though it sounds likely). You do not need to be on-line to pick up a virus. This can be loaded from any software you may have entered via CD or DVD.

Did you download anything at all, on auto download and, this includes any Microsoft updates and anti virus updates. Not necessarily full apps.

As well as that, if your affected computer is connected in any way to a line that can get you on-line, even if you have not gone on-line, a bug could still get through. If this machine is connected but is not 'on-line' remove the connection and try and go into safe mode and sort things out there.

Good luck.........

Hi Babybear, last time I looked power OFF means off line. I have switched to mostly using my LINUX box mainly to add one more barrier or layer of protection, but also to get as much familiarity with the new to me system. Unfortunately I must keep the Windoes box for my CAD program.

I had installed Threatfire which was a recommnedation by a forum contributor. Other than that nada. No CD no DVD or other installs and with no power on, no activity. All three scanners reported zero virus activity or presence in the new computer. After all it has only been here a week. Most of which time it was never turned on.

I eventually uncovered some of the problem. Because the computer had been off line for five days the dang'ed Windows Defender software insisted on going online to get updates. Because I had DISCONNECTED THE WIRE to the router, it locked up the computer while idioticcally trying in vain to connect. A little message saying your link is disconnected [Work offline] yes / no might have solved a lot of problems. Secondly; the multiple protections of NOD32, AVG and Threatfire, were all busy trying to get updates and scanning for virus that the normal windows start update etc locked up. The 3 finger salute didn't even work. I eventually did get Safe mode to work. Uninstalled all virus checkers/ scanners etc. Now it starts once more. BUT OOOHH SO SLOOOOOW! I have become accustomed to the much faster Linux running on a much slower machine.

And all that just so I could copy out a file to my USB thumb drive for transfer to the Linux box for atachment to an email. Sheeesh! So much for ThreatFire playing nice. It just made sure nobody could play.

The most iritating aspect of windows XP is that if you do not plug it into the internet the dang'ed computer either takes forever or else a very long time just to boot up. How do laptops differ? They do boot up even if not connected to the internet.

Hello elnav:

I understand why you want that extra barrier to infection. And if the machine with Linux is seen as your default, it is very unlikely you will get any attacks. (Famous last words!)

This may or may not be relevant................in OE I have right clicked the Toolbar at the top of the screen and, loaded an 'off-line' button. If you are working in the Linux screen I should think you would have a similar option?

I also go direct to my inbox when I turn my computer on. If the 'off-line' icon on the toolbar is highlighted, I have no connection at that moment. If it is not highlighted and looks like all the other toolbar buttons, then I am on-line.

Having said that, you say you downloaded?..........this software? So you must have gone on-line. Why did you not want to update Microsoft? Or why were you not connected to the internet? Were you still busy configuring stuff?

From here lets get things in order OK.

If you have anti virus, and or any kind of protection, you must configure them NOT to all start when the computer does. They will fight each other and you will get a crash. If they have a 'short check' type of virus checker that lasts just a few minutes. And you have Windows Defender as your default. You can either start each by hand or configure your other protection apps to start after Defender has finished, but, start each one by one whether turning on by hand or configured. Only run one at a time. Get them to start say, ten minutes apart. Or run the first lot and see how long each takes to finish checking and configure the next one to start are you are sure the previous one has stopped. Sorry for talking so basically there.

Sorry, I went to make a coffee and got carried away doing Mangos! MMMMMM, luvaley!

How do laptops differ?

With Laptops you have to make sure you have the thing configured to, either not connect the next times you go on-line or are due to go on-line, like are an antivirus check. Or manually disconnect your Network Connections. Things may be different now as I had a laptop in 2000.

But, after all your effort you seem to have sorted things out. You say it is going slow?

It is almost certain that the mix of programs trying to launch and get on-line and get updates all at the same time, may have been the cause for any problems, rather than the Threatfire?

Do you have too much on there to stop you reinstalling whatever OS you are using. It is more than likely that some file may have been corrupted by the several programs trying to got onto the internet and get updates all at the same time. So it is a week lost? Better that, than it starts crashing every day and you have to unload any/all your personal files. And, doing it now, the routine should be fresh in your mind and it will take a lot less time..............It makes this course even more obvious if you have a spare machine to use anyway?

I would double check any routers configurations just in case, and take everything off the new machine, reformat your HDD, and start again. Before doing this. When the computer is off. Start timing it as you turn it on, and write it down. When it has started launch explorer and time that to see how long it takes. Do the same with your email.

When you completely reinstall you can check these times. If they are substantially quicker afterwards, then there almost certainly was some kind of corruption. If they are the same, then perhaps you should fit a faster CPU?

Keep in touch

BB I must have misled you. This is a NEW machine. the dealer loaded the O/S and nothing else.

When I got it I first installed NOD32 which I bought at the computer store. Then I installed the new Router which also includes a fire wall. Then and only then did I open a connection in order for the NOD32 to complete the install and get the updates issued since Aug 07 when that CD was burned. I reinstalled AutoCAD (off line) from a CD. With NOD32 and the router fire wall in place I felt it safe to go online and then also upload AVG and then Threadfire. During the install there was no message or setup screen giving me an option as to when the updates should take place upon start up. I know Windows Defender does. I assumed the others did as well. In any case uninstalling Threadfire did solve the problem.

As for wiping the drive and redoing the install. WHY? This is a brand new install on a new computer done by the dealer. I only added AutoCad and the virus protection both initially from a safe CD.

Because I happen to get the LINUX CD at the same time I never bothered to use the Windows computer online or even turn it on most of the time. I just cheked it out as being functional after delivery.

Hello elnav:

I suggested the reinstall because you said you had problems and the machine was working slowly. That's all.

I had a big problem with viruses about six months ago. And found safe mode and the various set up and ways of working there helped a lot. I was waiting 20 seconds for a page to open. It is virtually instant now.

Take car, and I am pleased you are back to a brand new machine!

Hey elnav,

...the dang'ed Windows Defender software insisted on going online to get updates.

A word of caution, get rid of the defender. Not because it is that bad of a product but because it is the largest target. Every Hacker, Cracker, and government/group backed trouble makers will be gunning for it. The Malware that took out my system got at least two MS employee computers who used MS for their ISP.

Just my opinion.

Brad

Hey Brad,

Good point! I had heard that Windows was its own worst enemy and their security system was full of holes. The sooner I can totally get rid of M$ and Windoze the better. As you say; "Every Hacker, Cracker, and government/group backed trouble makers will be gunning for it". It just makes good sense to remove myself from the firing line. Why ask to become a collateral damage statistic?

regards

Elnav

Hello elnav,

Sorry I've been on vacation(?). Had a very sick relative in the hospital who was finally able to realize he even had company.

