windows defender and avast Results


Page 1 of 2.
Results 1...20 of 22

Sponsored Links:



I just noticed some conflict between Windows Defender and Avast. I couldn't update Avast, and Windows Defender wouldn't start. It's been going on for some two weeks.

Just to give you the info. There seems to be some conflict, I solved it by closing Defender.

Best of all.




A couple of weeks ago I installed Windows 8 (fresh install from scratch, not an update) on my computer. I do a lot of web browsing and over the last couple of weeks I've been using Windows 8, I could swear the web browsing wasn't as fast at it used to be on Windows 7.

I then noticed I was having major issues bringing up my router's control panel (ASUS RT-N56U) so thinking it was my router I upgraded the firmware. Turned out, the Avast Anti-Virus I was running has issues with Windows 8. I removed AVAST and turned on Windows Defender (which in Windows 8 is also an anti-virus program now referred to MSE - Miscrosoft Security Essentials). MSE has gotten fairly good reviews so I decided to use it, for maximum compatibility with Windows 8.

However, although the router control panel would now come up okay, browsing still seemed to not be quite as fast as it used to be. I sat down at the old 5-year old Dell Desktop next to me that is running Windows 7, both computers were connected to the router via Gigabit Ethernet. I tested network speeds with Speedtest.net to make sure they were both getting the same Internet speeds (which they were.) I found a couple 'heavy' web pages to test:

Epicurious.com: Recipes, Menus, Cooking Articles & Food Guides (home page)
sports.yahoo.com (home page)

The browsing was MUCH faster on the Windows 7 machine!! So I decided to do more of a controlled test.

The Samsung Notebook is a Series 6 Core i5 with 6GB RAM and 64GB SSD running Win 8 Pro 64-bit. Windows Experience score of 5.9. Windows Defender (MSE) Anti-Virus. Windows Firewall Turned OFF!

The Dell Desktop is Intel Q8200 with 6GB RAM and a 5400RPM HD running Win 7 32-bit (not sure why 64-bit didn't install, sort of strange but oh well). It had a Windows Experience score of 3.6. Avast Anti-Virus. Windows Firewall turned OFF. Windows Defender turned OFF.

I went into Windows Task Manager on both computers and ended most if not all tasks that were not critical to the system and no other programs except the browsers were running.

I removed all plug-ins and add-ons from Chrome except the Page Load Time extension plug-in which can be downloaded here:

https://chrome.google.com/webstore/d...pmkogoaohcdbig

I also tested on FireFox using this add-on:

https://addons.mozilla.org/en-US/fir...ry/?src=search

On the Windows 8 Machine I also tested with Internet Explorer 10 - unfortunately I couldn't find a page load speed monitor for it that would work so I could only do an informal visual+verbal count, stopping when I saw the page stop X in the URL bar change to the reload symbol indicating the page had completed loading.

On both test pages I refreshed the pages at least 10 times and averaged the scores. I looked at the page load speed monitor result but I also did a visual+verbal count out loud until I saw the page stopped loading objects.

The results were astounding (and very frustrating/disappointing because otherwise I really like Windows 8 as the OS in general seems better/faster than Windows 7 for multitasking)

Here's the results:

Windows 8 + Fast Machine + Chrome 23.0.1271.95 m on epicurious.com: ~ 3.5 sec load counter / ~ 5.5 sec visual/verbal count

Windows 7 + Slow Machine + Chrome 23.0.1271.95 m on epicurious.com: ~ 2 sec avg / ~ 3.5 sec avg visual/verbal count

Windows 8 Fast machine + Chrome on sports.yahoo.com: 5 sec avg / 5 sec avg

Windows 7 Slow machine + Chrome on sports.yahoo.com: 2.5 sec / 3 sec

Windows 8 Fast machine + FireFox on epicurious com: 4.5 sec / 4.5 sec

Windows 7 Slow machine + Firefox on epicurious.com: 2.5 sec / 3 sec

Windows 8 Fast machine + FireFox on sports.yahoo com: 5.25 sec / 5 sec

Windows 7 Slow machine + Firefox on sports.yahoo.com: 2.5 sec / 3 sec

Windows 8 Fast machine + Internet Explorer 10 on epicurious.com: ~ 5 sec visual/verbal count

Windows 8 Fast machine + Internet Explorer 10 on sports.yahoo.com: ~ 6 sec visual/verbal count

(I didn't bother testing IE 10 on the Win 7 machine)

It is clear, that something in Windows 8 is causing the browsers to load web pages 30-50% slower. If you have a very fast Internet connection (like me - 35 mbit/s download and 6 mbit/s upload) in regular use, the difference may not be that noticeable to the "casual user" as the difference between as a 3 sec and a 5 sec page load speed are both fairly fast for these two sites.

