Same old entries return each day,

  • Thread starter Thread starter Hugh
  • Start date Start date
H

Hugh

Most times that AntiSpyware runs (around 5am each day),
it finds a regular brood of "old favorites" and reports
that they are removed.

However almost every time it runs, it finds them again,
usually the same ones!

Now I will NOT have downloaded any 3rd part stuff during
these runs and installed nothing.

In fact the machine (XP Pro) although a home machine, is
mainly used to access another restricted 64-bit box in my
office (using remote desktop).

The office machine is clean, never reports any probs.

The home box did have Kazaa once upon a time, probably
the origin of all probs today.

However. MS need to explore the circumstances under which
spyware is removed, nothing is installed, downloaded and
the machine not rebooted, YET the same list of spyewares
is found on the next run, the next day.

There is a cause for this, and it needs to be dealt with.

Hugh
 
Thanks, but the above posted solutions does not work.

For me, this spyware runs round the clock - not 5 am each
day :)

I am working on it with various teams and friends now -
will post here again if I finally get a solution.

Thanks all.
 
You can start dealing with those spyware by restarting safe mode, open
Microsoft AntiSpyware on the scan page, choose scan options > Full System
Scan (check the boxes below) > "Run Scan Now".

Restart in safe mode instructions:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx
--
Andre
Extended64 | http://www.extended64.com
Blog | http://www.extended64.com/blogs/andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm
 
If this doesn't help, Go to c:\windows\prefetch and shred
any files there that with filenames containing the name
of the "old favorites." You can get a freeware file
shredder at download.com.

If you aren't running a firewall, get one and install
it. Configure it to block scripts, embedded objects, and
mime-type integrated objects by default for every web
page. Change these settings ONLY when you can't properly
view a page or you get an "access denied" error when
either downloading or viewing a page, AND you know the
page is safe to view (i.e. it DOES NOT contain damaging
content). If you are running a firewall, configure it as
above. Also make certain that your firewall, antivirus
protection, and spyware detection and removal programms
are ALL up-to-date. If they aren't, stuff can slip past
and infect, and possibly damage your system and even
compromise your privacy.

Hope this helps.

Alan
 
Back
Top