Broadband Tech > Security > Security > eZula and Adaware Mystery Solved.

eZula and Adaware Mystery Solved.

Hi

Thanks New Years for bringing that together. That's a good help and a good post. I just updated RefUpdate to the new 1.3 and it did what it was supposed to do - I had (like others) been having problems with 1.2. After updating to 1.2 I had never been able to get new updates to work after I'd reformatted in late October 2001.

Ah well - actively paranoid once more.

Regards

Gordon
--
Go! Go! Go! Johnny B. Goode!

reply to New Years$
Thanks for this clarification, it had me wondering at the time of the scan. How could I have the keys but not the corresponding files? So fortunately I made a backup before deleting them. I had two of the keys in your list deleted. Now they are back.

Thanks again!

reply to New Years$
That's some nice investigative work / research. Thanks

reply to New Years$
Good job New Years and PapaDos.
This has been a long time coming.
My question still remains. Where the hell was Lavasoft while all this was exploding?
I've sent them two e-mails about this. One sent 5 days ago and one last night. So far no response.
What really scares me is the fact that this could have been a much more serious situation for user of their product.
I really hope more of you will voice your displeasure with Lavasoft.
[text was edited by author 2002-01-20 11:58:26]

reply to New Years$
Good job. I'll repost, here, an observation I had several months ago. If there are any corrupted entries in your registry's "shared dll's" key, particularly blank or null entries, AA will misidentify the null entry sometimes, and tell you that an otherwise clean system is infected. Now, as I also said, where this sort of thing's concerned, like with a firewall, I would rather see a little oversensitivity and a false positive or two very occasionally than undersensitivity and false negatives as a routine, but it's worth being aware of.

All started when I ran AA, and was entirely sure that the spyware it identified "could not possibly be on here. I was right. Whether the key was a leftover from an old ad client, or just a corruption, I uhh... dunno. I just know that, on instinct, I thought that it would be overkill and a potential problem, all its own, if I let AdAware clean up the key, since it might - well - remove part of something I use.

My solution was to run a little MS app called shrdll.exe - that was released ages ago, to clean out unused and corrupted entries in that key, because of the limited registry size limits from the 95 days. It's available at »support.microsoft.com/default.as···;q217165

Running this before AdAware, or, perhaps, more aptly, after a scan and BEFORE trying other removal tactics, can be an excellent tool for eliminating the possibility of false positive. Just thought I would post that here, again, since the thread seems like a good place to consolicate these tidbits...
--
A man who carries a cat by the tail is getting experience that will always be helpful. He isn't likely to grow dim or doubtful. Chances are, he isn't likely to carry the cat that way again, either. But if he wants to, I say, let him. --Mark Twain

reply to jabbawest
"I really hope more of you will voice your displeasure with Lavasoft."

Well, jabba I am not a member of their forum, but I lurked it as soon as you posted your concerns as I know you are busy and I too was dissapointed it could not be resolved and given a timely response. But let me do a little defending here.

I have every version of lavasoft adware from day one on floppies. I helped beta test it even before they had forums or much of a presence here in the states. I think it was a rough road for Bee and others to journey for it was ALWAYS FREE and a darn good product that had a mission and a philosophy to help everyone with SPYWARE>

When you start out with a goal like that and you minmize the thought about CASH FLOW, never realizing your product is going to be as popular as Windows it self and M$ in so many cirlces,you have to form alliances and cut deals that always end up with problems. That's the politics of business and I know it does not address the current technical issues, but it sure does exacerbate them along with finding mirrors to service the millions of people who now use your product.

I think the real techincal problem has to do with how fast some of these new spy/adware are coming out, how stupid the code for some of them are.... in any case,Lavasoft trying to address it as fast as they can, without getting sued or slammed by the author that it IS legit advertisment practices. Some of that stuff is getting so bad even this group does not know whether Norton should be killing it or Lavasoft should handle it.

So I give Lavasoft a thumbs up and thank all of them.

I think it is a million dollar product, glad it is out there, it has helped so many people to date, and I wish them well.

If it was not still FREE to so many, maybe some of the techincal problems and testing before release could have been solved. That takes bucks and lots of man hours.
[text was edited by author 2002-01-20 13:36:31]

reply to blindsqrrl

said by blindsqrrl:

---

That's some nice investigative work / research. Thanks

---

reply to New Years$
... I got the ezula warning and deleted the files, don't notice any problems ... so, has anyone decided if I really need to recover those files, or not ...

... damn, insomnia's a bitch, I'm re-reading old threads ...
--
"I got a Sweater for Christmas - I really wanted a Screamer, or a Moaner ... but I got a Sweater".

reply to New Years$
Everyone gets a thumbs up from me. This has been and is still interesting reading and involves me as well. All I can say is that that "backup" option in Ad-aware and other programs can save one's fanny and should always be used...just for cases like this one. Thanks guys for such a good follow up.
--
JKKAge is a very high price to pay for my maturity. If I can't stay young, I can at least stay immature!

reply to New Years$
Excellent job guys. It's fairly obvious that you put a lot of work into it. Look what an innocent post, just to let everyone know that an software update is available, can turn into. It's easily understood how it could get blown out of proportion, when there are web sites devoted to the condemnation of spyware call ezula.
--
I am not insecure, I have a firewall.