:mad:
Every time I close an IE window I get an error message telling me that "the application could not be started because ccL30.dll could not be found"

I have to click "OK" several times before I can play nicely again.

When I looked this up it said that this might be associated with a WSBeagle Trojan horse...but I've had Norton Internet Security and recently Norton SystemWorks running the whole time...and the symantec site told me that I did not have the virus when I downloaded the removal tool.

Help....how do I fix it?

John

Every time I close an IE window I get an error message telling me that "the application could not be started because ccL30.dll could not be found"

ccl30.dll is the Symantec library. It's part of your AV system...

When I looked this up it said that this might be associated with a WSBeagle Trojan horse...

Various flavours of the Bagle malware try to delete this file. Looks like one of them succeeded...

but I've had Norton Internet Security and recently Norton SystemWorks running the whole time...

Not if you haven't got ccl30.dll, you haven't...

Help....how do I fix it?

Short-term: google for "ccl30.dll". There are a number of download links. I can't guarantee that any of them are free from their own malware.

Longer-term: run a more secure system[1]. It's so much easier than running around trying to catch up with what the latest malware-writers are doing...

Vic.


[1] http://whiteboxlinux.org is my current preference - but there are many others that are every bit as good...

Thanks Vic,

I did google...but was loathe to download (for just the reasons you mention)

Can you suggest one that is less likely to create problems?

The ONLY time that my AV software was disabled was during the installation of Norton SystemWorks (from a disc)

But I guess my wireless net was connected at the time...but I was not surfing during the installation.

It's done it on two of my PCs too!

John

PS
Whats this white linus thing you mention...and how much does it cost (and can I use it with XP)

Hi John

Don't let Vic scare you. He's right but is perhaps overstating the risk.

dll-files-com is a pretty trustworthy source of missing Dlls

download the file here
http://www.dll-files.com/dllindex/dll-files.shtml?ccl30
save to C:\Program Files\Common Files\Symantec Shared\

You may need to check versions. If you are really concerned contact Symantec

Norton AV is bloody aweful (IMVHO). I have lost count of the number of times it has been supposedly protecting a spyware ridden PC. It also has very poor threat footprint analysis - a nasty habit of removing files from legitimate applications which happen to use the same file name as a virus component. The simple analogy would be arresting every one with a tenner in their pocket because they might be part of the Securitas gang.

AVG and the Enterprise version of McAfee cause far less problems, detect more mal-ware/viri, and don't stop updating while you remember to renew your subscription.

Can you suggest one that is less likely to create problems?

There should be a copy somewhere on whatever media you got when you bought Norton. But I wouldn't how best to get at it - I don't use it...

The ONLY time that my AV software was disabled was during the installation of Norton SystemWorks (from a disc)

The problem you've got is that you're involved in an arms race.

Your AV software can only respond to things it already knows about. It matches what it sees against a set of "signatures" it has downloaded from Symantec.

So when something completely new comes along, it's got no appropriate signature, and so will frequently fail to do anything about the new malware.

Modern malware tends to attack AV software first :-(

Whats this white linus thing you mention

Whitebox Linux. Currently, my distribution of choice. I run it on most of my home machines (all the x86 platforms), all but one of my work machines, and it is the grunt running this webserver as well.

...and how much does it cost

Nothing. Not a penny.

(and can I use it with XP)

You could dual-boot - but it replaces XP, rather than runs on top of it.

If you just want to try it out, take a look at Knoppix ( http://www.knoppix.net/ ). This is a bootable CD that allows you to run Linux without actually installing anything on your hard disk. This means it's quite slow, but gives you a flavour of what Linux can do, and serves as a very useful rescue disk...

Vic.

save to C:\Program Files\Common Files\Symantec Shared\


OK... the mystery gets deeper!

"This folder already contains a file called ccl.30.dll. DO you wish to replace the existing file?"

What's going on?
And should I replace it?
(the existing one is version 103.0.6.5 dated 27/8/04 the downloaded one vwersion 103.0.2.10 and is dated 02/12/04)

John

OK... the mystery gets deeper!

"This folder already contains a file called ccl.30.dll. DO you wish to replace the existing file?"

What's going on?
And should I replace it?
(the existing one is version 103.0.6.5 dated 27/8/04 the downloaded one vwersion 103.0.2.10 and is dated 02/12/04)

John

It's probably got unregistered. Press start button, select "Run..." and enter "CMD", press OK. You should now be in a DOS window.