A few questions about the ThreatFire issue. Did you contact PC Tools? They will need to know there is a problem.

Are you running any uncommon hardware or software?

Are you running multi processors or just a single?

ThreatFire does start right away or your system can be attacked at boot up while many programs are still loading. I'm sure your LAN and e-mail came with no delay to connect after boot up.

It is a beta that I used for several months on my laptop. I have not heard of this issue and if you want I will get involved with PC Tools to help you get it fixed or un installed. I haven't read to the end of these postings to see if it is resolved yet.

My SWAG is ThreatFire is conflicting with another program, routine, or malware that also insists on being first at startup. A traffic jam of the IPL.

Brad

Hello Brad,

No I did not contact PCTools. The only way I could unlock my computer was to use SAFE mode and remove Threatfire. Thereupon my computer resumed working normally. Problem solved and good riddance. Maybe if I was assured the problem was truly solved and if I had the Windows box connected to the inernet ful time, it would be a different matter. I found the help feature somewhat less than lucid and user friendly.

Apart from running Windows XP Professional and Office suite I have a HP G85 printer office center machine. Nothing else. Its a single processor 2.0 Mhz AMD with 1 gig of RAM.

NOD32 also starts up as soon as computer boots. Since I am no longer leaving the Windows box online, I have less of a security problem. All incoming emails and downloads are now filtered by a LINUX machine. I only need the windows computer to run AutoCAD.

File transfer between the two computers is done with a USB thumb drive. That should also minimize infections by direct means.

Thanks

Elnav

Hello elnav:

Just reading posts on this thread. Well done and I am pleased all turned out OK.

I can't think of anything much worse than a week old computer getting taken down with an infection that, stops it from working? Lucky (in a way) you had the second one to perhaps help you solve and test on?

Take care.................

If I'm understanding these issues correctly this is not a small attack by a few people. A venerability was found and systematic long term attack is under way. That is not the work of a small group or a money scam. What is an issue is none of the Internet security groups have said a word. Three different Companies should have notified me as a customer.

Is the attack: by a group from the start; a group that found someone's attack that worked; or lots of independents going after the establishment and we are just collateral damage?

Brad

Probably a group that found someone's attack that worked and then they set about to refine and expand on the original idea. A long time ago I picked up a book on Artificial Intelligence (AI) and after reading about the program examples enclosed on a disk I realized they were in effect talking about a virus. This dates back to the mid '80's. The description of Artificial Intelligence was something that could replicate itself, recognize its environment and modify it to suit and direct activity to some purpose.

Replication is one of the earliest forms of what we now call a virus. The concept had its origin in computer labs where hot shot programmers played practical jokes and pranks on each other. Does anyone remember PACMAN; the little round blob that gobbled up everything in its path. An early version of a relatively harmless virus was a pacman that "ate" up your screen content , leaving you with a blank screen.

It only took one keystroke (I think ESC) to stop the prank and restore the content. Then it started getting malicious and forced you to reboot. I remember the late 80's when we saw the first of the variants from bored Russian programmers trying to hack American secure computer sites. Long before Win 95 came along we saw lots of virus propagating by way of floopy disk from schools and educational networks.

Recognizing its environment. Virus and Malware also does that.

Initiate activity to accomplish a specific goal. Yep.

If it isn't key logging ,it browses your email contact list to harvest addresses.

These can be sold for money; and as we have seen lately, the virus learns from your actions and then reacts to it and may even take proactive steps to block your next move. AI chess programs have beee around for a long time. Simply apply it to a different set of rules. For that matter look at what the military uses for war game practice.

There is plenty of material and knowledge bases available in the public domain. As for funding such an effort. Easy!! How much does it cost to keep a dozen computer nerds in pizza and beer, while stroking their egos?

Since Windows became so popular and people started on-line banking, we have seen a proliferation of scams and outright identity thefts aimed at pilfering people's accounts. Several scams that were busted by Canadian police were in fact run by Russian mafia after the Berlin wall came down. Where I used to live near Toronto it was not uncommon to find victims of gangland style killings. Several of them were associated with Russian mafia according to the media reports. I only mention this because we are now seeing a lot of what apparently is Russian sourced computer hacking and fraud. How many of these Russian trained computer nerds are also muslim?

I know one person who boasted he had Russian computer contacts that could hack any system, anywhere in under an hour. While that may have been an exaggeration, I have heard from another person who does work in computer security that it is a real and ever present danger and these guys do succeed with dismaying regularity.

If the creators of the latest crop of malware ar motivated by religious zeal, it will be even cheaper to fund them than if they are simply mercenary and looking for a fast buck. Either way, I would not underestimate them.

Simply reverse engineer the known virus modus operandi to get an idea of what will work. Refine the approach and combine several sucessful methods into one super package. bingo! If you want to get really nasty, create a sleeper that remains dormant until a specified date. All you need is a kernel that pops up to read the clock calendar each time the computer boots. As long as it remains dormant and avoids activity that virus detectors look for it will remain hidden. If al of these copies goes active simultaneously, you will have chaos and resultant denial of serve (DoS) due to volume of traffic. There have already been a number of DoS attacks but most are never mentioned in the news for obvious reasons.

Any time that you get a warning of that type then its is usually malware. I picked up the Antivirus 2009 the tech down loaded Malwarebytes to get rid of it. So far so good.

The company that created the Antivirus 2008 and 2009 have made a pretty penny on the unsuspecting public.

These programs are all free for home use.

Antivirus:

http://www.avg.com/product-avg-anti-virus-free-edition

http://www.clamwin.com/

http://housecall.trendmicro.com/

Spyware:

http://spysearchdestroy.com/?gclid=CPS8iNn99JYCFQrAGgodHHjtYw

Adware:

http://www.lavasoft.com/products/ad_aware_free.php

Rootkit:

http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

Firewall:

http://www.download.com/ZoneAlarm-Firewall-Windows-2000-XP-/3000-10435_4-10039884.html

Router Configuration:

http://compnetworking.about.com/od/homenetworking/ht/routerconfigure.htm

Hello stevem:

Nice one!

Thx bb. I've been using these for a long time and have never been infected.

The key though is to have a backup strategy (which actually works) in case you get hosed by a zero-day exploit that these defences can't protect you from.

I can't stress this enough: If you have irreplaceable/important data, back it up to removable media. It's a lesson best not learned the hard way.

Hello stevem:

Know exactly what you mean about having a strategy for that awful moment!