But it you have many sites open at once and are multi-tasking and clicking lots of links hours at a time, it IS noticeable. Downright depressing when you compare it to a Windows 7 machine especially considering the specs on the Win 8 machine are much better hardware wise! If anything the Windows 8 machines should be faster.

Now I know a some people are going to be skeptical about my findings or give suggestions as to something that may be wrong with my particular PC. Obviously every PC is different, having different configurations, apps loaded, processes running, etc. But in my 25+ years in the Tech Industry my gut is telling me there's something not right with Windows 8 and it is just a matter of time until enough people complain to Microsoft about it to get their attention to find the cause of the issue and fix it.

HERE'S A COUPLE IMPORTANT POINTS WHY MY GUT IS TELLING ME IT IS A WINDOWS 8 ISSUE:

* I tried the tests on Windows 8 with Windows Defender (MSE) turned OFF, Firewall turned OFF. No anti-virus programs running. IT MADE NO DIFFERENCE.

** I made sure the drivers for both my Ethernet and Wi-Fi Networking were the latest drivers. They are the on-board Intel 82579M Gigabit Ethernet and Centrino 6230 Wireless.

*** Running the tests on Wifi instead of Ethernet ALSO MADE NO DIFFERENCE.

The facts seem to point to something in the Windows 8 Operating System is slowing things down. I wish I knew what it was as I feel so frustrated that this new powerful Samsung Core i5 notebook running Windows 8 has slower web browsing than than 5-year old Windows 7 Dell Desktop sitting across from me.

I have seen many other posts about Chrome running slowly on Windows 8. It isn't just Chrome!

*** I would encourage others to run these tests as I would at least like to be 99% confident that I don't have some hardware or driver issue. ***




Hi All,

I've come across a major problem with my windows 7 rc drive. It has been running perfectly for the last week and i've been loving the changes. Until today everything was fine, i had left my pc on to download a "linux mint" iso image whilst i was asleep.

When returning to check on the download i noticed that all the icons from my desktop were missing. Opening up drive C (where 7 is installed) shows me that all program files, user data and most windows files have been deleted. This includes files from programs that are still open (e.g firefox.exe had gone even though it was currently running, firefox was completely unusable though).

Windows wouldn't boot after restarting, although with almost no files to use i suppose thats understandable.

I have been using 7 in the same configuration as the vista installation that it replaces (the vista installation has been fine for 2 years without any issues like this).

The UAC slider was set to max, and the only other security software i use other than windows firewall/defender is Avast! Antivirus and Malwarebytes. Both of which seem to have been running without any issues. I'm very cautious when it comes to the software i use/download.

Has anybody else encountered any problems like this? I really don't understand what could have happened, nobody has access to my pc either (it was password locked with ctrl+l before i unlocked it this morning). Also my wireless network is fully protected (and i live in the countryside with nobody in range of my wireless network).

It's a good job i keep regular backups!




I downloaded Windows Live Movie Maker (WLMM) and installed it. When I try to use it I get a load error msg: WLMM encounter an unexpected error and has shut down. Error 0x80004005. I tried to uninstall and reinstall it but there is no straight way of doing it with Live Mail being installed. Any help would be greatly appreciated. Thanks orlan
--------------------------------------------------------------------------------------------------------
Windows 7 Home Premium -64Bit - Dell 435T - 6GB RAM - WD 1.5 TB External HD - IE8 - Avast Antivirus 5.0 - Spybot S&D - ZoneAlarmPro - Malwarebytes' Anti-Malware - Windows Defender - Windows Malicious Software Removal - SuperAntiSpyware - Spyware Blaster - cCleaner - Glary Utilities - Speccy - Dialup.




I have a 750 GB HHD of which is partitioned into 683 GB C: drive and 14.9 GB D: drive. C: drive has 598 GB free space and D: drive has 11.8 GB free space. I want to create a new partition x in which I plan to clean install Win 7. I will then transfer from the C: drive partition all my files, videos, pictures and miscellaneous to this newly created partition. I know that I have to have dual boot setup. After I have setup up and tested out Win 7, I plan to delete the old Vista C: drive partition. I believe this can be done but I need to know what the down side and pitfalls of doing this will be. Knowing this will help me determine if I should do this versus doing it the traditional way of erasing the HHD, repartitioning it and rebuilding the drive.

Any advice from those who have done this method would be greatly appreciated.

regards
johnb
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Vista Home Premium, SP2, 64Bit, Dell 435T, 6GB RAM, IE8, Avast Antivirus 5.0.594, Spybot S&D 1.6.2, ZoneAlarmPro 9.1.6, Malwarebytes' Anti-Malware 1.46, Windows Defender, Windows Malicious Software Removal, SuperAntiSpyware, Spyware Blaster, cCleaner, Glary Utilities, Speccy and Dialup.