Enter "C:" and press return
Enter "CD \Program Files\Common Files\Symantec Shared\" and press return

prompt should now say "C:\Program Files\Common Files\Symantec Shared\>"

Enter "RegSvr32 ccl30.dll" and press return

Should register the file, if not post the error message

Could it also be that the virus/malware has replaced said file with something else, which doesn't perform the functions required of it but does exist, to confuse a poor user trying to expunge it from their system?

John - Are the files the same size? There is also something called a checksum which will tell you if they are the same file, given that they are the same size, but I'm afraid I don't know how to do that on a windows machine.

Ben

Could it also be that the virus/malware has replaced said file with something else, which doesn't perform the functions required of it but does exist, to confuse a poor user trying to expunge it from their system?

John - Are the files the same size? There is also something called a checksum which will tell you if they are the same file, given that they are the same size, but I'm afraid I don't know how to do that on a windows machine.

Ben

Internet one 235 KB existing one 238 KB

It's probably got unregistered. Press start button, select "Run..." and enter "CMD", press OK. You should now be in a DOS window.

Enter "C:" and press return
Enter "CD \Program Files\Common Files\Symantec Shared\" and press return

prompt should now say "C:\Program Files\Common Files\Symantec Shared\>"

Enter "RegSvr32 ccl30.dll" and press return

Should register the file, if not post the error message

ccl30.dll was loaded, but the DllRegisterServer entry point was not found. This file can not be registered

ccl30.dll was loaded, but the DllRegisterServer entry point was not found. This file can not be registeredSomething has mucked up your 'Path' string :) If there is no entry point for a dll then it has to be on the machine searchable path, as an experiment try copying the files to c:\windows\system32\

K

Something has mucked up your 'Path' string :) If there is no entry point for a dll then it has to be on the machine searchable path, as an experiment try copying the files to c:\windows\system32\

K

Nope - if there is no entry point it means that there is no interface in the class for RegSvr to hook into - in other words it is not a registerable file

I now would suggest contacting Symantic support

Nope - if there is no entry point it means that there is no interface in the class for RegSvr to hook into - in other words it is not a registerable fileQuite :) But you do not need an interface class to access properties and methods within a dll. The RegSvr hook is only used to define the classes and interface in the registry, which in turn enters the file location for those classes.

The alternative is to invoke the .dll directly, to do that it needs to be somewhere that the invoking process can find it.

K

Quite :) But you do not need an interface class to access properties and methods within a dll. The RegSvr hook is only used to define the classes and interface in the registry, which in turn enters the file location for those classes.

The alternative is to invoke the .dll directly, to do that it needs to be somewhere that the invoking process can find it.

K

So...would replacing the one I have with the one I downloaded do me any good?

Or should I just uninstall all Norton stuff and re-install?

John

So...would replacing the one I have with the one I downloaded do me any good?Probably not. The version you have is later than the one you downloaded. You may have software which uses code which is in the later version and not in the earlier version.

Or should I just uninstall all Norton stuff and re-install?Well uninstall it at least. AVG is free for personal use and I think Bit Defender also have a free for personal use version. Both are better than NAV IMVHO...most things are better than NAV IMVHO ;)

So...would replacing the one I have with the one I downloaded do me any good?

Well you won't be any worse off than now


Or should I just uninstall all Norton stuff and re-install?


That should work as well but will take longer

Probably not. The version you have is later than the one you downloaded. You may have software which uses code which is in the later version and not in the earlier version.

Well uninstall it at least. AVG is free for personal use and I think Bit Defender also have a free for personal use version. Both are better than NAV IMVHO...most things are better than NAV IMVHO ;)

But..."you get what you pay for!"

so - how come NAV is not as good as the freebies?

How come NAV is so popular? If it were cr*p and expensive...surely no-one would buy it?

Next move please?

John

So...would replacing the one I have with the one I downloaded do me any good?No, just copy the one you have to c:\windows\system32 (or similar)

K

Well you won't be any worse off than now



That should work as well but will take longer

Is the file in Internet Security or SystemWorks...don't want to waste time uninstalling the wrong one
(sorry for all the Q's...but, as you have probably read elsewhere, ..I'm a complete muppet!)

John

No, just copy the one you have to c:\windows\system32 (or similar)

K

OK..done...do I need to do anything else...or just copy it there?


John

Bl**dy Hell!
That's done it...no more annoying boxes to click on when I close IE windows
Cheers
Keith

John,

Several people who, from their replies, know a thing or two about PCs, have advised you to install something that will cost you nothing and that they rate higher than NAV. What do you think you should do?

