• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/

LS SteveJ

  • Content count

  • Joined

  • Last visited

Community Reputation

0 Neutral


About LS SteveJ

  • Rank
    Advanced Member
  • Birthday 12/23/1978

Contact Methods

  • Website URL
  • ICQ

Profile Information

  • Location
    Gothenburg, Sweden
  1. I have a constant spyware detection and quarantine of Win32.Trojandownloader.NewMedia & Win32. Trojandownloader.Zlob as well as Adware.Agent.Data Miner

    I get dummy explorer desktop icons and a desktop display change when it returns as well as Internet Explorer security setting changes with multiple error display boxes, hijack browser warnings and constant internet explorer pages opening.<

  2. Lavasoft HIPS?

    Hello Easter. I cannot comment at this time as to the full set of features that will be included in Ad-Aware 2006, as it is still under development and this will not be made public until the beta testing phase. Proactive protection is the way forward I agree. The number of malwares coming out daily is jst getting ridiculous. However, the biggest problem with pure pro-active / heuristic protection, is that a human being has not evaluated the file that is being blocked. Whereas this may be ok in the A/V industry where a Virus is simply a Virus, in the adware/spyware industry the threat levels vary on a large scale and the line between good/bad is very clouded. This line is very important to both the users and the vendors, as many vendors accept that some users will remove them, and some users may accept the risk level to get some "free music" or something... So my point is... if you want to go with heuristics and block everything, you open yourself up to a ton of legal issues. How does heuristic protection know how bad something is based on a signature that flags something as a downloader for example? Many innocent programs install by downloading their own installtion files. My personal opinion on this matter... and believe me, it is a topic of discussion, is that anti-spyware vendors may push ahead to quickly with wanting to adopt the A/V style of detection and open themselves up to some very serious legal problems. Also, one of the side effects of this aswell, is that vendors will no longer have any reason to change their business models for the better. Lavasoft rates vendors according to the TAC scale. If a vendor makes a serious change to their software that merits a reduction in threat level, then this will be reflected in the TAC rating - even going so far as to remove things from our database althogether. With this form of impartial rating, vendors have an incentive to change their software, and also learn that they can change their business model while still producing revenue. It pains me to see that certain other anti-spyware vendors refuse to alter the threat level of softwares in these cases - why does it pain me? Well... ask yourself a question... if you need to make money, and your software is being deleted because of its threat level being too high, plus any attempts to change the business model / software generate no change from the side of the anti-spyware vendors, what is your only option? GET MORE AGGRESSIVE... this unfortunately is the only way out for many.... they must find more aggressive ways of getting onto the system, and staying on the system. So at best, removing everything just elevates the war... its a classic "arms race"... In conclusion, I would like to say that we must move forward with heuristics... but I believe that the level of heuristics we use should be based on the nature of the family in question. As you correctly state, some of the really stubborn or nasty ones (Look2Me, Nail, DollarRevenue etc) and also things that exhibit Keylogging behaviour should be blocked by a very high degree of heuristics.... however, the closer you get to that grey line, the more careful you have to be... at this point the level of heuristics should probably resemble the same kind of detection that our current CSI method uses. The ability to spot new variants of already known families... Thus we can employ the correct TAC level for that particular file... I am in the strong belief that this form of "pseudo-heuristic" detection will be the norm in the future, and that moving to fully heuristic detections (as powerful as it may be) should be done with caution and certainly an option that the USER must activate.... Let me know your thoughts on this... Thanks //Steve
  3. Keliboo. Is that the scan log from before or after your computer started to act strange. If this is the scan log from before, then I see nothing that could possibly indicate that Ad-Aware has changed your internet connectivity in any way. Could you check all the logs on that machine and make sure you are posting the one from the scan that you made right before you encountered the problem? Thanks //Steve
  4. Symptom Ad-Aware Freezes During the Memory Scan Cause This can be caused by one of the realtime shields in the SpySweeper 5 application Resolution Spysweeper producer "Webroot" has been informed of the compatibility issues with our and other applications. For the time being, you should disable SpySweeper realtime protection while performing an Ad-Aware scan
  5. This forum relates to reports of infections where we know the name of the offending family. Therefore I am moving this to Ad-Aware Support forum..
  6. Hello hbman. To get this to work, you must surround the entire command with speech marks, but make sure the slashes are outside, otherwise windows may try to interprete the forward slash as something to do with paths and convert it to a backslash. ex: "%programfiles%\lavasoft\ad-aware SE professional\ad-aware.exe" /full +nodefnotice +update More on this problem can be found here Hope this solves your problem Best Regards //Steve
  7. Hello jinnyj. Your problem is actually unrelated to the topic you have posted in, as this was a specific problem from a few weeks ago which is now resolved... please start a new topic. We will be closing this topic... thanks //Steve
  8. We are thrilled to announce that one of our long term and most active forum members, "CalamityJane" has joined the Lavasoft team. Jane is very well known within computer security circles and can be seen throughout the various security forums, providing assistance to any and all who need it. Jane is very well versed in all windows operating systems and holds a Microsoft MVP (Most Valued Professional) in recognition of her work for users of the Microsoft Windows operating system. Link here CalamityJane is now known as "LS CalamityJane" and will continue her role providing excellent online support for Lavasoft users. We welcome her to the team and hope that she will enjoy her role in one of the largest and most successful Anti-Spyware companies. Congratulations CalamityJane!
  9. what is really strange about this, is that I have received no notification from them as to the problem...but I will get in contact with them and try to straighten this out... Thanks //Steve
  10. Preparing System Scan

