N
nelson
i dont think microsoft is serious about this software.
Same threats persist after running the software.
Same threats persist after running the software.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
B
Bill Sanderson
Try scanning in safe mode.
I'm not sure what the issue is where we are seeing threats properly
identified, but not cleaned, in the normal boot. Some of these are threats
that I believe I've successfully cleaned in normal mode myself.
Independent reviews have consistently rated either the product this one is
based on, or this beta, quite well--so I don't think your pessimism is
called for--but I do wish I knew what the issue is in these failures to
clean.
I'm not sure what the issue is where we are seeing threats properly
identified, but not cleaned, in the normal boot. Some of these are threats
that I believe I've successfully cleaned in normal mode myself.
Independent reviews have consistently rated either the product this one is
based on, or this beta, quite well--so I don't think your pessimism is
called for--but I do wish I knew what the issue is in these failures to
clean.
J
JohnF.
Sometimes the spyware is backed up by a trojan application running in the
background that makes sure deleted registry entries are re-added and deleted
files are recreated. It is obvious when you see a bizarre filename like
gdjryg or anyother random combination of letters running in your process
list or in your registry - it is somewhat unnerving to delete that RUN entry
from your registry and watch it pop right back in there.
My battle plan for those instances is to delete the lines from the registry
that will stay gone and go find the file that maps to the registry line that
reappears in the registry while deleting and I rename the file (they are
almost always in system or system32 under the Windows folder. Once you have
done that, reboot to safe mode and check the process list again, delete RUN
entries from the registry and rename the files of the entries that reappear
or the processes that relaunch when I kill them in the prcoess list manager.
A quick look at running msconfig and looking over the startup list couldn't
hurt either. Reboot to safe mode one more time, delete bogus files, and run
MSAS twice.
That usually does the trick. Pesky trojans.
JohnF.
background that makes sure deleted registry entries are re-added and deleted
files are recreated. It is obvious when you see a bizarre filename like
gdjryg or anyother random combination of letters running in your process
list or in your registry - it is somewhat unnerving to delete that RUN entry
from your registry and watch it pop right back in there.
My battle plan for those instances is to delete the lines from the registry
that will stay gone and go find the file that maps to the registry line that
reappears in the registry while deleting and I rename the file (they are
almost always in system or system32 under the Windows folder. Once you have
done that, reboot to safe mode and check the process list again, delete RUN
entries from the registry and rename the files of the entries that reappear
or the processes that relaunch when I kill them in the prcoess list manager.
A quick look at running msconfig and looking over the startup list couldn't
hurt either. Reboot to safe mode one more time, delete bogus files, and run
MSAS twice.
That usually does the trick. Pesky trojans.
JohnF.
G
Gary Labowitz
JohnF. said:Sometimes the spyware is backed up by a trojan application running in the
background that makes sure deleted registry entries are re-added and deleted
files are recreated. It is obvious when you see a bizarre filename like
gdjryg or anyother random combination of letters running in your process
list or in your registry - it is somewhat unnerving to delete that RUN entry
from your registry and watch it pop right back in there.
My battle plan for those instances is to delete the lines from the registry
that will stay gone and go find the file that maps to the registry line that
reappears in the registry while deleting and I rename the file (they are
almost always in system or system32 under the Windows folder. Once you have
done that, reboot to safe mode and check the process list again, delete RUN
entries from the registry and rename the files of the entries that reappear
or the processes that relaunch when I kill them in the prcoess list manager.
A quick look at running msconfig and looking over the startup list couldn't
hurt either. Reboot to safe mode one more time, delete bogus files, and run
MSAS twice.
After reading your message, I thought I'll just run that msconfig and see
what's going on.
Well, it gave me "Cannot find the fillowing file or one of its components"
on msconfig.
I'm imagining all sorts of things, like having to reinstall Windows, etc.
Perhaps you will give me a clue: is there a site where I can get msconfig or
should I try to find it on my install disks?
Gary
J
JohnF.
Oops - Windows XP file - You can however copy it from Windows XP and put it
in the winnt\sysyem32 folder of Windows 2000 and it will work there too.
JohnF.
in the winnt\sysyem32 folder of Windows 2000 and it will work there too.
JohnF.
G
Gary Labowitz
JohnF. said:
Well, thanks John F. I got it and explored a bit. Looks like an interesting
utility. It certainly makes life a little easier. Actually, for much of this
I use a program called RegSeeker that I got from ... hmmm... don't recall.
It's a similar interface with prettier graphics.
Always good to have another gun in the antijerk arsenal.
B
Bill Sanderson
I think I'd like something half-way between MSCONFIG and the tools, advanced
tools, system explorers in Microsoft Antispyware.
The System Explorers are a bit easier to use--just choose to block or not
block, or block permanently (which really doesn't mean that--it means remove
the entry, as far as I can tell!)
Finding a nice list of what is and isn't blocked is easier in MSCONFIG,
though.
tools, system explorers in Microsoft Antispyware.
The System Explorers are a bit easier to use--just choose to block or not
block, or block permanently (which really doesn't mean that--it means remove
the entry, as far as I can tell!)
Finding a nice list of what is and isn't blocked is easier in MSCONFIG,
though.
G
Gary Labowitz
Bill Sanderson said:I think I'd like something half-way between MSCONFIG and the tools, advanced
tools, system explorers in Microsoft Antispyware.
The System Explorers are a bit easier to use--just choose to block or not
block, or block permanently (which really doesn't mean that--it means remove
the entry, as far as I can tell!)
Finding a nice list of what is and isn't blocked is easier in MSCONFIG,
though.
With the top posting I didn't even realize you were responding to me, but I
accidentally noticed it.
The RegSeeker looks pretty good to me. If you haven't tried it you might
give it a look.
I'm running Version 1.35 Beta build 1203 and it seems to work fine.
I got it at http://www.hoverdesk.net/freeware.htm some time ago, and though
I don't use it often (I didn't even register it) it looks like something
most people would find useful.
-----And now, what you were replying to.....
T
T
version, but on the other hand LavaSoft free adware finds-----Original Message-----
i dont think microsoft is serious about this software.
Same threats persist after running the software.
.
U got that right. I haven't found any yet with Beta
atleast one a day..........
R
Ron Chamberlin
Hi T,
Finds what? Cookie? Dataminer?
In the Beta1 version, the program doesn't go into the cookie jar, nor does
it chase data miner objects.
Ron Chamberlin
MS-MVP
Finds what? Cookie? Dataminer?
In the Beta1 version, the program doesn't go into the cookie jar, nor does
it chase data miner objects.
Ron Chamberlin
MS-MVP
A
A Saunders
I use this little utility...it's been out for a while but
it adds an entry into your control panel that is very
effective in easily blocking or removing startup programs
that are unwanted.
it adds an entry into your control panel that is very
effective in easily blocking or removing startup programs
that are unwanted.