I installed a Western Digital My Book Essential with no problems. Works fine. When I try to install a update to the firmware, I get the Blue Screen of Death (BSOD) with the following msg.
"STOP: 0x0000003B (0x00000000C0000005,0xFFFFF800026E61B4,0xFFFFFA600 7C47D80,0x0000000000000000)".

I have talked with WD Tech Support and they have not seen this problem before and they can't help. I tried looking on MS Support for error codes but can't find anything.

Does anyone on this forum have any ideas or suggestions? Any help would be greatly appreciated.

regards
johnb

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Vista Home Premium, SP2, 64Bit, Dell 435T, 6GB RAM, IE8, Avast Antivirus 5.0, Spybot S&D, ZoneAlarmPro, Malwarebytes' Anti-Malware, Windows Defender, Windows Malicious Software Removal, SuperAntiSpyware, Spyware Blaster, cCleaner, Glary Utilities, Speccy 1.00.125 (Beta) and Dialup.




Please accept my apologies for the length of post but trying to give all relevant info. I am working on the assumption that I have an infection hence posting here if in wrong place please move and let me know.

Desktop PC - Win 7 Prof SP1 (from clean install about 1 year ago) 64bit – 8GB Ram
Laptop Win 7 Prof (SP1 using downloaded SP1 file again about 9 -10 months ago) 32bit – 4GB Ram
Both have static IP addresses.
Windows FULLY upto date as are the browsers.
Virtual Ram handled by Windows (see further down post for reason for supplying this info.)

Security software on both PC’s:
Comodo firewall (free) – Avast AV (free) – Malwarebytes (paid version) – Win Patrol (paid version) – Spyware Blaster – CCLeaner (run at about 4 or 5 day intervals)

There is different software on each PC.
I have been running these programs for a couple of years without problems or conflicts.

Problem details:
This issue is the exact same on BOTH PC’s which are on a HOME Network with the usual shared folderspartitions.
I cannot access the following websites. When this issue started I have no idea because these are not sites I go to on a regular basis. I first discovered it about 1 week ago. There is NO warnings (404 etc other than eventually Time out) Both sites can be accessed on spare (NON-Networked) PC.

When I try to access my Amazon account (see link below – both typed in and using Favourites link) it does not open. I CAN access Amazons’ home page without problems.
It is only when I try to log-in that I have problems here. I have tried accessing both Amazon UK & Amazon US.
I can access
http://www.amazon.co.uk which then goes to
https://www.amazon.co.uk/gp/css/home.../ref=topnav_ya

The same happens when I try to sign-in to my Hotmail account, or virtually any (secure https:// and or normal http://) MS site[s]. In this instance the sign-in page just never gets there. There are not error message in either case. Microsoft.com and Microsoft UK with the same results.
Hotmail:
http://sn102w.snt102.mail.live.com/d...?wa=wsignin1.0

it then goes to https://login.live.com/login.srf?wa=...cxt=mai&snsc=1 and sits there going nowhere. [Blue circle keeps going round and round].

PING [microsoft.com] times out and fails. [IP addresses 65.55.58.201 & 65.55.57.27:]

I CAN access other HTTPS:// sites without problems (I am able to log into other [non-MS]) web mail etc. on both problem PC's) I also have no problems accessing any other http:// site[s]

Steps taken to try and resolve this:
Tried to access site at different times of the day.
Disabled ALL security programs [AV – Anti-Malware – Firewall etc.]
Ran full security scans in Windows and Safe Mode. (Also turned of malicious web site blocking in Malwarebytes to see if this could be at fault)
Ran BOOT scans with Avast.
Set Spybot to run as windows was loading.
Ran Kaspersky emergency boot disk (10)
Ran on-line security scans (Symantic)
Installed and ran SybotSD.
Started and updated Windows Defender and ran full scan.
Disabled GHOSTERY in all browsers.
Tried 4 different browsers (by default I have Opera + FF + IE [8]) downloaded and installed Chrome.
Also tried pinging (the above links) both of which failed.
Ran all browsers, WITH & WITHOUT add-ons.

NO toolbars installed and never has been other than the Avast program.
Re-set DNS cache.
Resetrepaired WINSOCK
Re-set MBR from with-in Acronis (but once again I do not know when this started so (if infected) this could also be infected. I also fixed MBR using Emergency Boot CD and entered
bootrec /fixmbr [enter]
bootrec /fixboot [enter]
Nothing found anywhere.
[I can access the above when I use an old PC (which IS NOT networked) I keep for emergencies and on my phone.]