I fear most people I know, despite advice to do so, "it is too nerdy", "I only use it for emails". And do you what, they hardly ever get hit, dam!.............Me who assiduously runs all the anti this and that everyday, quite often get hit. Sods law, perhaps?

Thank for the reply.............

Take care......................

Speaking of strategy. I thought I had one. Went four years without a problem. Then when I did get hit with another virus, I discovered my strategy was inadequate.

I'm not trying to make excuses, simply stating facts. I had kept a Knoppix CD on hand to salvage files from an infected drive. Also had backed up my documents. Somehow the fact that I had changed work modes and the quantity of saved work now exceeded my hardware's ability to store it all, had gone unnoticed. What had also excaped my notice was the fact Microsoft had changed their policy regarding use of their software. During my last episode with a virus, I was running Win 2000. This time I was using Win XP. Win XP is a one shot install. I did not realize that changing the hard drive inside the same computer box constituted having a new machine and thus wsa excluded from the EULA terms.

My new strategy for recovery involves having an independent means of communicating via the internet. Having a Knoppix CD for file recovery is not enough. I had evidently forgotten enough details of how to run it so as to make it non effective. Another part of the strategy involves having the second machine on-line and kept up to date. Preferably running a different O/S that is immune to whatever hit the first machine. Part of that strategy also involves making the assumption that everbody lies when they claim their product does so and so. In other words even when you pay the protection money they will screw you if you are running windows. Sooner or later a new virus will take you down. Using the #1 most popular software is in itself a liability because #1 software is going to be targeted by trojans and malware.

Prevention strategy involves more hardware and thus more expense. Add a router to the cost of equipment.Also add a second drive of equal capacity. In other words your hard drive costs suddenly gets doubled. Presumably the router also becomes obsolete in a few months and is unsupported within a couple of years. I already had a router but the manufacturer declined to provide updates and demanded a $29.95 fee before they would even answer any email questions. So now factor in having to eplace the hardware every year or so.

Email gets screened more closely. First as webmail using a Linux machine. Then only those emails that contain attachmentte required for work and are deemed safe wil be downloaded for actual storage on my computer. Now you need more time for reading and screening emails. Emails get read using a third party client that uses a format that allow saving individual emails as seperate folders, unlike Outlook that merges everything into one database file of huge size. All Attachments get saved and backed-up on removable media.

Now add moer time per day just ot handle the added work load of screening emaila and doing virus scana and doing daily backup of work files. I'm not exactly suer how this is going to work out since it already takes over five hours to process one virus scn of my HD. Add a few hours of burinign daily CD backups and i can see th ehouse keeping taking moer thime than the work day takes. At some point in time the required time will exceed the available time. then what?

All this probably sounds overly cautious and slightly paranoid. If your source of income relied toally on you having continued internet acces and a working computer, wouldn't you be like that? But after having been too trusting of Microsoft's preofessed ability to keep me working and being nearly bankrupted as a result; what would you do?

Hello elnav:

I like your post!

I agree with just about all you say. And I know for sure that most people who "use the computer for email only" forget that even just email can mount up. Particularly if you allow html downloads, with pic etc.

As regards 'strategy', I think you have to think it through maybe every 18 months at least. And, what I have done, is to use any back up sources that are not 'run of the mill' in my normal saving of stuff, and it helps me to recall how to use the hardware and software when I need to. But, that is a very recent thing and I have nowhere near enough space to save what I need to 'off computer'.

Again, I know of a few people who just get a basic computer "for emails", but don't included the three or more software packages needed to protect the machine as best you know how. The regular annual payment which can top a 160 Dollars with out thinking about it. And that HAS to be paid.

Other heavy costs are as you say, the amazing this and that type of memory has. Yes it does, but, could be out of date in two years!.

I have a computer and UPS and that is it. But if you have a scanner and printer as well IT ALSO has to be replaced at about three years old, or if you are lucky 5.

I do not want to re-type all your email..............so, I think it fare to add perhaps half the cost of the computer (if it is just an average one) to allow for the re-Licensing, and costs of other software apps to keep you safe, plus allow for a new Router each year. (I have had three, and none lasted more than 13 months). Add to that any regular costs like phone or on-line help that some people may want or need. Plus the cost which may also include your help calls to them of ISP's.............And that is hardly scratching the surface, this is just the basics, and you say good bye to a pretty good sum of money each year?

You know very well that all, and I mean every Anti virus will be perhaps be OK for may be three years. You are living on borrowed time after that. With so many viruses already written, it only takes a little 'tweak' to one and you then have the next infection.

It takes a lot of thought to the way you use the computer. Whether it is the only one on the web or a slave. And, as you say perhaps ideally have two or more OS which should be on different machines. I am thinking in terms of may be having the computer you use for the web. The some kind of intermediate storage to first of all save it to and as far as is possible to make sure it is 'clean', then copying from the storage onto a slave.

It complicates things considerably, because you may have to remember how to use Linux and Windows, or whatever other combination of OS you choose, but, they also have to work with all your storage mediums. It means, what was a nice pass-time, has started to be a real pain in the 'ar se'. I know I spend about two hours-ish a days trying to keep safe. That time can be much longer if an infection gets in, and although it may have been caught by the anti virus or anti adware/hijacker etc, you still have to be sure there is no place on your computer it is hiding waiting to pounce!

In terms of care and safety, it gets to be a real headache if there is more than two people using the machine. I know what sites and warnings from the anti virus to look out for. Anyone else just does not. And I never know what sites they have visited until it may be too late.......Hopefully it won't be, but you can see what I mean? It can mean I have to have several 'machine profiles' where different items can be downloaded and certain programs are allowed access etc, in each. That also goes for setting up 'Administrator' rules for each individual person and or age group, right? And all this should be password protected. I know that as soon as my friend's fifteen year old gets on, they are almost certainly going to visit dodgy sites?! But, unless I, as the admin' set up each account on the machine anything can be downloaded. Or download itself, which is even more insidious!

There is certain people I do not email. I am talking friend's and Family here. Because I know I have tried to give advise only to be told to "shut up and not to take things so seriously". There is no way they can email me either because I have them blocked. I suppose the only way round that is to use (perhaps) web mail? I have given up any respect for the Family and friend's who often have no basic anti virus etc on their computer.............because the 'salesman said it came with what was necessary, and it is all 'automatic''. I guess you can imagine my opinion of 'salemen'? I have yet to meet one who will be up front and give straight talk when asked something. I always find out the details of a product, then check out various local stores and ask questions that are really simple. What is the total memory the Mother-Board can support, etc etc. Not a single salesman has told the truth, and worse, most lie. Those salesmen are there to make money. They are NOT there to help you!

