Antispyware install

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

As bad as spyware is, as much of a problem that it causes technicians in the
field, and as much as some spyware can just about effectively keep from
allowing an administrator to effectively RUN windows....why does Microsoft
not see fit to allow Antispyware to install in safe mode?

This alone would save administrators the WORLD over many hopurs of
frustration digging through the registry and prefetch folders looking for the
garbage that constantly keeps reinstalling and getting in the way of running
in regular mode long enough to install the tools needed to clean this crap up.
 
I know that this issue is also on the minds of the Microsoft development
staff. I don't know what approach they will take, but I believe that beta2
will be different in this respect from beta1.
 
Hi Universal4; ...and it should install from a Clean Boot with Installshield
enabled

From my Blog (Jim Byrd):

Hi - Try installing from a "Clean Boot". From my Blog, Defending Your
Machine, addy in my Signature below:

#########IMPORTANT#########

Show hidden files and run all of the following removal tools from Safe mode
or a "Clean Boot" when possible, logged on as an Administrator. BEFORE
running these tools, be sure to clear all Temp files and your Temporary
Internet Files (TIF) (including offline content.) Reboot and test if the
malware is fixed after using each tool.

HOW TO Enable Hidden Files
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2002092715262339

Clean Boot - General Win2k/XP procedure, but see below for links for other
OS's (This for Win2k w/msconfig - you can obtain msconfig for Win2k here:
http://www.3feetunder.com/files/win2K_msconfig_setup.exe ):

1. StartRun enter msconfig.

2. On the General tab, click Selective Startup, and then clear the 'Process
System.ini File', 'Process Win.ini File', and 'Load Startup Items' check
boxes. Leave the 'boot.ini' boxes however they are currently set.

3. In the Services tab, check the "Hide All Microsoft Services" checkbox,
and then click the "Disable All" button. If you use a third party firewall
then re-check (enable) it. For example, if you use Zone Alarm, re-check the
True Vector Internet Monitor service (and you may also want to re-check
(enable) the zlclient on the Startup tab.) Equivalent services exist for
other third party firewalls. An alternative to this for XP users is to
enable at this time the XP native firewall (Internet Connection Firewall -
ICF). Be sure to turn it back off when you re-enable your non-MS services
and Startup tab programs and restore your normal msconfig configuration
after cleaning your machine.

4. Click OK and then reboot.

For additional information about how to clean boot your operating system,
click the following article links to view the articles in the Microsoft
Knowledge Base:

310353 How to Perform a Clean Boot in Windows XP
http://support.microsoft.com/kb/310353
281770 How to Perform Clean-Boot Troubleshooting for Windows 2000
http://support.microsoft.com/kb/281770/EN-US/
267288 How to Perform a Clean Boot in Windows Millennium Edition
http://support.microsoft.com/kb/267288/EN-US/
192926 How to Perform Clean-Boot Troubleshooting for Windows 98
http://support.microsoft.com/kb/192926/EN-US/
243039 How to Perform a Clean Boot in Windows 95
http://support.microsoft.com/kb/243039/EN-US/
#########IMPORTANT#########
 
Not all spyware goes away as easily as you say....if it did, "A Clean Boot"
as you put it would be easy....and in fact, dumping a few registry keys would
be all that was needed to get to a state of windows where installing
Microsoft Antispyware would not be such a chore.

Not to discount the advice completely, but I have seen many infections where
the above does not work.
 
The rigorous approach involves an mOS (maintenance OS) which can boot from
its own media and which doesn't write to the system under test. Bart's PE
is the usual choice for this.

However, you can't, as far as I know, install Microsoft Antispyware on
Bart's.

As I said before--I believe this issue is understood by the developers. I
don't know what they will do with beta2, but we'll find out fairly soon.

--
 
Back
Top