I CAN doget windows updates (using Auto Check or clicking onto linkshortcut in the All Programs List and [repeat] I CAN ACCESS OTHER HTTPS:// SITES WITHOUT PROBLEMS

Re-inserted an Acronis image (which was 5 weeks old) with same results, but as I said I am not certain when this started so the image might well have been infected [if that is the cause] NO new software has been installed on both PC’s for a few months except for SpybotSD due to this issue.

I have tried all these "fixes" on both DT & LAptop but have decided to concentrate on getting the DT to work at the moment.

Turned off System Restore
Stopped VIRTUAL MemoryPaging File to see if something was lodged in there and came up against something I have never seen (or heard of) before. When I rebooted PC I got message saying windows had created a Temp Paging File. See attachment below for exact details. In 18 years of using PC’s I have never had this message when disabling virtual memory. This might be related or it could be a separate issue. When I cancel Paging file Windows SHOULD NOT create a temp one especially when I have 8GB Ram installed.

Virtual Memory message.jpg

It has been years since I have had to run Hi Jack This on either my own pc's or on the pc's I mantain for other folks and have forgotten exact procedure so please advise for this so that I can post log up. (also post as an attachment or just copy and paste?)

If solutionrepair cannot be found it will mean re-installing windows and programs (ouch)
All passwords have been changed and card details removed from Amazon.




Hello all,
I've been having issues installing the free version of Avast Antivirus (version 7) onto my Win8 Pro desktop. I've since removed it, but it was causing my machine to constantly give me the BSOD (specifically, the "DRIVER_IRQL_NOT_LESS_OR_EQUAL" error). It pointed to the file ndis.sys as the one causing the error. I've read sources online that most antivirus programs don't like to talk to the system very well on Windows 8, and I'm left with using the built-in Windows Defender system. I would sure like to use something a little better than that, but any suggestions would be greatly appreciated. Thanks! -Joe

System specs:
AMD Phenom 9500 Quad-Core Processor (2.2GHz)4GB PC2-6400 DDR2 SDRAM64-bit system architectureNVidia GeForce GT520 graphics - 1GB dedicated graphics memory




I have successfully Vlited Win7022 to the size of 1.27g so that it can run fast on my old laptop with 528 ram. Following is the vlite log of items removed, mostly Media Center, languages, drivers (I have my own)).

To avoid having to download the huge MS add-on to vlite, simply install the old 1.1.6 version and then upgrade/overwrite it with the latest 1.2. There is no 7lite yet, but vlite recognizes and works with w7 well.

Particularly nice is that the popular web download of Window 7 beta LITE had a sticky notes bug which required removing it, however with this config sticky notes, gadgets and everything else works fine.

With security center, defender, updates services disabled, no aero and graphics edited down, I am idling at 208 mb. Re-enable these and it idles around 256 which is only half my ram. The lowest impact av is always Avast, and I use Spybot to manually rightclick scan downloads..

; vLite preset file
;
;#Environment:
; vLite v1.2
; Framework 2.0.50727.3521
; Microsoft Windows NT 6.1.7000.0 32-bit
;
;#Target:
; Windows 7 ULTIMATE 32-bit
; Version 6.1 English (United States)
;
[Compatibility]
Aero Glass
File and printer sharing (Server)
Internet Explorer
Internet Information Services (IIS)
Recommended
Scanners and Cameras
System Restore
Windows Fax and Scan
Windows Update

[CustomHide]
[ Removed Components]
;# Accessories #
Accessibility
Games-Inbox Games
Games-Premium Inbox Games
Speech Support
Welcome Center
;# Drivers #
Diva Server
Modems
Printers-Generic printer
QLogic Fibre Channel Adapter
Scanners
Storage controllers-Adaptec
Storage controllers-Elxstor
Storage controllers-IBM ServeRAID
Storage controllers-ICP vortex
Storage controllers-Intel (Matrix)
Storage controllers-nVidia
Storage controllers-SiS
Storage controllers-Via
TV Tuners-ADS Technologies
TV Tuners-ASUSTeK Computer Inc.
TV Tuners-AVerMedia Technologies, Inc.
TV Tuners-Compro Technology Inc.
TV Tuners-Creatix
TV Tuners-Hauppauge
TV Tuners-KNC ONE GmbH
TV Tuners-KWorld
TV Tuners-Lumanate, Inc.
TV Tuners-Philips Semiconductors
TV Tuners-Pinnacle Systems
TV Tuners-TerraTec Electronic GmbH
TV Tuners-VidzMedia Pte Ltd.
;# Hardware Support #
Firewire (1394)
Floppy Disk Support
TV Tuner support
XBOX 360 Controller
;# Languages #
Arabic
Brazillian
Bulgarian
Croatian
Czech
Danish
Dutch
Estonian
Finnish
French
German
Greek
Hebrew
Hungarian
Italian
Japanese
Korean
Latvian
Lithuanian
Norwegian
Polish
Portuguese
Romanian
Russian
Serbian
Simplified Chinese
Slovak
Slovenian
Spanish
Swedish
Table Driven Text Input Processor
Thai
Traditional Chinese
Turkish
Ukrainian
;# Multimedia #
Media Center
Media Metadata Handler
Music and Video samples
Sample Pictures
Screensavers
Wallpapers
;# Network #
Connect to a Network Projector
;# Services #
Offline Files
Remote Registry
;# System #
Natural Language
Parental Controls
Tablet PC
Windows Easy Transfer
[Options]
DEP (Data Execution Prevention) = Default
User Account Control (UAC) = Disabled
AntiSpyware Realtime Protection = Default
Memory requirement = Default
AutoPlay = Enabled
Paging Executive = Enabled
Power scheme = Balanced
Power button = Shutdown
Sleep button = Default
Control Panel - Classic View = Default
Show hidden files and folders = No
Show protected operating system files = No
Show extensions for known file types = No
IE Phishing Filter = Default
IE Phishing Verification Ballon Tips = Default
[Services]
[Protection]
[Drivers]
[Unattended]
[Hotfixes]
[LanguagePacks]




