# MY Virus and Security Problems



## KOROHO

Early this morning I suspected I had a virus on my system, so I ran a scan using McAfee.  Sure enough, I was right.

Now, after being back on MT, the virus is back too.  My Spyware is also finding all sorts of things that I cleared off yesterday.

It seems they have some serious problems here.  Be careful and scan often.


----------



## Carol

Reoccuring virus/spyware is typically caused by the kernel of the malware not being removed by the scan.  The problem keeps coming back because it never went away in the first place.

Try scanning with other applications and double-checking the obvious stuff...uptodate def files, full scanning options checked.


----------



## Bob Hubbard

MartialTalk has NO spyware, does not install any virues, etc. 

Use Adaware and Spybot to do a deep check and clean of your system.
I recommend Grisoft anti virus. Free, Fast and reliable. McAfee and especially Norton are none of those.
Install a firewall such as ZoneAlarm
Stop using Internet Explorer and switch to Firefox.
- Install AdBlock Plus


----------



## Jade Tigress

Bob Hubbard said:
			
		

> MartialTalk has NO spyware, does not install any virues, etc.
> 
> Use Adaware and Spybot to do a deep check and clean of your system.
> I recommend Grisoft anti virus. Free, Fast and reliable. McAfee and especially Norton are none of those.
> Install a firewall such as ZoneAlarm
> Stop using Internet Explorer and switch to Firefox.
> - Install AdBlock Plus



Bob, are you saying Norton is unreliable? That's what I use..I've never had any problems...
I also run Spybot and Adaware. I also like SpyBlaster which stops alot from getting on the computer in the first place.

Can you provide a link for Grisoft? Do I have to disable Norton or can I run them together? 

Thanks.


----------



## ajs1976

If the virus keeps reappearing, boot into safe mode and run antivirus and spyware scans.  Also, if you have Windows XP make sure to disable recovery points before you scan and turn them back on afterwards.


----------



## Bob Hubbard

Jade Tigress said:
			
		

> Bob, are you saying Norton is unreliable? That's what I use..I've never had any problems...
> I also run Spybot and Adaware. I also like SpyBlaster which stops alot from getting on the computer in the first place.
> 
> Can you provide a link for Grisoft? Do I have to disable Norton or can I run them together?
> 
> Thanks.


My experience with McAfee was annoying, and I used to recommend them heavily.   Norton seems to have slipped in the rankings, and they've had several security issues over the last few years, especially their live update.

* Anti Virus Software Vendors:*
&#183; AVG Anti-Virus Free antivirus software. http://free.grisoft.com
&#183; F-Protect www.f-prot.com
&#183; Panda Software Antivirus : www.pandasoftware.com
&#183;Trend Micro: www.trendmicro.com

*Windows Update*: windowsupdate.microsoft.com

*FireWalls*:
Zone Alarm: http://www.zonelabs.com

*SpyWare Removal:*
Ad Aware:http://lavasoft.de

*SpyBot *: http://www.safer-networking.org/

More info on viruses, spyware, etc
http://rustaz.net/nonfiction/compcorner3.htm


----------



## Andrew Green

KOROHO said:
			
		

> Early this morning I suspected I had a virus on my system, so I ran a scan using McAfee. Sure enough, I was right.
> 
> Now, after being back on MT, the virus is back too. My Spyware is also finding all sorts of things that I cleared off yesterday.
> 
> It seems they have some serious problems here.  Be careful and scan often.



Martialtalk is clean, what you are describing doesn't make sense to attribute to Martialtalk if you understand the way this site works.

More likely your virus scanner failed to fully remove it and you got reinfected.  But, to be sure, specifically, what virus did your scanner say you had?  What spyware?


----------



## hemi

I have been using PC- Cillin, Internet Security 2006 and I love it so far. It found a lot of Ad ware and other things on my system that Norton&#8217;s and McAfee missed. This program was a little pricy but to me worth it. My kids download all kinds of search bars and MSN Messenger seems to be loaded with junk that slowed down my system until I had PC-Cillin remove all that junk. And just for the record I have never had problems with MT or KT as far as ad ware, spy ware, or viruses.


----------



## Jade Tigress

Andrew Green said:
			
		

> Martialtalk is clean, what you are describing doesn't make sense to attribute to Martialtalk if you understand the way this site works.
> 
> More likely your virus scanner failed to fully remove it and you got reinfected.  But, to be sure, specifically, what virus did your scanner say you had?  What spyware?



Yep. You're problems aren't originating from Martial Talk that's for sure. Try following some the steps outlined by the more computer literate among us and see if that does the trick for you.


Carol ~ Clear your PM folder dammit! Trying to message you.


----------



## Kreth

Andrew Green said:
			
		

> Martialtalk is clean, what you are describing doesn't make sense to attribute to Martialtalk if you understand the way this site works.