I think you can see where I am coming from...............much the same place as you. As you say, when the computer is your job, you simply do not let a friend or Family member "go on it for five minutes"! Unlike anything else, you are the only one who can at least try to work in a safe way on a computer. That applies to nothing else we do each and everyday that I can think of. I and it seems you must be in control. Because we are the ones whom have all the agro' of dealing with the results of letting someone "use it for five minutes". That not only involves cost, but also the irreplaceable things of all sorts stored.

And I have started to rant. But, computing has to be taken seriously. One thing that really gets my goat is when I certain friend asks "been playing with your computer today"?

I will say bye for my friend. Really appreciate your post. I definitely do not think you are over cautious at all. And I am fed up with being accused of paranoia!

Take care.............

Hi, Booboo I meant Baby-Bear,

In 1982 I was taking my first course in computers, "Intro to Data Processing", my teacher told us that within 5 years we would be a "paperless society". It has been 26 years and I'm spitting out more paper then ever. The only people who have gone "paperless" are the computer manufacturers and the software developers, who now, routinely, "give" you your manual in the form of a PDF on your disk or on line. The cost of ink for your printers is higher than the cost of gas and keeps going up. Among other things, who wants to print a 35 or 40 page manual at home? Even then, what you get is not a technical manual, with usable information about your machine, but a user guide in the form of "push tab A into slot B", and lots of useless pictures.

Prior to the inception of the World Wide Web, computers were incredibly expensive, as was computer time. It was not a cost to be written off lightly. The Web started in Switzerland by CERN, in 1989, and snowballed through 1992, despite what Al Gore would have you believe. Until 1992, viruses, worms and other malicious software did not exist 'in the wild'. The only way to get a virus on a closed IBM network is if someone with access to the system's 12 inch floppy drives or the system console would go and enter or upload the virus. Today, if you even stick your toe into the Web without a half dozen anti-virus/ anti-malware programs running concurrently, you stand a highly probable (75%) chance of getting hit.

Despite my ten year absence from the computer biz, I was still Tech Support for my family WAN. This consists of a total of 9 systems spread over 3 locations for a total of 70 miles. No one in my family, except me, understands the kind of aggravation I have to deal with in order to maintain there systems properly. Unlike you, I don't have the option of locking them out of my server, nor do I want to. I just want them to use anti-malware software and do regular backups. My worst offender is my father, who is now 73, and who refuses to lock down the modem-router with passwords and encryption, much less virus scans and updates. Nor will he allow me to do it for him. I've seen him crash a system within 5 minutes of my final installing of said system. Him I have on triple redundancy, that is, he has 3 500gig HDD's, one of which is always with me getting debugged. Hell, I still have to manage my ex-wife's system, and, after an 8 year long divorce, I still don't have 'unsupervised visitation with my daughter. This is not someone I enjoy being with, nut if I want to see my kid I had better stay on her good graces. Then there is everyones friend who has a computer problem. The only person who can appreciate the time it takes to properly maintain these machines is my daughter, age 13, who has actually sat there and watched me work on her system after she got hit with a zero day bug. According to her, "It's worse than watching the grass grow". Since then, she, at least, keeps a clean system and does backups.

Add all this to the 'normal' family dynamics and you have a true nightmare on your hands. Right now, I'm trying to keep my father alive despite himself. He has Peripheral Artery Disease and he might loose a leg. Yesterday he told me that "If his leg goes gangrenous to let him die. He doesn't want an amputation. The fact that doing so will mean that I will have to care for my mother, who is completely devoted to him, doesn't seem to phase him. Since I became disabled with Depression and PTSD, I live on my Social Security benefits, which turns out to be less than $1,000.00 per month, so I live with my parents, at age 50, and I'm going back to school for retraining to the tune of $14,334.00 per year for 3 years. At least now you know why I'm depressed.

I realize I've been rambling. To tie all of this back to the initial post, a major cost factor that often goes unnoticed is the fact that we, as computer systems people, have to do our own printing in house.

I sort of miss the old days when, if I told management that I had a problem with a user management would fire the user for breaching safety protocols. 2 days ago I did a favor for my brother-in-law, who is a true hardware expert, to check on an installation we did for a Metro-PCS store. I walked in at noon and checked the local server, only to find that their newest employee had loaded Kazaa on the server so "they could have good music in the store". This person was not cleared for access to the server, nor was he technically capable of running and maintaining a server. You should have heard the wailing when I told them I would have to yank the server and haul it into the shop to retrieve whatever data I could and then do a "Format-Reload" that, given the size of the drives, could take 2 days, and did not include doing a virus check on the 'smart terminals'. I had each employee do their own virus scan for no other reason than to teach them what was involved when a manager allowed and idiot full access to the server. Add in loss of business because the server was down and you have some very unhappy managers and even more unhappy owners. I hope that now they won't go messing with the server and follow the protocols I had put in place during the installation. The only person who won anything in this scenario was my brother-in-law, who charges by the hour for debugging a system.

I don't think you can call it paranoia when you KNOW that "they really are out to get you". I want you to know that you are not alone in this, and that you do have friends who understand the kind of torture you are going through. You are doing the right thing by your system and, despite themselves, by your users. Hang in there, kid, and don't worry, it can always get worse .

I think everyone has had enough of this post. Good luck BB,

/Ari (Orpheuse)

Hello Orpheuse:

Great letter! I fully understand your frustration?..........In members of your Family not even bothering with the 'basics'!

With regard to your Father, would he accept it if you wrote the password, the name of his dog, favourite drink, his first or last name? You seem to have most goal covered in having a spare HDD and cleaning that at your place. You are obviously more ofay with computing than I am. I know the History and how they work, but, it is a whole other thing when something goes wrong and I have to try and recall what I may have done in the past hour, day/s, weeks/s month/s to cause it!

I just hope the, lets say 'silly', or irresponsible people out there read this and pass on the message, you know......well, I know you do!

Could never understand the reasoning of giving a Manual on PDF. If something is ssooooo wrong that you cannot even get in and use the computer, how are you going to read the helpful Manual?

I know the rest of my Family just 'glaze over' if I mention the word/s anti-virus! They use the computer like an extended typewrite with no thought at all of what may happen if they do something, right or wrong. That knowledge helps. But they don't see it!

Regarding your 'ex', if you do not mind me joking a little, you could always charge her and get a just a bit of the alimony back?

The only person who can appreciate the time it takes to properly maintain these machines is my daughter, age 13, who has actually sat there and watched me work on her system after she got hit with a zero day bug. According to her, "It's worse than watching the grass grow". Since then, she, at least, keeps a clean system and does backups.