Alright i have a new new laptop and everything trust me the specs are more than good enough for win 7

im running win 7 64bit

i was on utorrent and my whole laptop froze, nothing i could do, i had to hold the power button to power down
then when i turned my pc back up after a couple of minutes it never got passed the starting windows screen
i see the four little balls moving around and forming the windows sign but then nothing
then i tried booting in safe mode and that worked for a while i deleted everything that had to do with what i was doing on utorrent and i ran my anti-viruses, avast and AVG defender and they came up with nothing
after a while i couldnt even get to safe mode
i went in my bios and i changed my boot order so that my hdd is my first choice because it kept searching for cds and didnt find any because big surprise no cd in the drive
and i accidentaly turned off fast boot i dont kno what i was doing there but what ever
and finally now it shows my options before boot
but when ever i press any of them it takes me to a black screen that tallies up the amount of physical memory i have
and a couple more of my pc's specs
then it sends me to a screen that is like white and change to like a bar of black
ive tried lettin that run for a while and it wont do anything
i need to bypass this or get some trick to get me back into windows

PLEASE POST AND HELP

AL3X




Hi All

I recently purchased a Samsung Laptop, everything worked well for the first 3 days.
Yesterday I installed Avast Internet Security Version 6.0 (I had a free license available)
Also right before shutting off the pc (for the last time it worked correctly) Windows 7 installed 61 updates.
After installing the updates I tried turning on the laptop later on I got the option to input password and heard the trademark startup sound and then it goes to a black screen asking if I want to enter safe mode or safe mode with networking.
So I am not certain if this maybe an error with the system updates or Avast!
Additionally I believe Windows defender had requested to do a scan which i had planned on doing but never did.

How should I go about correcting this error?
A registry scan ? System Restore ?
Or could it be faulty hardware?

Please help

Specs : Samsung R540-JA04
Windows 7 Home Premium 64-bit OS




Did an upgrade install of Win 7 over my Vista SP2. All seems well except that my Gadgets: a) disappear after a reboot and b) "ghost" if I drag one onto the desktop (one gadget will work the other does nothing) and c) the Gadgets will not "configure" - can't change opacity, etc. Have tried the UAC slider in various positions - no difference (my preference is "off")

I know that I'm not alone with this - any fixes? Thanks.

Athlon 64 4800+ CPU, 4 GB RAM, ASUS A8N-E motherboard, Avast! AV, Windows Defender, NVIDIA video




Are you a Windows user? Do you make sure that your antivirus program is updated regularly? Do you feel safe? You shouldn’t! Read on to find out why …
Security researchers at Matousec.com have come up with an ingenious attack that can bypass every Windows security product tested and allow malicious code to make its way to your system.