    Actually I would like to correct this. It is up to the user to decide whether or not they wish to remove something. Lavasoft provides an impartial risk assessment and a means to remove these items (Ad-Aware) if the user so desires. We do not instruct the user to delete anything, nor does Ad-Aware delete anything by default (unless instructed to do so) However, we do inform you on the consequences of not removing these objects Negligible Items are objects in our database that have a threat level of 2 or below. These are families which have been lowered to such a level that they can no longer be considered a threat. It is up to you whether or not you wish to remove them, but when they have reached a risk level 2, they do not pose a serious threat to your system. Thanks //Steve
  11. These kind of conflicts do occur with security applications due to the fact that they are looking for the same signatures. The way around it is to accept the warnings from Ad-Watch, and add McAfee to the ignore list if it appears in a scan McAfee should not be recommending the removal of Ad-Aware as the ignore list function resolves this problem. Thanks //Steve
  12. I would like to point out that this forum is for support of Lavasoft products and this thread is fast becoming a support thread for the NoAdware product. The "start page shield" discussion has very little to do with the detection of NoAdware by Ad-Aware and a I will be closing this thread as there really is very little more to be added to this discussion. My latest post explains our current position on this matter. Thanks //Steve
  13. Update to this situation:- Please note that NoAdware is in a probationary period. This means that it is open to discussion by the security community, and our users, on whether or not this application should be removed from detection. I would kindly ask people to provide their commentary on the steps we are taking. Thanks //Steve
  14. If you are repeatedly receiving a "Your definition file maybe out of date" message, though you still get "No new updates available" when trying to do a webupdate, then there are a couple of things you can try. 1. Delete any definition files in the "c:\Program Files\Lavasoft\Ad-Aware SE" folder. (This file is usually "defs.ref") (the folder name will changed depending on if you have pro / plus / free). There may also be a defs.ref.old, you can safely delete this too. Then try a webupdate. 2. Check your "hosts" file. It could be that a malware has changed it so that connections to our update server are not working. Your hosts file is located in "c:\windows\system32\drivers\etc\". Open the file "hosts" with notepad. If you see any references to "download.lavasoft.de" or anything else regarding Lavasoft, you should remove them. Now try your webupdate again 3. If the first 2 methods do not work, then you should try a manual update. Update the definition file by downloading the zipped definition from http://dlserver.download.lavasoft.com/public/defs.zip Unzip this file and you will get a "defs.ref" file. This file should be copied to "c:\Program Files\Lavasoft\Ad-Aware SE\" (the folder name will changed depending on if you have pro / plus / free) Now load Ad-Aware. If the definition file is still showing your old one, then click on the settings icon (the cog wheel), then click "General". At the bottom right, there is a box saying "Using Definition File". Click the "Open file" icon next to that box and then browser to the definition file in "c:\Program Files\Lavasoft\Ad-Aware SE\" (the folder name will changed depending on if you have pro / plus / free) Select it and press open. You should now have the latest version 4. If all of this fails, please contact technical support, or post a question on the support forums. It could be that you have a sneaky malware on your system that is disturbing your internet connection to certain servers and need to have it removed first. Please make sure you try ALL of the methods above before posting a question. Thanks //Steve Edit by LS Joakim 27 March 2007: I changed the definition download-links to the correct addresses used. Edit by CalamityJane 20 July 2006: to correct download updates URL from http://update.ls-servers.com/public/defs.zip TO: http://updates.ls-servers.com/public/defs.zip
  15. Hello. You are experiencing a false positive on the iTunes installer in memory. There is nothing malicious going on here and this is occuring most probably due to a recent update in the iTunes installer that is conflicting with a malware signature. This will be addressed in the next definition update, but for now you can "Accept" the harmful process when Ad-Watch informs you... Thanks //Steve