And good for her! Once that discipline is understood, it becomes second nature really?

Sorry to hear your Dad is so ill. I have only seen that disease once, and I am sorry to say it is not pretty. It seems you certainly have your hands full.

Since I became disabled with Depression and PTSD

I too have PTSD and Depression problems. And try to keep busy, mostly on the computer, as I do not like going out. Few people truly understand. I, and I assume you, do not want sympathy. It IS understanding that helps, especially if you also have to over-come the side effects of medication as well. I will not talk about that on open forum OK? You can always PM me you know? (Two injured soldiers discussing our 'wars')! I do not have the confidence to go back to College. I have thought about it and may be brave but, not at the moment. I am prepared to take days and weeks to find out any detail of a particular computing problem, which my Family just have no understanding about. "oh, he's playing on his computer" I hear people say in the background. The fact that this is NOT playing goes in one ear and out the other with them.

I am not copying it, but, I really like your last paragraph. And the friend and Family who just are ignorant (in the nicest possible way) put me under so much pressure I sometimes wonder why I ever bothered to give any advice, you know? They cannot see it as any sort of pressure whatsoever. But as you find it getting too much, so do I. I was asked for advice buy a Family member and gave it. I also followed on and sent small updates of what to do to keep on top of the problem. A year later I visited and asked to use the computer and found all but one of my emails un-opened! They had no passwords, as "it's just a big typewrite as far as we are concerned. Don't know why you worry so much, it's not nearly as difficult as you make it sound"! No, of course it isn't. Be course they never ever do any 'housework' on the computer and it is choc full of malware. But, I have been told not to email them "with your 'smam'"! I pointed out it was spam! I think you fully understand why and how these 'people' can put pressure on me without really knowing or understanding how.

Thanks for the remark "you do have friends who understand the kind of torture you are going through".

I am not thanking you for reminding me that "it can only get worse"!

Take care, and I thank you so much for your post. At least I know I am not the only one who thinks the way I do!

Hey, BB,

Sometimes we just have to lean on someones shoulder, and, when we do, it is always good to know whose shoulder is available .

As to your initial post, part of the problem that gives us all headaches is Moore's Law.

Check this out:

Moore's law describes a long-term trend in the history of computing hardware. Since the invention of the integrated circuit in 1958, the number of transistors that can be placed inexpensively on an integrated circuit has increased exponentially, doubling approximately every two years.^[1] The trend was first observed by Intel co-founder Gordon E. Moore in a 1965 paper.^[2][3][4] It has continued for almost half of a century and is not expected to stop for another decade at least and perhaps much longer.^[5]

http://en.wikipedia.org/wiki/Moore%27s_law

Actually, with Duo Core and Quad Core, it shows no sign of slowing down in our life times. Don't try to fight it, just go with the flow. Anything else and you are fighting a Tsunami, and you are a cork in the water.

I do admire your stand regarding Emails, etc. There is nothing quite as nice as getting a good virus from a family member.

You do understand about the true burden of in-house printing. What a pain in the tush! Before you even install the software you have to look at and grind out 30 to 40 pages of User's Guide, and, because we have to integrate new information, according to Moore's law, then two-thirds of us are always in school at any given moment. And we have to pay for the "HONOR" of maintaining users who, computer wise, are nothing more than babies with loaded guns in their hands. How much malware does the most conscientious of us come home with, electronically speaking?

If I can go two days in a row without one of my multitude of scanners finding a bug, then I'm doing well. I have to wonder how much is getting through that my scanners are not catching?

As for my Dad, he will live, despite himself, and with an amputation, if that is what it takes. All of the rest of his internal organs check out fine - in that way, he is healthier than me.

Funny, but I'm sort-of grateful to him for being the IT User from Hell, on steroids. I've learned more about cleaning and reviving systems than any other single source, and, I can get at his system when he's not around. He's a dyed-in-the-wool Socialist, and there ain't no changin' him. He already knows everything, and he's the boss. He WILL not remember passwords of any kind. He feels that "going through 'the network' slows down his system too much". He doesn't care whose gateway he is linked into, and, because we live in an an apartment complex, when he wants to log on to the Web, he uses the first connection he gets, and there are about 6 "open" systems in the building. He won't even let me set up his User Profile. His favorite appellation for me is "shit-head". Problem is, I can't walk away because there are innocent children involved, so I sit out my sentence and then laugh and cry that I made it through another day, and what are they going to do to me tomorrow?

Stop giving advise. It is rarely appreciated and never by the party to whom it was intended. If you want or need to give advise, do it here where you are safe. Talk less and listen more when dealing with non-system personnel.

When they start talking about this problem or that problem, let YOUR eyes glaze over and stop listening. Sing something inside your head to drown them out and nod, wisely, as if you were hanging on every word. At the end, simply look stupid and say, in your best "drawl", "Uhhhh, I don kno. I'll have to look it up and get back to you.", then just let it go and forget it ever happened.

Pay close attention here: As Long As You Know That You Are In Integrity With Yourself You Have Done No Wrong And Have Nothing To Fear. That is the key: always be true to yourself and it follows, as night follows day, you can not be false with anyone. Just don't say "I Told You So". That only makes them mad and they are worse when they're angry. Try to see them for the computer simpletons that they are, then make them as comfortable as possible until they or their systems die. Work on techniques for reviving dead systems. It is part science, part art and part intuition. REMEMBER: You can't save everyone. Trying to do so will only upset them and frustrate you. Deal with it as a mind-game, or simulation. That takes most of the edge off, and DO NOT take ANYTHING seriously, especially yourself. If you can make a joke at the worst moment of a crisis, then you will have broken the crisis into the smaller bits that can be cleaned up. That is how you ultimately succeed over the electro-morons out there and the hackers that prey on them.

Good luck, BB. You're doing just fine, bro. Just lighten up a bit - believe me, I know how hard that is.

