Malware - Cause of your Lag?

I normally dont post tech stuff.. but I really do hope this helps some people.

SL normally runs great for me. like everyone else, when you are arouond 20 or more people, naturally you will run a lil slower.

I noticed the last 2 weeks, that SL was running really bad, everything was grey and would stay grey, I would log in and it would be grey, it was like someone was sucking my bandwidth. its not my cable internet, i download at 986KBPS

My PC exceeds SL requirements, so I know my hardware was ok. I did a virus scan and spyware scan one after the other, yes I had some virus' and spyware, ok got those cleaned up.

Still SL was running terrible. Last night I rescanned. I did the online virus scanner from panda software, it will only scan not disenfect. I was thinking that my virus scanner was not picking up. Now just prior to this, i ran a scan of virus and spy ware... nothing. After the panda scan was done, I had 33 Spyware and 5 Hacktools. I was like OMG. Why didnt my software pic it up. After an hour of cusing and googling, I found a great tool.

http://www.prevx.com/default.asp

This tool located and locked down all my spyware and hacktools and more then panda or my scanner did not find. After all said and done, i logged back into sl... looks like its back to what i am used to.

Moral of the story, before you complain about SL and LL and about lag, look at all your inner workings, mostly it will always be user end.

I hope this helps anyone that may be having issues and can not figure out why.

The Prevx1 program has a full 30 day trial and you can buy it after that for 20 US. I did last night after it found all this crap. Best tool i have ever come across.


~Tya

I'll offer two other tips:

(1) Use Firefox instead of MSIE, with the Adblock and Flashblock extensions. You'll thank me, and be much less likely to get infected if you're a "non-wizard" level computer user.

(2) The best (and free) anti-malware program I've seen is Windows Defender (by Microsoft). As much as it pains me to say it, M$ really did a great job here by buying the best product to re-brand as their own. It blows Ad-Aware the Spycleaner and such away by leaps and bounds, and proactively protects your machine, not just reacting after the fact.

Great thread, Tya!

Regards,

-Flip

1.) Reformat XP
2.) Install Spybot, AVG, and Firefox + your favorite firewall.
3.) Don't use IE.

I'll have to take a look at Prevx

i use firefox, once i tried it i never went back to IE. its my own fault it got all this crap on my pc.. i am constantly downloading.. but i wont say what

Gotcha. Gotta be careful with that.

You /are/ talking about bittorrent'd fansub anime fresh from Japan, right?

My final solution was to buy an iMac.

-Ghoti

Can you send me one? I'm a little short on funds.

Good advice - always good to check for that sort of thing.

The Panda Scan, while free, is deceptive. I ran it and it reported 72 "spyware"! After I nearly had a heart attack, I looked at the report and it was all cookies for doubleclick and other ad networks. Just to double check, I deleted all my cookies and reran the scan and got perfect results. This is just wrong on Panda's part and just makes people feel like they need to buy their software RIGHT NOW!!!111!!!! These ad cookies are certainly not good, but they aren't spyware that affect your bandwidth.

The MS Defender actually doesn't check for the tracking cookies and, since there has been some outcry about it, does detect and partially remove some of it's own spyware (Claria Gator eWallet is owned by MS.) - http://www.enterprise-windows-it.com/story.xhtml?story_id=13000A7QJIBY

Good tip Tya.

I run firefox too... very happy with it.

Just downloaded and ran prevex on my work computer, it didn't find anything... which is a good thing I guess... lol. Had hoped it would pick something up. I will try it at home to see if any results are different.

I also run adaware, spybot, and the microsoft one. I find that spybot and adaware usually pick up one or two that the other misses. The microsoft one seems to run clean every time after running the other two.

hehe.. um you know the song.. " the internet is really for ...." kidding lol

The new internet explorer preview version (beta 3 if i'm not mistaken) seems to run really nice, its popup blocker could use some work, but i have yet to be hit by any malware running it. It runs quite a bit faster and uses less memory than firefox, as well. You get the tabbed browsing, etc.

Right now, i'm impressed.

zOMG pr0n!

Here are some links to AdBlock and FlashBlock:
http://adblock.mozdev.org/
http://flashblock.mozdev.org/

While I support advertising driven sites, it is nice to be able to block bad advertising networks that track and report, like doubleclick. Flashblock is great, because it stops those annoying flash video / sound ads that play on top of the screen, in fact, all flash is stopped, with a Play button you click to start it if you wish.