Here's the website for you:

http://www.grisoft.com/doc/289/lng/us/tpl/tpl01

Ben

PS: Another voice in support of AVG here. I've been using it for a few years along with ZoneAlarm (also free) and I've had no problems.

But..."you get what you pay for!"

Not true.

so - how come NAV is not as good as the freebies?

It is frequently the case that free software out-performs more costly code. The "how can it be any good if it doesn't cost?" chant usually comes from people with lucrative software businesses...

How come NAV is so popular? If it were cr*p and expensive...surely no-one would buy it?

While there's enough people believing that you have to pay money to get anything worthwhile, there will be a market for commercial software of varying quality...

Next move please?

Ditch Norton, install Grisoft.

HTH

Vic.

Bl**dy Hell!
That's done it...no more annoying boxes to click on when I close IE windows
CheersShould have listened when I told you that yesterday ;) What I've told you to do is a kludge, it souldn't do any harm but you shouldn't have to do it! What has caused it is one of two things -

You have tried to uninstall NAV (or a similar product), it is a right s*d to get rid of completely, it's a bit like a virus in that respect ;)
You could have an incredibly long PATH variable, see http://support.microsoft.com/kb/832978/en-usEverybody else who tried to help you has been correct as well, that regsvr32 command should work with most .dll files, it didn't with this one. I'm not even going to try and explain how it should all work :D

Keith L

AVG and Zonealarm, its what i use on my windows machines. I also have Spybot and A-Squared set to run once a week.

Norton and Mcafee are crap. Not only do they both eat up system resources while giving crap protection, they are also 2 companies that agreed to not add certain government (US/UK/Probably other govs) trojans to their antivirus patterns. I trust neither with a bargepole.

If you want to boost security some more, peerguardian with the ads/spyware/trojans lists will stop a whole load more possibilities.

But at the end of the day, get rid of windows and use linux. You wont get much safer (since the majority of virii/trojans/malware are designed for windows only).

AVG and Zonealarm

iptables and an uncompromising demeanour.

Vic.

For linux, lol. Iptables and PGLinux. Can't beat that combo.

But..."you get what you pay for!"Most of the people on this forum will have got their diver training for next to nothing ;)

so - how come NAV is not as good as the freebies?Because Symantec are a cumbersome corporation that survives on brand and accquisition selling into a largely ignorant market place.

How come NAV is so popular?Symantec are very good at marketing - like a certain American diver training agency perhaps. Symantec set up a couple of lucrative distribution deals with high profile manufacturers and stores. Dell have dumped them but HP still ship systems with a free trial which stops updating after 3 months...and NAV can be a bitch to remove. So it sort of holds people to ransom and they pay because they don't know what else to do. This sort of thing is common in the domestic technology industry. Crap products survive on availability and the approval of self appointed 'experts' who have no real idea.

If it were cr*p and expensive...surely no-one would buy it?The budgetary cost of a virus removal is around £200. The corporates spend a great deal of time and money testing AV products and removing free trial software from the PCs they buy. In fact both NAV and McAfee have completely different versions of their products for Enterprise use - oddly Enterprise in the AV context means smaller and simpler. They are far better than the all encompassing big-box retail versions you find in PC World. NAV Enterprise still has a crap detection and update engine though, hence McAfee cleans up.

AVG and Zonealarm, its what i use on my windows machines. I also have Spybot and A-Squared set to run once a week.

Norton and Mcafee are crap. Not only do they both eat up system resources while giving crap protection, they are also 2 companies that agreed to not add certain government (US/UK/Probably other govs) trojans to their antivirus patterns. I trust neither with a bargepole.

If you want to boost security some more, peerguardian with the ads/spyware/trojans lists will stop a whole load more possibilities.

But at the end of the day, get rid of windows and use linux. You wont get much safer (since the majority of virii/trojans/malware are designed for windows only).

It surprises me how few people actually use the help services from the companies you bought the software from - some of my friends even appear scared, maybe of big phone bills?? - but they are good in my experience although I seldom need them. Its even better if they are free.

What brought me to respond to this thread is that when I first clicked on it my IE6 browser immediately shut down. I've already been having challenges because it mysteriously freezies - in any event I am attempting to resolve the problem.

Matt-75 is absolutely correct in my opinion. Virus writers are after MS, but I wonder what may happen when/if Linux gains the upper hand?