/Ari (Orpheuse)

Hello again
I like talking to you, as you are clever and understand. The two do not
necessarily go together, though I am sure you must know this. Bright sparks,
especially direct from the Uni' rarely understand everyday practical application
of what they may have learned!<IMG
we just have to lean on someone's shoulder, and, when we do, it is always good
to whose shoulder is
available.I came up the hard way, poor education because I was always ill and off
school. I was lucky in a way, even as I was in the lowest class at school, I
understood Maths pretty intuitively . Sometimes I would watch a University
program at home on the TV and realise before it was explained, what was needed
and how the particular example was going to be measured. I did not know what the
method I saw uncovered before my eyes&nbsp;was called, but I understood you
would have to do this, to get exact sizes per metre or that to figure a cubed
area. Though once again I was not clever enough to 'know' it was 'cubed' when
applied to generally hard substance volume.
I recall teaching myself on how to do this particular job. I went for the
interview and got the job as Manager as much for my previous jobs and ways I had
'taken' over three peoples jobs, them not being replaced after leaving, or
getting the boot for not working. Anyway the job was to work with pieces of card
of for instance 300mm x 20mm. I did work and made prototype items which were
measured, and although it was not always easy, there was never any more than .3%
difference in size from one job, to doing that same job maybe 6 months later.
The skill was in the design and setting the machines with that accuracy. The run
of the mill putting the job through was done with a crew of six women.
Anyway, I used to have about four kids from Uni in every year to show them
the practical side the knowledge gained could be used for. I remember I boy. 19
he was. And when he had grasped the idea of working in microns, and knew the
length of card we were using on a particular job once told me that the 11 slots
on the card meant each 'space' (later to be occupied by electronics as packaging
material) would be 24.978 mm wide. I said in reply, there is a sheet of board.
Go cut the pieces of card as samples from it and setting this machine up. I used
one machine very little so usually had it for sample and letting the 'new
generation' learn, or in this case screw things up. He came back two hours later
and half a pencil shorter! with about 50 bit of card, all different sizes. I
said to him, you know the sample for this job and the jobs I had designed
require a 'push-fit'. Those cards vary by two mm in depth and 5mm in length.
Explain how you can feed then through this machine, and still have both end
spaces give a push fit for the product going in them to be sent to Australia? I
asked him to set one piece of card out as a sample to set the machine. (By the
way, I made dividers, and often the boxes they would fit in.A very simple basic
item.&nbsp; But my friend from Uni' had taken two days and had not started
setting a machine. He came up on the third day with card with pencil marks on. I
could see by eye that each varied at least half a mm (~50/1", 50th of an inch).
I knew he had smashed his sharpener in frustration and the pencil lines, were
almost two mm thick.
To set up a job I found the best thing was a really sharp set of dividers,
made the points very sharp, and made the slightest of impressions in the card.
This gave the accuracy I wanted. It seemed this boy was very good at talking to
others but his £300.000.00 Education had not been good enough to get him to set
my machines to my tolerances. I asked him to leave after four
days.&nbsp;University Education, is no guarantee to a practical person. I am
practical. At school I learned nothing very much to 'better' me. I taught myself
from books at home and at work after I had left school. I still have no
qualifications, but put me up against a Uni-grad any day!
Sorry, I got sort of carried away.
I have read and seen pieces on integrated circuits and now, it is difficult
to imagine just how many 'transistor's are in or on any one block of the newest
design. The problem comes when you have to join things together. At that level,
along the edges of the boards its back to the 16C with screws holding it
together. Move in a couple of&nbsp;mm and you are back in the new world of
Nano-techknowledgy.&nbsp;
With ref' to scanners, I do not worry when I find a virus..........I worry
when I find nothing! I then realise it may be time to find another anti
virus?
I like the piece where you talk about your Dad. Sounds pretty much like my
Dad as well. But, as you say, well almost, if you can cure the computer ailments
he throws at you, almost literally sometimes, you can take anything and get it
to work.
Stop giving advise. It is rarely appreciated and never by the
party to whom it was intended. If you want or need to give advise, do it here
where you are safe. Talk less and listen more when dealing with non-system
personnel.
When they start talking about this problem or that problem, let
YOUR eyes glaze over and stop listening. Sing something inside your head to
drown them out and nod, wisely, as if you were hanging on every word. At the
end, simply look stupid and say, in your best "drawl", "Uhhhh, I don kno. I'll
have to look it up and get back to you.", then just let it go and forget it ever
happened.
As you said above highlighted, I now only give advice when asked and only
that once. I can more or less know that they have not put my advice to use most
of the time. A Family member, "works on computers at in my job". This is what
she tells people. The computer is a 'TILL'. Their personal computer at home was
brand new 14 months ago, and they still cannot get the email to work, or sign up
to any on-line mail account. Actually, they do not understand the difference
between a Microsoft and other on computer mail account and a web account. I
offered to set the machine up as they wanted it to be when it was new. It was
just before the previous ones HDD packed up, and with no redundancy at all, they
had said, we don't want you emailing us and sending all that 'smam'.
So I now do more or less what you outline above. I sometimes do not
understand a specific question. I then Google it and read up and try examples of
it on my machine. I am not saying I know enough to give advice on every XP piece
of software from Microsoft, but, I will only try and help if I remember that
happening to me. Or if it is something which is fresh in my mind. Perhaps
something new to me but I worked on for a week and know how it works, you know
what I mean?
You Are In Integrity With Yourself Is that against the
Law?
think I had that about three weeks ago)!
I might ask about something I see at a Family or friend's place. To make
conversation Which sound horrible, but is just sociable) I might ask where they
got 'that' from. Their reply, "don't be stupid, it says on the back". The way I
have always replied to those questions is answer, "it is made by such and such,
I got it in Scotland last year" It is an inoffensive reply, which means, at
least while I am there they might come out of their shell and talk about
something they are worried about and the can't do? I have two Brothers and Two
Sisters, they are all healthy and got god exams, even though the did not go to
Uni'. I feel rightly or wrongly, they don't respect my knowledge because 'I
learned it myself'. I could not try for exams because I was to ill. The grades
my Brothers and Sisters got were wasted by my Sisters in my opinion, although I
would never say so. It is only in later life they started doing demanding jobs.
And one Sister went back to college for fore years to learn what she needed to
and I respect that.

You seem to understand me or what I mean
ituitively. Thanks.

Sorry Ari, I am ranting so much.
Thank you. And I hope you Dads outcome is as good as can be.
Take care...........

You Are In Integrity With Yourself Is that against the Law? think I had that about three weeks ago)!

I

Hey, BB, what will really rock your noodle is the our good friend, Frued, once said "To "KNOW" yourself is the ultimate form of aggression"

It wasn't until I was 45 and re-reading Frued's lectures that I realized that he was using the word "know" in the Biblical sense.

-------------------------------------------------------------------------------

"So I now do more or less what you outline above. I sometimes do not
understand a specific question. I then Google it and read up and try examples of
it on my machine. I am not saying I know enough to give advice on every XP piece
of software from Microsoft, but, I will only try and help if I remember that

happening to me. Or if it is something which is fresh in my mind. Perhaps something new to me but I worked on for a week and know how it works, you know what I mean?"