Regards,

-Flip

What actually slowed me down was the hack tools, yes I was hacked.. low and behold I go into my user control panel, and to my amazement, another user account was created. Now I did this myself or I was hacked, I would opted for the hacked lol. . I will post the hack tool malware names when I get home..

There are so many people who play sl and are afraid to ask or to easily blame LL for all their woes. I just really hope this thread helps the shy person afraid to ask, and not feel like a fool or silly.

Advertising slogans not likely to be used by Apple any time soon, #1: "iMacs - The Final Solution".

Well, I've just tried PrevX, and I'm sorry to say I'm not so impressed. In fact, I'm a little frightened of it. After a 2+ hour scan of my entire system, which included "verifying" every single file by talking about it with an external database (scary), all it managed to do was quarantine two harmless files. The first was one of my nVidia drivers, which it was unable to distinguish it from a rare piece of malware that happens to have the same name. The second was my TGA thumbnail plugin, which I've been using for years with no troubles, and which has never been considered to be malicious by any other security program.

I can't say for certain since I'm not an expert, byt PrevX itself seems more likely to be spying on me at this moment than anything else on my machine. It's constantly talking to the "community database". The claim is that's how it's able to diagnose and address new threats faster than any other security program, but what proof is there that that's all it's doing?

That whole file verification thing seems really scary. For all I know, the entire contents of my computer were just reported to whomever was listening. Needless to say, that possibility is not acceptable. I'll be uninstalling PrevX momentarily.



As for MS Defender, sorry Flip, but I stopped believing Microsoft was serious about combatting spyware when they entered talks to buy Claria/Gator. That same week MS Anti-Spyware stopped reporting Gator products as malicious. Why would MS come out with an anti-spyware product, and then enter the spyware business themselves? The only sensible answer for this obvious conflict of interest is that their anti-spyware efforts are simply a front to make their own spyware less detectable. I'm usually not one for the "evil Microsoft" consiracy theories, but they're obviously playing both sides of the fence on spyware, and it's pretty disgusting.


Adaware, Spybot, and Norton have been my tools of choice for several years now, and I've never had reason to mistrust them.

Thank you, Tya. I downloaded this and it found 4 things, two of them in jail. I put them all in jail.

I don't know whether they were "harmless" or not (I looked up their details and they didn't seem harmless to me), or whether to worry about any of that other stuff brought up in the post above this. But I'm the sort who likes to get rid of ANYTHING and EVERYTHING I can which wasn't put there by me and/or serves a legitimate purpose.

coco

if you click on the item. you will directed to the webpage that will give you details about the suspicious item. if its deemed ok. you can move it to probabtion and i forget the other one.


i am sorry some didnt like it. i am just happy i was able to stop these hacking tools ...

The following is instructions for what I do right after I restart windows and I want to get ready to run SL or other processor-tasking games--it basically stops any processes and services that are not necessary to run SL--if you're paranoid about security, then keep the processor heavy firewall software running (although the best option is to get a hardware firewall like a router so you don't have to run a software firewall): The best way I've found to reduce lag is by first going to MSCONFIG (start/run, type msconfig), going to services, checking the box that says "hide all microsoft services", then going to services.msc (start/run, type services.msc), and then, in services.msc, going to each of the services that were shown in the MSCONFIG window that weren't MS services, and stopping them by clicking on the service and going to the left panel and selecting "stop service". You might want to stop the automatic updates service, windows firewall, shell hardware detection, themes (which will make the window decorations look like win2k, which makes things run faster anyway--I always have themes disabled), and security center as well. Then, after you're done, close those windows, go to the task manager (ctrl-alt-delete) and end the process for all the processes associated with the antivirus and programs that do not come with windows--the ones you WANT running are all the svchost.exe entries (if you accidentally do end one of those processes and subsequently a shutdown window appears, go to start/run and type "shutdown -a", lsass.exe, services.exe, crss.exe, spoolsv (although you could turn off the print spooler to end that process, since it's just used for printing), tbmon.exe, mmc.exe (it may not be there), explorer.exe (unless you want to run SL through the task manager, then you can shut that down too). When you are done running SL, restart the computer and everything should be the way it was.

Other things that may help--hold the windows key and hit the pause/break key, hit the advanced tab, then under Performance, hit the settings button. Now hit "adjust for best performance" and then go in by hand and select "show window contents while dragging" and "use common tasks in folders". and then click OK.

If you have a memory optimization program, I suggest after doing all those things before you're about to run SL, use the program to optimize memory and then quit the memory optimizer.

