spike-nz

Volunteer Security Advisor
  • Content Count

    3,048
  • Joined

  • Last visited

Community Reputation

0 Neutral

About spike-nz

  • Rank
    Advanced Member

Profile Information

  • Location
    Auckland, New Zealand

Recent Profile Visitors

1,662 profile views
  1. I've had this problem intermittently with 8.3.1 to 8.3.3 (AAW 2010 Pro), for the past few weeks - maybe 5 - 6 times. Has never happened during scanning though. Uploaded crash dump to Jeff a couple of days ago - the devs might find it of use in tracking the cause.... Spike XP SP3 NOD32 AV - (AV only selected for scanning in AAW, not in Ad-Watch Live) ZoneAlarm Free firewall [b]EDIT:[/b] Just happened again, but did not create a crash dump file (only the last one was there).
  2. Hi Andy, Thanks for explaining the issues involved so clearly. I uninstalled/re-installed v2.6.1, so that I could read the toolbar's Terms of Use and fully agree with LS's position. Fortunately, I never accept new toolbars, default search engines, home pages, etc, no matter whether they are opt-in or opt-out. There are so many being pushed now, that they just clutter up the browsers' bars... and a blank homepage loads more quickly. Interestingly, although the program installer and "c:\program files\youtube downloader\biennesoftax.dll" are still being detected, the program executable itself (c:\program files\youtube downloader\youtubedownloader.exe) no longer is. Having deleted the installer, all that now shows up in a scan is the DLL file (integral to the program, or I would quarantine/delete that also). [attachment=8279:Scan_201...19_30_35.log] I take it that without the toolbar, the program can be used without the aggregation/revenue collection by Spigot Inc? (I have used other youtube downloaders, but this is my preferred app). Regards, Spike
  3. A couple of days ago, AAW Pro 8.3.1 detected "YouTube Downloader v2.5.5" as MyBrowserBar, which I put into Ignore for the time being, having used various versions without harm for some time. Today I updated to version 2.6.1, which is still being detected (I had to disable Ad-Watch to install this version) - given the number of downloads at [url="http://download.cnet.com/YouTube-Downloader/3000-2071_4-10647340.html?tag=contentMain;contentBody;1d"][color="#0000FF"]Cnet-Download.com - YouTube Downloader[/color][/url], I have a strong feeling that this is an FP. Logs from the detection of both versions are attached, together with the detected (zipped) files - I would attach the main executable, only it is over 4mb, and avilable from the link above: [attachment=8272:Scan_201...12_45_13.log] [attachment=8273:Scan_201...16_32_04.log] [attachment=8274:YouTubeD...r_v2.5.5.zip] [attachment=8275:YouTubeD...r_v2.6.1.zip] Regards, Spike
  4. Hi Andy, I have had the same detection - here is the relevant scan log, if it helps: [attachment=8264:Scan_201...14_14_54.log] Regards, Spike
  5. Hi trader1one, I run Reg Tuner on XP Home - the Full Registry backups are located in "[b]C:\Documents and Settings\[i]User Name[/i]\Application Data\Lavasoft\Registry Tuner[/b]" and the Partial backups (created each time you fix any errors detected by a scan) are located in "[b]C:\Documents and Settings\[i]User Name[/i]\Application Data\Lavasoft\Registry Tuner\Partial Backups[/b]". As part of my general system "housekeeping", I take a Full Reg Backup once a week, in addition to the Partials created during error-fixing. These have to be done manually - only Partials are created automatically during the fixing process. Hope this helps, Regards, Spike
  6. The Doug Knox fixes are well-known and reliable - we have used them regularly to assist users with similar problems in the past. @ Richard: Please see Ad Astra's posts regarding file associations in this archived thread (from late 2007, but still pertinent): http://www.lavasoftsupport.com/index.php?s...ost&p=56977 This may take some time and effort, so if you encounter any difficulties in restoring your file associations, please post back with any questions. Regards, Spike PS: I will be away from next week until the end of the month - I'll make sure that this thread is monitored anyway.
  7. @ ColTom2 and Casey, Some room for improvement, but light-years ahead of even two years ago The number of LS staff that I see logged into the forum, from all different departments (most of whom I recognise), is very encouraging. Whether or not they actually post is not the major issue for me (as previously stated, we do communicate regularly in the VM/VSA forums sections) - it is the fact that they are regularly here checking the latest issues, which is the best improvement for me compared to the situation some three years ago.
  8. Hi tmcd, As I said above, I haven't been able to locate any reference to the DivX.dll file submitted to Threatwork. I'll check my logs next time it is marked. I place the file into Ignore myself, when it is listed as suspicious and the Threatwork submission GUI appears. I took it out of Ignore (again) last night and ran a smart scan - then I ran a full scan today. So far, it hasn't been re-detected, but that may only be a matter of time... It was only detected twice because you canceled the first scan. It may well be that the file was similar to something recently added to the Defs - having been checked, it may no longer be viewed as suspicious. Or, it may pop up again in Threatwork at a future date. Regards, Spike
  9. Hi baljeet, Good to read that you managed to resolve your problem - I'll go ahead and close this topic now. If you need the topic reopened, baljeet, please contact me via PM. Anyone else should start their own new Topic. Regards, Spike
  10. Hi baljeet, Firstly, your opening statement: When you log into the Support Center and submit the details of your problem, do you get an auto-response email that Support has received your request? This should arrive fairly promptly - if you have never received one, then you should be checking your email/spam filtering settings, as well as your junk mail folder. You may find that Support has been trying to respond to you, but can't get through - a common problem for them... Secondly, your log clearly shows that the cookie in question has been cleaned: An obvious point to make is that you are likely to be revisiting the site which is loading that cookie each time that you go there. If it has only recently started appearing, then it may be that the site in question has only recently added it. I see that your OS is XP SP3, so I would suggest that you go to "Tools > Internet Options > Privacy" and select the cookie-handling level that best suits you - I would suggest either "Medium High" or "High". I would also suggest running at least a Smart Scan every day, if you really want to keep tabs on the "ad.yieldmanager" cookie - I alternate between Smart scans and (scheduled) Full scans from day to day, and often find the same cookie(s) reappearing. Regards, Spike