Yes, you read that right - every Windows security product tested. And the list is both huge and sobering:
3D EQSecure Professional Edition 4.2avast! Internet Security 5.0.462AVG Internet Security 9.0.791Avira Premium Security Suite 10.0.0.536BitDefender Total Security 2010 13.0.20.347Blink Professional 4.6.1CA Internet Security Suite Plus 2010 6.0.0.272Comodo Internet Security Free 4.0.138377.779DefenseWall Personal Firewall 3.00Dr.Web Security Space Pro 6.0.0.03100ESET Smart Security 4.2.35.3F-Secure Internet Security 2010 10.00 build 246G DATA TotalCare 2010Kaspersky Internet Security 2010 9.0.0.736KingSoft Personal Firewall 9 Plus 2009.05.07.70Malware Defender 2.6.0McAfee Total Protection 2010 10.0.580Norman Security Suite PRO 8.0Norton Internet Security 2010 17.5.0.127Online Armor Premium 4.0.0.35Online Solutions Security Suite 1.5.14905.0Outpost Security Suite Pro 6.7.3.3063.452.0726Outpost Security Suite Pro 7.0.3330.505.1221 BETA VERSIONPanda Internet Security 2010 15.01.00PC Tools Firewall Plus 6.0.0.88PrivateFirewall 7.0.20.37Security Shield 2010 13.0.16.313Sophos Endpoint Security and Control 9.0.5ThreatFire 4.7.0.17Trend Micro Internet Security Pro 2010 17.50.1647.0000Vba32 Personal 3.12.12.4VIPRE Antivirus Premium 4.0.3272VirusBuster Internet Security Suite 3.2Webroot Internet Security Essentials 6.1.0.145ZoneAlarm Extreme Security 9.1.507.000probably other versions of above mentioned softwarepossibly many other software products that use kernel hooks to implement security featuresThe attack is a clever “bait-and-switch” style move. Harmless code is passed to the security software for scanning, but as soon as it’s given the green light, it’s swapped for the malicious code. The attack works even more reliably on multi-core systems because one thread doesn’t keep an eye on other threads that are running simultaneously, making the switch easier.
The attack, called KHOBE (Kernel HOok Bypassing Engine), leverages a Windows module called the System Service Descriptor Table, or SSDT, which is hooked up to the Windows kernel. Unfortunately, SSDT is utilized by antivirus software.
Note: The issue affecting SSDT have been known for some time but as yet haven’t been leveraged by attackers. However, as multi-core systems make this attack more reliable, and they are now becoming the norm, this is now a much greater threat.Oh, and don’t think that just because you are running as a standard user that you’re safe, you’re not. This attack doesn’t need admin rights.
However, it does require a lot of code to work, so it’s far from ideal for attackers. That said, its ability to completely neuter security software is quite frightening. I assume that security vendors the world over are now scrambling to come up with a fix for this issue.
[UPDATE: Graham Cluley, Senior Technology Consultant at Sophos, has this to say:
The dramatic headlines might make you think that this is TEOTWAWKI*, but the truth is somewhat different.
Because KHOBE is not really a way that hackers can avoid detection and get their malware installed on your computer. What Matousec describes is a way of "doing something extra" if the bad guys' malicious code manages to get past your anti-virus software in the first place.
In other words, KHOBE is only an issue if anti-virus products such as Sophos (and many others) miss the malware. And that's one of the reasons, of course, why we - and to their credit other vendors - offer a layered approach using a variety of protection technologies.While Cluley has a point here in that AV companies will still be able to add signatures to detect any KHOBE-like package in the wild, thus labeling the whole thing as malware and preventing it from getting a foothold on a system in the first place. But this still doesn't change the fact that there's one vulnerability here that basically "rules them all."
Paul Ducklin, Sophos's Head of Technology, has this to add:
So the Khobe "attack" boils down to this: if you can write malware which already gets past Sophos's on-access virus blocker, and past Sophos's HIPS, then you may be able to use the Khobe code to bypass Sophos's HIPS - which, of course, you just bypassed anyway. Oh, and only if you are using Windows XP.
In short: Sophos's on-access anti-virus scanner doesn't uses SSDT hooks, so it's fair for us to say that this isn't a vulnerabilty for us at all. But what about other anti-virus software? Though I'm not usually an apologist for our competitors, I feel compelled to speak out in this case.
The fuss about Khobe is in my opinion unwarranted, and the claims that it "bypasses virtually all anti-virus software" is scaremongering.While I agree with the majority of what Ducklin has to say, I take issue with two points. First, that throwaway "Oh, and only if you are using Windows XP" line belittles the fact that while Vista and 7 users are safe, some 60% of PCs still use XP, and quite a lot of these are multi-core equipped. Secondly, while Sophos's own on-access scanner might not use SSDT hooks, it's clear that a lot of products do.
F-Secure has the following on KHOBE:
This is a serious issue and Matousec's technical findings are correct. However, this attack does not "break" all antivirus systems forever. Far from it.
First of all, any malware that we detect by our antivirus will still be blocked, just like it always was.
So the issue only affects new, unknown malware that we do not have signature detection for.
To protect our customers against such unknown malware, we have several layers of sensors and generic detection engines. Matousec's discovery is able to bypass only a few of these sensors.
We believe our multi-layer approach will provide sufficient protection level even if malicious code were to attempt use of Matousec's technique.
And if we would see such an attack, we would simply add signature detection for it, stopping it in its tracks. We haven't seen any attacks using this technique in the wild.Are you reassured?]
Mac and Linux users, feel free to engage “smug mode” for a little while …

UPDATE - New attack bypasses EVERY Windows security product | ZDNet

Correct me if I'm wrong but I don't see MSE mentioned....