I would also suggest defragmenting your hard drive.
Second Life seems to use several very large data/cache files, and these files frequently get fragmented across your hard drive resulting in a lot of hard drive sound effects and a very slow SL experience

To defrag your hard drive, go to "My Computer" on windows, right click on your 'C' drive (or whatever drive you have Second Life installed on), go to 'Properties', then 'Tools', then 'Defragmentation' and follow the prompts. Defragmentation can take *hours* to complete and makes your computer run very slowly for everything else while it is going on, so it is best to leave it running while you are out at work one day or something

And then, after you start SL, load a firefox window, which should take a good ten minutes given that bloatware product, and watch SL's performance crash.

I tried FireFox. It takes up too much disk space, too much RAM, and degrades computer performance to the point of insanity. All right, perhaps it was an older version, or perhaps it was an older PC. Either way, it left a bad taste in my mouth. As a result, I will never try it again.

Just like WinAmp v4. I don't care what you say about the other WinAmps, version 4 was a nightmare, and I'm not going to try any other version of that broken, bloated, processor hungry program that can only play tunes brokenly.

For Anti-Virus, we use AVG Free, and we COFA with software provided by our service provide, as well as the integrated Micro$haft stuff. Our router also has firewall protection.

Yes, we are a little paranoid, but who wouldn't be?

On our PC's, to defragment the hard drives {and scandisk them, too}:

1. Reboot the PC.
2. Select "Win98" on the Boot Menu.
3. Start => Run => "ScanDisk."
4. Scan all your partitions. Unfortunately, Scandisk does not like to do this automatically.
5. Close ScanDisk.
6. Start => Run => "Defrag."
7. Set it up to defragment all hard drives.
8. Click "Show Details."
9. Eat popcorn while Defrag has at it.
A. When Defrag is done, exit it.
B. Restart computer.
C. Select "WinXPPro" on the Boot Menu.
D. Wait fo WinXPPro to boot because it doesn't seem to like it so much when it's files are optimized by Win98.

I'm an internet tech, and I will echo what everyone has said: DO NOT USE INTERNET EXPLORER.

An unpatched IE is 21 times as likely to pick up a nasty bug from a website just by visiting it than an unpatched Firefox. 21 times. That's just insane.

http://www.informationweek.com/windows/showArticle.jhtml?articleID=179102695

Rule of thumb - if you use Internet Explorer and do not use several tools to keep your machine free of malware, you are likely infected.

I try not to run any browser while SL is going--I make SL the only thing running besides services and processes crucial to running SL.

Firefox DOES take up more disk space, a lot of ram, but it doesn't bog down the machine nearly as much as the IE7Betas. It also has a lot of tools available like AdBlock (which makes it so you don't have to edit the hosts file to get rid of ads on webpages) and MediaPlayerConnectivity (which allows one to view video clips in a media player instead of in a tiny window built into a page) that really add a lot of functionality--if you haven't used any add-ons/extensions in Firefox, you're missing a lot of what makes it a more functional browser. If one is browsing the net, what difference does it make if more processor is used? It takes a really rare, poorly written webpage to actually bog down the processor.

Winamp I agree with you for the most part, except that there are some file types it can't play on the older versions. Try 24bit or 32bit 96,000 sample rate files on old versions. (it's sure sad to me that WMP -still- can't play those yet)

If you use IE as your main browser and you don't use programs like Spybot Search & Destroy and Adaware or equivalent (I like those programs because they're thorough and free, and Spybot is --really-- thorough when you get beta versions of the definitions files), it's a guarantee, an absolute guarantee that your computer is infected with a bunch of crap.

By the way--what is the COFA you're referring to? I've been able to find: College of Fine Arts, California Organic Farmers Association, Central Ohio Flyers Association, Christian Outdoor Fellowship of America, Claire Oliver Fine Art, Compact of Free Association, Central Ohio Flute Association, some sort of deburring tool for eliptical holes and irregular parts, Change Of Frame Alignment, Certificate in Offshore Finance and Administration...

This is what I use and it works:

Firefox (or regular Mozilla), DO NOT USE IE.

AVGFree Antivirus

ClamWin Antivirus (good free opensource antivirus, seems to pick up whatever AVGFree misses though this only happened to me once).

SpyBot Search & Destroy

AdAware

a^2 (trojan, malware, spyware, adware remover. best I ever used so far)

CCleaner (just because it diserves mensioning)

COFA means cover our f@@@@@g a$$e$..

We have plenty of anti-spyware protection and firewalls, and will continue to run IE, we havent had any problems with it. Our computers are nearly identical. I am replying because Lynn thought she shouldn't..