Agreed. The only thing remotely close to malware on this site is the damn forum. I can't seem to keep it out of my browser history... :uhyeah:


----------



## shesulsa

Moderator Note:

Moved to Support forum.

G Ketchmark / shesulsa
MT Super Moderator


----------



## Carol

Kreth said:
			
		

> Agreed. The only thing remotely close to malware on this site is the damn forum. I can't seem to keep it out of my browser history... :uhyeah:


 
I seem to have the same problem!!


----------



## Grenadier

While a cursory scan might clear a virus out of the memory, you might have to do more detailed cleaning to get rid of the true source of the infection.  

Viruses can invade registries, boot sectors, etc, and this might require a custom tool to remove.  

Go to: 

http://www.sarc.com

And type the name of the suspected virus into the search engine.  There should be specific instructions on how to remove it.


----------



## Carol

[Plug=Gratuitous]

*w00t!!*

*Martial Arts discussion AND tech support for all kinds of reasons. *

*$15 helps KEEP this place spyware-free for a long time to come.*

http://www.martialtalk.com/forum/payments.php

[/Plug]


----------



## KOROHO

Firt, I know how to remove viruses and spyware. 
In order for them to "come back", they have to first "go away".
I know these files were reomoved.  After updating McAfee.  I must have missed an update somewhere, some how.  The spyware was also removed.
I did not even think that they came from MT, until I came back.  I was quite surpised.  I am 100% positve that these problems are some how related to MT.  And I am no computer ametuer as some people have arrogantly assumed and commented on.  I used to be a partner in an ISP.

Once I log off from here now, I'll see if anything else happens.  Perhaps things were taken care of and now people have to do a quick CYA.
I for one had always believed in dealing honestly and directly with people and not covering up problems like this.  If there is a security breach, you have an obligation to the community to inform them so they can make sure they get software updates and avoid the problems - not deny, lie and call people names and blame someone else.


----------



## KOROHO

By the way.  I am growing in my disappointment with McAfee. There was a time when they were the leader.  Maybe not any more.
I am also going to Opera only rather than use MSIE and Opera only some times.


----------



## Carol

KOROHO said:
			
		

> Firt, I know how to remove viruses and spyware.
> In order for them to "come back", they have to first "go away".
> I know these files were reomoved. After updating McAfee. I must have missed an update somewhere, some how. The spyware was also removed.
> I did not even think that they came from MT, until I came back. I was quite surpised. I am 100% positve that these problems are some how related to MT. And I am no computer ametuer as some people have arrogantly assumed and commented on. I used to be a partner in an ISP.
> 
> Once I log off from here now, I'll see if anything else happens. Perhaps things were taken care of and now people have to do a quick CYA.
> I for one had always believed in dealing honestly and directly with people and not covering up problems like this. If there is a security breach, you have an obligation to the community to inform them so they can make sure they get software updates and avoid the problems - not deny, lie and call people names and blame someone else.


 
Can't see that the issue is from MartialTalk.  I don't have any connection to MT or Bob other than the fact that I like to surf here and if I ever get around to having a site of my own, Bob is the kind of businessman that I would like to have doing my legwork for him.  That's personally why I support this place...my decision, my cash.

I can say this.  Personally, I am on this site A LOT.  Yes, I have no life, but...I also work some oddball hours.  My background is telecommunications engineering and right now I'm sitting in front of more DS3 connections than I'd care to mention.  

If there is a spyware, malaware, viruses, trojans going about on our network, we know about it.  We make telecommunications equipment and we vigorously monitor what goes in and out of the building.  Does my company know I surf MT when I work?  You bet.  They also know when any viruses or bad stuff goes across our network.   

We have never seen ANYTHING amiss from MartialTalk or KenpoTalk and I would be enough of a jerk to call Bob out LOUDLY if he ever does that.  No viruses, no trojans, no malware, no spyware, no tracking cookies, no worms, no warez...nothing but data and certainly nothing that would make me look like a bloody idiot in front of my colleagues.  

But anyway...that's just my opinion and no, I'm not getting anything out of it except a chance to be a loudmouth and a chance to put off working for a bit more and wonder if its 4AM yet so I can go home :rofl:

That's not to say my knowledge is pristine or superior or anything else, but...that's just my point of view out the window from the desk in my office.  There are bad things out there on the web and always issues in keeping everything working five-nines reliable.  Personally I'd much rather be tracking down hardware interop issues and software bugs than chasing around bad data on the internet and seeing what it does to our customers....but such is the reality we face in telecom.  Just my opinion though.    Good luck.