I have a desktop and a laptop computer. I have W7 installed on the desktop and used to have WinXP Pro on the laptop. I was able to share the 1510 (which is connected via USB to the desktop) using the laptop over wireless connection. I just installed W7 onto the laptop and now I get an error message when trying to add the printer to the laptop. The error message I get is:
"Windows cannot connect to the printer. some driver files are missing or incorrect. Reinstall the driver or try using the latest version."

http://h10025.www1.hp.com/ewfrf/wc/softwareDownloadIndex?softwareitem=al-75052-1&lc=en&dlc=en&cc=us&...

Here is the link to the drivers that I installed. I believe it is the latest version. I also turned off Avast, Win Defender, & win firewall on both computers, but it did not help. One other thing: I am able to share files using either Homegroup or the old fashioned way - using the network connection. I hope there is a fix for this. Any ideas?
Forgot to mention-both Win7 computers are 64 bit. The XP Pro was 32 bit.




Background: I'm running Windows 7, 64 bit, with IE9.

Symptom: Internet access works fine with everything, except any program that seems to be tied to Internet Explorer. Programs such as command line utilities (Powershell, etc.), other browsers (Chrome, etc.), FTP, Usenet reader, Tweetdeck, Dropbox, etc. all work properly. However, IE9, desktop gadgets and a couple of other programs cannot access the internet. It is like a component in IE9 (such as a driver file, a service, registry setting, or something else) is missing or mis-configured.

This all started one day when I had shut the computer down. When I restarted it, the network interface was not working at all--I could not even ping the router. I ended up having to go to Device Manager, delete the network card, have Device Manager detect it again, and reinstall it. Everything on the network came up properly but, at that point, IE and everything else tied to it (like gadgets) were no longer working.

Here is what I've done so far...

1. Looked at ipconfig /all and everything looks good.

2. HijackThis showed nothing that I did not recognize; it did complain about some common missing files, but it turns out that these entries are caused by using 64-bit Windows.

3. In addition to Windows Defender, I also run Avast antivirus. I ran a full scan in both programs and nothing bad turned up. I also downloaded a couple of others (Spybot S&D, Malwarebytes, etc.) and they did not find anything either. The only oddity is that in Avast, it complains that it cannot start the Web Shield protection, and I've even uninstalled and reinstalled Avast.

3A. I also disabled Avast, and also tried the computer with Avast uninstalled. No difference.

4. IE is not set to offline mode. (That's a common issue I've found. )

5. Ran the System File Checker--all files check out OK.

6. Looked at the Event Viewer immediately after trying to use IE, but no errors are thrown. (Unless I need to set Event Viewer to log additional events.)

7. I did a full reset of IE9, per Microsoft's instructions.

8. Just about all Windows updates have been applied, except for the past month or so that I've had this problem--I did not want to make things worse. (They are downloaded but NOT installed, in other words.)

9. I also reset Winsock using netsh winsock reset.

10. I disabled the Windows Firewall in case a corrupted entry was in the table; no luck. I do not run any other firewalls. The router has a firewall, but that has been in place for almost a year.

11. As for other things I've done, I have looked through the Local Security Policy, running services, etc., and don't really see anything out of the ordinary.

I did try this at one other Windows forum, but when I made one mention of checking registry settings, I got "talked down to". I am more of an advanced user, so I prefer to work via command line, policy settings, etc. rather than mess around with "for dummies" fixes like the other site was pushing me toward.

I have seen other complaints about this same problem, but have read through them all and none of the fixes applied, or some never were resolved.

It's a minor problem for me (I rarely use IE), but still, I'd like to have it working.

Thanks!




Hi All,

I've just joined so hello to all!

I hope you can help me with this very annoying issue:
--------------------------------------------------------------------------------
Background:
I recently upgraded a client's computing site installation. 4 Desktops, software (XP/MS Office 2003 to W7/MS Office 2010) and one MFD. To save some time and make the transition smoother (and attempt to iron out any unforseeables) I set the 4 new workstations up at home - at cat5 hardwired through a TP Link Router under a Workgroup, with each workstation named WORKSTATION01, 02,03 and 04, with file sharing via the workgroup, appropriate advanced sharing center settings and routing via DHCP (dynamic IPs).

Issue:
The network worked flawlessly at home for two weeks, whilst I installed the inevitable updates and made sure when I installed at the site, everything was as up to date as possible and any issues ironed out.

However, the client started loosing the ability to navigate to another WORKSTATION via MS Explorer - typically, it would happen in the afternoon. Some days, it wouldn't happen at all.

BUT! WORKSTATION01 never looses Workgroup visibility in MS Explorer - only the other 3 do - and not all at one time always.