Yes, I understand the passion you bring and the enjoyment you get from Applied Electronics. Yes I understand your frustration because people not directly connected with Systems and System Security don't understand what you are saying.

The problem is that you are a "nurturing" type. You need to be needed. If you give advise and it proves helpful then you feel 'validated', i.e. - you derive satisfaction, pride and a sense of self worth by 'assisting' others.

What I outlined and what you are doing is correct, up to the point where you say

but, I will only try and help

That is where you go off track. Do not "only try and help", until you are specifically asked to, and then answer in a way that is self-deprecating. This only applies to the work environment, i.e. if you are getting paid, and paid well, for the advise you are giving. In the information Age, Advice is a commodity, and should be packaged and sold as such. Oh, and the more they pay, the more it's worth.

As far as family members etc., don't even bother doing the research, unless you are going to Blog it - and I think I found your safety valve -

===========================================

Try this on for size:

When approached by friends and family members to solve this problem of that, do it and blog it. Set up your own website of "Field Case Studies: System Problems and their Solutions"

Give us specific case studies of the system problem and we'll chew over the solution for a while.

Blog everything you do, in detail, and then, when you've got your first 100 Field Tested Case Studies, release your first book: "99+1 Dumb Things Users Do to Sabotage their Systems", Volume 1.

Publish on your website and use your talent to help the rest of us. "Do not cast thy pearls of wisdom before swine, lest, in their ignorance, they trample them underfoot"

Seriously, don't be so fast to offer assistance, unless it involves holding open a door. In computer matters, do not give any assistance unless and until you get paid for it.just Blog all of the insanity you find, how the 'other party' dealt with it, the result of that, how you simulated and corrected it and a 'step by step' guide for fixing this problem. Done, Move on to the next problem.

Start your Blog here, if you like,but approach it with the mild contempt and Vulcan-like detachment of a scientist, and stay focused on the problem, not on what caused it except to inquire if there had been a flicker of light's, otherwise, assume user malpractice and the malware that goes with it.

What tools do you use and what steps do you take in order to find and terminate the various 'nasties' in the wilds of the WEB (music: Timpani and Horns: Rickard Strauss "Thus Spake Zarathustra" or "Theme from '2001. A space Odyssey"")

Blog it and we'll 'kick it around, maybe tighten it up', but it will be looked at and rated. They are handing you lemons, child, find out where they need Vitamin C (or any of it's cousins, C+, C++, C#, Cb etc.) and export it.

(Voice of famous anonymous scientist), . . . or, to put it into practical terms, Blog it here so you can become a resource. Plunge that enthusiasm into your Blog.

Blog, blog blog blog blog, and blog some more!

The next post I want to see from you is a Field Tested Case Study as I outlined above. No more, and no less, and completely detached from frail emotions. Be sure to include full system specifications including OS & version, all hardware and drivers, all software, all running processes and services etc. I want to be able to picture this system in my head and, from your directions, identify the problem and how it was resolved.

Think you're up for it, Baby Bro? I think you are. Go for it!

It is 1:00PM. I will have breakfast now.

Later, BB,

/Ari (Orpheuse)

Hello Orpheuse:

Cant thank you enough for your advice and caring ways.

Really appreciate what you have written in your posts including the last one, just before breakfast!

Am I really that much of an open book, heart on sleeve and stuff? You seem to know my thoughts better or 'sooner' should that be, before me.

Please forgive my possible confusion, bad time since I went off line after my last post to you. (As you may know)! I am PM-ing you.

Because of this I am feeling pretty rough and have done for a week. See PM.

I want to reinstall my system and I can then maybe think of starting a blog. It is rare- to never for Family ask for help but, some friend's do now and then. It is mostly on here I can help people.

Although I cannot quote Freud I have read about him and read most of one of his books where this idea of self aggression was mention. Though I can't recall that phrase as it was 20 years ago I read the book. Not sure what to think about him. He was way off the wall with somethings he said, and I think the self aggression thing is one. I am sorry but I cannot recall enough to give any example other than the 'sexual' ones. I found the book very weird to think about. Not heavy going exactly, but, so many twists and turns, and it seems at war almost, with the rest of the 'establishment' of Psychiatry?

Other than on this site I give and am very rarely asked for help on applied electronic and in particular computing. Though to say "computing" would be to narrow the outlook too much. To the people of my Family, 'computing' is something to do as you sit down in front of the screen. To me it is like walking into the British Library and reading anything and everything. I plan the way I am going to work on something, maybe a problem for me or on here, as I walk down the street.

I have it seems, without really trying understood other's feelings and worries, and reasoning a lot more than I can understand mine! Even my Bosses would come to ask advice, mainly but not always with ref' to work. So I did not seek it out then. It sought me!

I think with ref' to this site and other sites I have visited, it is learning that drives me. If I can pass something on then I will. If not, it is the contact I also need as I have always been a loner. Bullied at school, I was not bullied so bad that I was beaten but, it hit me harder than I like to think and I had a couple of breakdowns in my teens and early 20's.

When working I put perhaps 12 to 16 hour days in. I 'work' as hard on here though not many realise it.

I was telling my ex girlfriend about one project I am helping a guy with, as she asked "what do you see in computing, it's boring"! I started to say "I am working writing to get information for a contact and.........." "Work", she said and just laughed it off.

It is 'work' for me. It doesn't mean I do not enjoy it, you know? This is a woman who often remarks "oh playing on your computer are you"? Gaming is play to me. I like to get a little deeper than shoot someone who does not even exist.

I love Music. Any kind of Music. I went to the Opera when I was 16. Puccini's Madam Butterfly. The costumes and make-up was a little frightening, but the music was brilliant. My Favourite Orchestral piece is Vivaldi's Four Seasons. And when really young we had a second-hand store nearby, and bought 78's of all sorts of music but often Jazz or country based. "This Old House" by Stuart Hamblen I remember was bought about when it was published (I think) in 1953-56. Really great record. The first we got.

http://uk.youtube.com/watch?v=0WhLhF12TBE

I like all music but really like pan. I forget what they are called they are made from oil drums. And, of course, any live music. I like pop concerts but do not fancy sleeping in 'mud' with half a million other so I can stand and just about be able to see a dot, which is the stage! I watch it in comfort at home, in the dry.

It is not until I got sky TV, then a box by the telly, and heard the original country songs that I realised there is so many 'modern' covers of the old and original great songs. I suppose they have stood the test of time?

Think you're up for it, Baby Bro?

No not at the moment. I want to learn a bit more first. I do think the blog is a good idea though and, have looked into it on here, which is probably where I will publish.