  11. Hi tmcd, AAW logs are located at "C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Logs" - I have had a quick check and can't locate any references to Threatwork submissions, however you may have more success searching there. That said, when Threatwork wishes to submit a "suspicious" file following a scan, the file in question is always listed in the Threatwork GUI. For example, Threatwork has had issues with a particular file on my system (DivX.dll) and has repeatedly asked permission to submit - after a few submissions, I simply added the file to "Ignore" and no longer get nagged about it (until I remove from Ignore). The file path/name is always listed in the GUI - in this case "C:\windows\system32\divx.dll". When an item is added to Ignore (or, for that matter, detected during a scan), the name is not always immediately apparent: To view the name, click on the arrow to the right of the "Action" list, select "Custom Action" and the file name appears: There is known malware that tries to masquerade as that particular file (and others similar in nature), so I remove it from Ignore on a regular basis and resubmit it. Try running another scan (a Smart Scan may be enough), and when the item is detected by Threatwork, check it's name and path. Something in your particular file is similar enough to known malware (or a malware family ID), that causes the "suspicious" flag to be raised. If you are certain that the file is not malware, or if it continues to be marked as "suspicious" rather than "definite malware", start a new Topic in the False Positives sub-forum, asking whether the particular file is safe to add to Ignore. Regards, Spike EDIT: Oops! Just deleted my own double-post - sorry about that
  12. You're welcome, TrDo. Always happy to engage in a sensible discussion. Regards, Spike PS: Mieke is one of our star volunteers - wish that I had one tenth of her knowledge. PPS: I'm sure that you will recognise our Symantec volunteer, if/when she makes her next post.
  13. Hi TrDo, I saw you in the thread after posting my reply, so I anticipated your response. Yes, free speech and debate is to be encouraged (although profane or mindless posts may be "hidden"). This is a "free" users community and without regular debate and input, it would die a not-so-slow death... .A feature of this forum which is not immediately apparent to the average user is that there are sections only visible to "accredited" volunteers. It is in these areas that we direct the attention of the appropriate LS staff to particular problems as they arise (Devs, Regd Support, PR, etc), in order to save them time in having to trawl through all of the posts. The positive element is that any newly-arisen problems are immediately reported to the correct section of LS staff, who may then work on the issues raised without having to take time to post individual replies. The drawback is that many users may feel that issues are not being immediately addressed by posters without "LS" in front of their names - that said, LS staff do post in a number of sub-sections regularly. However you may view this system, it works for us - we have regular, in-depth and on-going debates about the manner in which individual issues are being handled, all of which is monitored by LS staff. Some of it is very frank and open, and spills over into individual public threads - again, free speech in action. Just because we all volunteer our time to this forum does not mean that we all agree on the manner in which a particular issue is being prioritised, etc. Personally, I would rather have volunteers in every time-zone directing paid staff to important issues as they arise, rather than have paid staff trawling through every post/thread looking for work to do. FYI - we have an extremely experienced, long-standing Symantec/Norton forum volunteer working both fora, reporting on any issues which may affect both products. Back to you, regards, Spike
  14. Hi TrDo, Sure do - I have had serious problems (system crash, blue screen, you name it) with McAfee, Norton, WMP, Quicktime, and a whole host of other "reputable" programs over the last decade - none of whose forums provided the level of support to be found here. That said, in the 9 years that I have been a regd user of Ad-Aware, neither I nor any of the relatives or friends that I have persuaded onto the bandwagon, have had any issues with AAW that have not been resolved either through Regd Support, or for Free users, through this forum. That is not to say that particular problems have not arisen over the years, all of which have been resolved with a little patience. A number of "professional" products have bucked that trend - McAfee is notorious here in the forum, for requiring existing anti-malware or firewall products be removed (including ALL registry traces) before it's paid products will install. This has been an obvious attempt to remove competition, as Lavasoft, Norton and ZoneAlarm products have all been targeted by this approach. Contact McAfee Support, and all you will be told is that the "offending" product must be completely removed for their product to install/work as advertised.... you won't find LS/AAW resorting to these tactics. Two years ago, McAfee was forced into releasing a "patch" that would allow competing products to work properly, due to unprecedented consumer protest... As an LS volunteer, I have been dealing with this exact problem for nearly 3 years !! Even now, we still have to assist AAW users to remove every last trace (including registry entries) of AAW, before McAfee will install - after that, AAW maybe installed and both programs will co-exist happily. As malware evolves and products such as AAW evolve faster to keep ahead, particular problems do surface from time to time - no matter how well each update/release is tested, it cannot replicate every permutation of system configuration out there in the real world. Finding answers to individual users' issues will always take up a very significant portion of the Dev's time. That said, Ad-Aware was the original standard-bearer in the anti-malware world 10 years ago, and is still the leading light in the battle in the anti-malware fight. No matter how advanced Lavasoft's products become, they have committed to always having a "free" version. Spike