I agree about Norton and McAfee antivirus - I now use Kaspersky but even this has an odd glitch on my own PC. It won't allow me to plug in my USB2 memory stick without cutting out the computer and sending it into restart.
Both the memory stick vendor nor Kaspersky were able to resolve it. and yes I've done the usual conflict checks, been talked through various options all to no avail but please dont worry about it.

I have spybot , Registry Mechanic and Registry Cleaner - both are free and excellent - you really should to take Matts advice and get these. Downloads.com is one place you can hunt them down on or Google for them.

Have a safer browsing experience and watch out for big brother especially on your mob phone.
Both Matts get a green from me for their expertise - I'd give Keith and John another but hey - they are already green goddesses + the system wont let me anyway :D

Hi John
I use AVG free edition from grisoft.com. It has never let me down. Norton AV was a pain in the back side so I dumped it.
Try it , you might like it.

LOL,

Phil

Oh, well, as we've got into a "which antivirus" discussion...

I use Symantec Antivirus (same company as Norton but a cut down version), don't have a problem with it - doesn't slow anything down, seems fine to me. To be honest I never had a problem when I had no antivirus either, I don't think this has ever picked anything up other than things on website that I'd have to click yes to download anyway... but I don't click yes so thats fine.

In reality, i'm still to come across a virus / trojan / bit of spyware that has got me without me doing something silly. Whether thats clicking "yes" when you get a popup asking you to download something from a dodgy website, or clicking links in emails from unknown senders. The best defence in my opinion is not bits of software, but just being careful with what you do - although its nice to have the backup there too.

And on the backup note, I do now keep full backups of everything I might possibly want to save on an external hard drive (every couple of days, and always before I move my laptop out of my room), and to DVD occasionally... and the most important current stuff (ie work, assignments, etc) is on various webspaces too :rolleyes:

I know what some people mean about the problem with AV stuff doing more harm than good. I'd never get any of these full security packages like what Norton do, but think the plain simple AV software is fine (used to use it before I changed). I remember (probably 10 years ago now) when Windows 95 was still quite new we put Norton CrashGuard or something like that on a computer. The computer was fine before, but just thought that protection would be good... the result was that the computer crashed a lot! Crazy!

David

Virus writers are after MS, but I wonder what may happen when/if Linux gains the upper hand?

It will be a completely different kettle of fish.


There is a significant amount of diversity in Linux installations; there is no single set of components that constitutes a "typical" Linux (strictly, GNU/Linux) installation. So just because you find a vulnerability in one distribution, that doesn't mean you can write malware that can target more than that one particular disty.
With the exception of Linspire, Linux installations enforce privilege separation - this means that there is a huge difference between what a standard user can do, and what the super-user can do. So even if a user is tricked into running a piece of malware (the "social engineering" attack), the effects of that malware are very limited - only that particular user's stuff can be affected; the OS and other core components cannot be subverted because the user simply doesn't have the permission to do so.
Mistakes over file formats don't happen; Windows uses the filename extension (.exe, .jpg, etc.) to determine what use to make of a certain file - and specifically whether or not a file can be executed. Linux filesystems don't do this - each file has bits associated with it to determine whether or not it is executable. The relationship is an explicit statement about the file, not an inference according to its name.
There are many thousands of people checking over the code. No-one can guarantee that mistakes or deliberate attacks against the codebase[1] won't happen, but the level of peer-review means that such errors have historically been found and fixed rapidly. I can't see this situation changing.


Now the above could be seen as the witterings of a self-confessed evangelist, but there is reason to believe that the purported extra security in Linux is not just because Windows has a larger install base: look at the web server stats. Apache has consistently had a much higher number of installations than IIS (currently 63% to IIS's 25%, according to http://news.netcraft.com/archives/web_server_survey.html ). Yet the malware doesn't target it...

The upshot of the above is that, although Linux malware has been written in the past, and most assuredly will be written in the future, it is extremely unlikely that the levels of devastation seen by Windows users will experienced by Linux users. Which is nice.

Vic.


[1] See http://kerneltrap.org/node/1584

AVG only catches a low percentage of virus i know its atractive being free but i have had loads of people using AVG with virus problems. Norton eats your proceser and mem if you are runnig a low spec or a high 1 Mcafee is your best bet i know you pay for it but but its a good all rounder. If you buy the secrity setup with it. It gives you firewall spam filter e.g. I dont agree with payingh for virus defs update when you have bought the product in the first place.