I am starting one, but, not for a year perhaps. But I will blog.

Thank you once again ari.

Take care and let me know a little more of your favourite music?

Bye for now.............

As per music, just like you. Everything from Beethoven to the Beatles, everything from 200 B.C. to 2-- A.D. I am a professional musician, even on the computer, where I do Midi work. I play guitar, I have one album which I wrote the lyrics for and which I am trying to build a website so I can exploit it.

I spent 10 years, 1997-2007 as a professional actor, regional traveling theater. Everything from "The Hounds of Mucus" to Hamlet (I played Horatio and understudied Hamlet, Got to play the lead role once, that was enough since we were doing the FULL version of the play. The 2 last shows I did were "Pirates of Penzance" (The Pirate King), and a George Kaufman piece called "Of Thee I Sing, Baby". Kaufman used to write for the Marx brothers so we didn't feel too badly when we improvised entire scenes. Had a ball with that show, and every time we thought "we couldn't do anything more outrageous to this script" and every time, we did something more outrageous, and the audience ate it up. What a hoot.

Music wise, I'm primarily and old folk-rocker, Paul Simon, Jim Croche, Meakem and Clancy brothers, Clapton, Springsteen, Crosby, Still and Nash, which still sound's like a law firm to me. I also like Blue Grass, which is sort of Irish meets Alabama, Zydeco from Louisiana, all forms of the blues, Jass, big band, Louis Armstrong and Ella Fitzgerald, Louis Prima, New Orleans Swing, and progressive Jass, Al Dimeola, Bill Evans, Thelonius Monk etc...

Now I have to get some cert's so it's back to school for me on Dec 1. My 13 year old daughter wants to be a pastry chief. I had better be able to bring in some cash cause this kid is determined to cook. She wants a fresh bread and pastry shop. She's been telling me this since she was 5. 8 years later and no change. I had better be able to earn some $$$. Good looking kid and smart. I traded in the shotgun for a howitzer. I just can't figure out the right proportion of Rock Salt and gunpowder. That's to keep most of the boys off her. You'll understand it better when you have one of your own.

You will get to school when it's time for you to do so. Don't sweat it, and don't look back. 2 caveat's 1. Don't ever feel guilty. Guilt is a sham of responsibility the same way that punishment is a sham of correction. On any given situation, if you can say "I tried my best", then you can look at yourself in the morning and just take a shave instead of beating yourself up. 2. Don't play the "What if . . . " head game. That is a very cruel dead-end. Learn what you can from your mistakes, hold your successes high, and look forward to tomorrow and another chance to dazzle the audience.

Right now, I have to have a long talk with my computer. I got a copy of Nuance Dragon Naturally Speaking, a voice to text program. It works fairly well but I have to read to it so that it can learn how I speak, i.e. cadence, rhythm etc. I want to dictate my notes from school into the system and print off my study sheets. Should speed up the process times 3.

Good luck Baby Bro, and check you mail on this site.

/Ari (Orpheuse)

The advise and the caring is free. That falls under Karmic Law, and you know as well as I do that what goes around comes around.

Thank you for the High 5, bro.

I'm pretty jazzed about it. I'll be taking 2 classes per week, as my shrinks don't want me freaking, but I'll probably be living there, especially if I can get work at the school in tech support.

The one thing that has me concerned is the math. For some reason, possibly an Florida academic requirement, they are going to try to teach me Algebra 3 and Calculus 1. That is my Achilles heel. I'm sure there are student's or junior instructors who will pitch in and help me get through that.

The rest of it is pure joy. Everything from Advanced Windows Servers to Cisco Systems, to Linux. It may take 3 years, but it is complete.

I looked at DeVry and ITT. DeVry has more of an engineering paradigm, which would not bother me per se, but they were also a third as much over ITT. I want to learn Networks for 2 reasons. 1. If the Network is down no can can do anything, and 2. I see robotics as collections of independent Peer to Peer networks. If I can stick it out for 6 years to get a B.S. then I want to start Android Robotics at ITT.

Anything that comes out of this will be huge for me, and I like to share so we are in for a great 3 years.

Thank you for your kind offer. I look forward to working with you and the rest of CR4. It's all very exciting.

Orientation is this Saturday. I'll report on the festivities.

Thanks, again, for the offer of assistance and the Hi 5,

/Ari (Orpheuse)

Hello Bricktop:

how you doing? He is kinda lucky in one way but, still has to put in the time? Leastways if he wants to come out on top at the end, which I am sure he will. Children go to school to learn. Adults go to school because they want to and they are able to see the bigger picture, and the real reason for more knowledge.

I also thank you for your offer to vent my spleen when needed. You are very kind, Thank you.

The same goes for you, any worries, just hang em out on my line K?

Hey, take care.................

Hello Ari,

you sound pretty complete to me. You have a lovely Daughter who obviously loves you and is planning already! Plus, it is pretty cool to have your Dad going to 'school' at the same time?

A musician eh? I started to play the organ, but was to ill to carry on. I also had a real headache remembering the previous instruction. I used to just play, to 'find the notes'? Try and get familiar you know.

I love to hear the lyrics if you can't get any music out. I tried with the lyrics to a song when I was much younger. But had know idea really, didn't 'feel' it so I never finished it.

I like to mess around with anything percussive. And might get some electronic drums. Real ones are a little noisy you see?

The acting sound great. There is so much competition it is a wonder anyone can earn enough to do it for more than a year or so. Admire you both for the Acting and Musicianship..............And my Favourite Comedic Actors are.............The Marks Brothers...................

"Someone said a child of five could do this, go get me one will you"? Sound familiar? It was not until I was thirty that I realised he had boot polish for a moustache!

It seems your music tastes are more or less on a par with mine. And I like to listen to da ole banjo type blue grass. Love real blues as well. Louisiana based stuff but it spreads out from there.

I have to get to sorting out my medication. I need it in a couple of hours.

Take care and as you said, keep in touch, whenever

This is a relatively new post in an old thread. But just as a matter of record for anyone looking for past threads about computer security, I'd like to suggest people look at Sandboxie (or an equivalent) for browsing the web. It adds a layer of security to be used in conjunction with other security software, such as antivirus software, malware cleaners, etc. All should be used, but Sandboxie puts your browser in a virtual space so that rogue files can't have direct access to your system. Even if you download some file it can also be run "Sandboxed" in a virtual environment just in case you suspect it might contain malicious code. I've been using it for over a hear and a half -- after getting a nasty infection on my work computer. Sandboxie has helped keep me safer. Take a look at it and similar apps. I think you'll be glad you did.