----------



## Bob Hubbard

Just for the record.
* The only people who touch this server are qualified systems administrators.
* All banners are located on our server. The exception is the javascript for the SCN network (little tool bar at the very very top). That code was written by me, does nothing but pull the listing over from my corporate site.
* All of our servers are secured, locked down and regularly security checked. Servers are constantly updated with OS, application and Kernel updates and fixes. Unused services and software has been removed or disabled, logs are audited, suspicious activity investigated, anti-spam and anti-virus installed, anti DOS/DDOS measures installed, system has been fully security hardened, and numerous detection, monitoring and analysation utilities installed both on-server and remotely for maximum security.
* Every line of code that has been uploaded to martial talk has been looked over by me or a trusted programmer. We don't include anything questionable.
* We use no pop up/under/out advertisements. I have rejected offers from people to install them, and turned down some nice payouts if I did.
* 

I take the security of this site, and the trust of our members very seriously. I can say, with 110% certainty, that if you have a virus or malware problem, that it did *not *come from MartialTalk. I have had the server checked, the code checked, and had this independently verified for cleanness.  We're clean. If someone finds out otherwise, I want to know about it, immediately.


I would suggest clearing your cache, (both web and disk).
Turn off XP's roll back feature.
Ensure that you have up to date antivirus and scan every file on your system.
Ensure that you are using Adaware or Spybot. Run both in fact and have them clean and immunize your system. Then get Microsofts spyware program and run it as well. (only allow 1 to stay resident to protect you) These 3 are the only spyware programs worth a darn in my opinion.
Install a firewall if you haven't already. ZoneAlarm is the best. 
Switch to FireFox. Opera is ok too. Avoid IE like the plague.


----------



## Kreth

KOROHO said:
			
		

> Perhaps things were taken care of and now people have to do a quick CYA.


Hmmmm... somewhere in the neighborhood of 2500 members, and *1 (one)* complaint? As a former IT guy, I'm sure you're familiar with the term Operator Error, right?


----------



## Bob Hubbard

Missed this part:



> Perhaps things were taken care of and now people have to do a quick CYA.



He haven't changed a thing. 



> I for one had always believed in dealing honestly and directly with people and not covering up problems like this.



Me too.



> If there is a security breach, you have an obligation to the community to inform them so they can make sure they get software updates and avoid the problems



If there was a breach, I agree. However, there was no breach.



> not deny, lie and call people names and blame someone else.



I agree.


----------



## Andrew Green

We could probably clear this right up, what was the virus you believe was installed by this site?


----------



## Jonathan Randall

KOROHO said:
			
		

> Firt, I know how to remove viruses and spyware.
> In order for them to "come back", they have to first "go away".
> I know these files were reomoved. After updating McAfee. I must have missed an update somewhere, some how. The spyware was also removed.
> I did not even think that they came from MT, until I came back. I was quite surpised. I am 100% positve that these problems are some how related to MT. And I am no computer ametuer as some people have arrogantly assumed and commented on. I used to be a partner in an ISP.
> 
> Once I log off from here now, I'll see if anything else happens. Perhaps things were taken care of and now people have to do a quick CYA.
> I for one had always believed in dealing honestly and directly with people and not covering up problems like this. If there is a security breach, you have an obligation to the community to inform them so they can make sure they get software updates and avoid the problems - not deny, lie and call people names and blame someone else.


 
Speaking unofficially as a private member (not as a Moderator), your allegations are serious - in the same league as accusing a high-end restaurant of giving you a serious case of food poisoning - yet you have not substantiated A SINGLE ALLEGATION against Martial Talk, its Webmaster or its Administration staff. Since you take, according to your posts, character, integrity and Biblical principles very seriously, I'd do some reading up on what the Bible (your handbook according to your posts) has to say about false or unsubstantiated allegations and possible slanderous behavior.


----------



## elder999

What exactly was the title of this thread? Hmm?

Oh, yeah: _*MY* Virus and Security problems._
 :lol:


----------



## Grenadier

Kreth said:
			
		

> Hmmmm... somewhere in the neighborhood of 2500 members, and *1 (one)* complaint? As a former IT guy, I'm sure you're familiar with the term Operator Error, right?


 
Not to mention, an even larger number of unregistered users just lurking.  You would think that some of them would have said something as well.  



Koroho:

Whatever your problem is, it was probably buried underneath something else, and certainly not part of Martialtalk.com.  Please check out:

http://www.sarc.com

and type in the name of the suspected virus in their search engine, and follow the manual removal procedures.  Since you are experienced in the area of computers, the detailed instructions should be relatively simple to follow.  

Cursory scans, or even detailed scans, might not kill a virus, no matter what program you are using.  Some will require that you manually edit the registry, etc, or else the infection will never go away.  

If doing the above clears your problem, then I (and everyone else) will be more than happy for you.  You don't even have to say anything else in this thread.  Just try it, and see what happens.  

I've built and serviced a warehouse load of computers in my life, so I would hope that my experiences can come in handy here.


----------



## 7starmantis

Andrew Green said:
			
		

> We could probably clear this right up, what was the virus you believe was installed by this site?