I've compared all settings on WORKSTATION01 with the other (offending) 3 and they are the same.

All work stations peer at the same level - there is no (higher) server as such. Although WORKSTATION01 has the clients accounting software data file on it and important documents are stored under a SERVER folder which is resident on WORKSTATION01's hard drive.

The "visibilities" are always fine when they boot the machines up in the morning.

If a device looses the MS Explorer visibility to the Workgroup (under Network) - sometimes rebooting the device restores it, some times it doesn't.

They don't loose the MS Explorer visibility if they leave a session(dialogue) permanently open - but they shouldn't have to to that.

I've set up a desktop folder with inter-workstation short cuts as a work around and they always work.

Other Considerations:
1) SOFTWARE - running Windows Defender with Firewall On and Avast.
2) FIREWALLS ON/OFF - I've read a lot of threads - the jury seems out on this - some advocate turniong them off, others fervently announce this should NEVER be done - use the right settings!
3) DHCP vs STATIC IPs - again, plently of dispute on this as to whether DHCP or static IPs should be used for device routing.

OK, that's it, tried to put as much initial info in here as possible and If you've read the above and arrived here - thank you for your interest and patience.

Hope you can help please!?

Kind regards

Colin




Dear Friends, I would like to have your advise on this issue of mine I am stuck in. I had installed Avast antivirus a couple of months back, but even though the program was working and on, about five viruses happened to make roots and the system was unstable. I was advised to try avira instead, and I did. But here I would like to tell you I got mixed up, I installed avira when avast was on. In the same condition I tried uninstalling avast through ccleaner. the pc got restarted, but I still could see avast in the task bar. Avira did manage to find the viruses and clear it. But then in C: program files Alwil folder is still their, in startup it is still their, I cannot disable the startup, nor I could delete the folder, but avira is working fine. How could I get rid of this avast folder, even now windows defender is not working showing some error , unable to start. Restoring doesn't work either. Any suggessions? Ashfaq.




I use Vista Home Premium on a new HP. Frequently, IE7 puts up a completely blank page...no toolbars, no status bar and no 'red x' to close it. F 11 does nothing to it. It looks like I painted my entire screen white and I have to use the Task Manager to close it. What's even stranger is that it can happen from my desktop before I've even opened IE. I use Avast Virus, Spysweeper, SB S&D, Spyware Blaster, As-Aware and Windows Defender. Any thoughts? Thanks,




Lately, on an XP SP3 desktop, at boot this is jumping to some 500k of RAM usage, thus running my 1G of RAM to 90% with all the other processes running. Avast 5 (free) and Windows Defender are the other security apps that run real time. Has anyone else noticed this lately? Thank You!




I have a program called 'CalendarPal'. http://calendarpal.com I've used it for years with no problems. 61 hours ago, it stopped updating the weather.
I wrote to the company and they sent me this reply...

"Accuweather is working perfectly and so are its weather feeds. CalendarPal Weather is updating correctly.

There are only two reasons why your weather would not be updating:

1. you're not connected to the internet
2. because of a security program or firewall you've installed, CalendarPal cannot access the Internet.

Since you wrote this email and sent it successfully, it appears you've installed (or updated) a security program with a 3rd-party firewall included - or you've downloaded and installed a 3rd-party firewall.

If CalendarPal isn't allowed access to your Internet connection then it cannot access the Accuweather feeds from the Web. Since you don't need a 3rd-party firewall at all, you're best bet is to turn it off and use the Windows Firewall - if you don't want to do this, then you're going to need to read your firewall's instructions and figure out how to configure it to allow CalendarPal access to the Internet.

Please note- you may not have installed a "new" firewall, it could be that whatever you've installed before has updated to a new version and it is not recognizing CalendarPal. The fact remains something on your computer is blocking CalendarPal and preventing it from accessing the feeds from Accuweather.com. This is not a problem with CalendarPal or with Accuweather.

Keep in mind, Norton, McAfee, ZoneAlarm, CA, TrendMicro, Panda, Vipre and other so-called "security suites" all contain a firewall - and these firewalls, by default, block any program they don't recognize -regardless if they're a good program like CalendarPal which needs to access the Internet for valid reasons - or not.

The reason why CalendarPal is not updating is because something on your computer is blocking its Internet access.

Thanks,
TC "

My security is:
Windows Defender, in which I set the firewall to allow CalendarPal
Avast! version 4.8 home edition http://www.avast.com
SuperAntiSpyware 4.26.1000 http://www.superantispyware.com and
Win Patrol http://www.winpatrol.com

Can anyone see what settings I may be missing? Yes, I do regular updates to all of them, but I surely haven't changed any settings!

I am using Vista Home Premium 32 bit

Thanks for any help you can give.
Thumperzluv


Page 1 of 2.
Results 1...20 of 22