I would be interested in this answer as well.


----------



## terryl965

Well I cought a stomach virus in Knoxville, went to the doctor and he said I'll be fine in a couple of days. Maybe yours will be as well!!!
All joking a side MT is the greatest place to be and I have a server and Bob has done work with me and he would never do anything to hurt his baby, so it is on your end, so get it fix!!!!!
Terry


----------



## Edmund BlackAdder

KOROHO said:
			
		

> Early this morning I suspected I had a virus on my system, so I ran a scan using McAfee. Sure enough, I was right.
> 
> Now, after being back on MT, the virus is back too. My Spyware is also finding all sorts of things that I cleared off yesterday.
> 
> It seems they have some serious problems here. Be careful and scan often.


 
Yes, any site that would do something like that is a serious problem. I'm glad this site is not one of those. Though for you to try and blame your own security problems on someone else shows at best a serious lack of honor, and at worst an attempt to defame this site and its staffs reputation. 



> I used to be a partner in an ISP.


So what? I used to be partner in a car dealership, didn't mean I knew jack**** about lugnuts and transmission repair. I've worked for enough tech companies to know that the owners often know the least.

I've never received any errors, warnings, alerts involving this site (other than some page time outs due to server overload or net congestion). No spam, no unsolicited emails, no popups other than those the software by default has (PM notifications and rep boxes), no spyware and certainly no viruses. If they did that crap I and many of these other 2,500+ people who aren't having any problems would not be here.

So, why don't you take the excellent expert advice offered here, clean up your computer, and then apologize for your insult.


----------



## elder999

Edmund BlackAdder said:
			
		

> So, why don't you take the excellent expert advice offered here, clean up your computer, and then *apologize* for your insult.


 
Pretty sure that page is one of several he tore out of his dictionary, long ago......



			
				Grenadier said:
			
		

> Whatever your problem is, it was probably buried underneath something else.......



The cerebellum, no doubt.......:lfao:

I'm sure it's just a misunderstanding, though...


----------



## Carol

Edmund BlackAdder said:
			
		

> So what? I used to be partner in a car dealership, didn't mean I knew jackschit about lugnuts and transmission repair. I've worked for enough tech companies to know that the owners often know the least.


 
Knowledge doesn't immune a person to problems.  My customers have teams of well-qualified engineers, many with more experience than I have...and I'm not a lightweight.  If knowledge was all it took to make everything go green, I'd be the Maytag repairman.  My phone would never ring.  *checking for missed calls*  

Problems in engineering can often be solved with a fresh set of experiences and/or a fresh set of eyes.  Its teamwork.


----------



## MJS

*Mod. Note. 
Please, keep the conversation polite and respectful.

-Mike Slosek
-MT Super Moderator-*


----------



## Xue Sheng

I am a tech and I deal with PC security, Virus and malware issues. And I do not work for MT. I have spent weeks looking for spyware that I knew was on a PC that I could not see all and I could not ghost it for one reason or another. So the fact someone knows how to remove malware does not necessarily mean that they can do it every single time.

Also I cannot stress this enough&#8230;. Update your security software DAILY if your chosen software does updates daily... and they should.

First nothing and I mean nothing is 100% secure. 

And now that I said that I am also equally as certain that the virus/malware issue in question did not come from MT. If it did my software would have alerted me to it long ago. 

Malware, if not entirely removed, and even a professional can miss a registry entry from time to time, can cause the malware to reinstall.

Virus can be equally as tricky if not more so. Some virus issues if not removed in safe mode will automatically return at reboot. 

Virus Software
McAfee Enterprise is quite good; McAfee for home use is not.
Symantec for home was going down hill the last I checked and since I have no experience with it on the corporate level I cannot comment on its performance.

F-Prot I would stay away from but F-secure was fairly good up until this year both home and enterprise.

Antispyware. I do not care what you are running, if you are only running one product you will not catch all malware nor will you remove all of the pieces of some that you catch. I recommend a minimum of 2 and in my office I run 3.

I have seen Ad Aware find some and remove them and when I ran Webroot, without a reboot, it found more pieces of the same malware.
Lavasoft Adaware is good
SpyBot is not bad
WebRoot is rather amazing
Trend Micro is also pretty good
Computer associates pest patrol for home is awful but for corporate it is not bad. 
Microsoft&#8217;s product is fairly useless

Firewall
F-secure not bad
Zone alarm not bad
Trend not bad.

However you have to remember I deal with corporate stuff mostly. And I will not discuss what is on my home PC on an open Internet forum. 

And a note to all that may read this:
DO NOT EVER EVER download any antispyware software from a popup you get on the Internet that tells you your PC is infected

EDIT:
Please forgive my tone of this post, if there is one, I have been in Pentesting training all week and this is just plain scary stuff to a computer professional to learn about, but it is good to know.


----------

