Spyware Removal

  • Thread starter Thread starter Jack
  • Start date Start date
J

Jack

Why will the AntiSpyWare Beta 1 NOT remove the Adware
Transponder.ABetterInternet.DrPMon &
Transponder.ABetterInternet.Aurora & the Spyware
ShopAtHome?
 
Perhaps because the developers don' t have enough data yet to know that they
aren't being successful.

Please submit a Tools, suspected spyware report and describe what happens on
your machine.

You have tried doing full deep scans in safe mode, right?

If that hasn't worked, plun is right--ad-aware with the vx2 cleaner add-in
should be able to do this.
 
After serious thinking Bill Sanderson wrote :
Perhaps because the developers don' t have enough data yet to know that they
aren't being successful.
Click to expand...

Hi Bill

Maybe Andy can help MSAS team with all needed information ?
 
There's a group of MVP's working on that effort--I'm going to assume that's
working OK. It is important for them to see those suspected spyware reports
so that they know what is happening out there. Maybe this is a variation
they don't have down yet, or maybe they think they have it down but they are
wrong. Either way, it is customer impact that should drive where the $ are
spent in getting things fixed.
(and after I've said all that, it'll probably turn out that this thread
involves a machine which can't send those reports.......)

--
 
There's a group of MVP's working on that effort--I'm going to assume that's
working OK. It is important for them to see those suspected spyware reports
so that they know what is happening out there. Maybe this is a variation
they don't have down yet, or maybe they think they have it down but they are
wrong. Either way, it is customer impact that should drive where the $ are
spent in getting things fixed.
(and after I've said all that, it'll probably turn out that this thread
involves a machine which can't send those reports.......)
Click to expand...

Well, I believe that this spyware report is nearly useless !!

You must have real material/files to work with.

Thats it again, IMHO ;)
 
Hi Guys

Now Ad-Aware removes this easily which is the first
commercial scanner to be able to do this Im sure in a
couple of weeks it will be changed again, we have already
seen at least 3 versions of nail that I know of so they
are trying to keep in front.By the way Ewido will remove
SAH Agent(Shop At Home) if its needed.

Its the nature of malware, its constantly evolving and
creating new problems, I was scanning a couple of sites
today looking for a source of bogus warning messages
after a post on here and ended up getting a infection
that no spyware scanner is detecting. Some parts are
being removed but there is many dll's & exe's that remain
and my pc got killed for a while. Im glad I found it as
it appears to be a new desktop hijack infection with
backdoor features, Its clean again now but theres still a
couple of problems I need to work on .

I dont think Microsoft need any help on the detections
because they have the Strider "HoneyMonkey" project which
scans sites for code that can be installed without user
consent, The names derived from "honeypots" which refers
to passive server systems set up to wait for attacks.

Each HoneyMonkey is a Windows XP system with a different
level of patching. An initial wave of unpatched
HoneyMonkeys scours the Web seeking potentially malicious
sites. When a site is found that installs malicious code,
the machine is scrapped and another takes its place. The
target URL is then passed to a machine with a greater
level of patching, to see which systems are vulnerable to
the site's exploit. At the end of the chain is a fully
patched Windows XP system,

So Im sure they are getting all the information they need
out of this research although so we have to be patient
and wait for the results to show in the removers,Its a
never ending battle but I'm sure MS will be back in front
soon especially when all the other issues are solved so
then they can start releasing more updates and
definitions without having to work on other problems at
the same time.

Andy
 
They definitely have mechanisms to collect those. There are lots of reasons
why publishing an alias to urge the world to send infected binaries to
Microsoft just isn't a very efficient strategy.

--
 
Bill Sanderson wrote :
They definitely have mechanisms to collect those. There are lots of reasons
why publishing an alias to urge the world to send infected binaries to
Microsoft just isn't a very efficient strategy.
Click to expand...

Well again I didn´t wrote that users should send MS binaries beacuse
this should end up in a real mess, 100%.

I wrote that spyware reports from MSAS probably is totally useless
if MSAS team works with a cleaning mechanism.

And thats my opinion :)
 
I don't share your opinion ; )

I'd bet that the items included in that report are pretty well thought out,
and that if they need tuning, we'll see some change in beta2.

I'm quite sure that the input from those reports is expected to be of real
value.

--
 
After serious thinking Bill Sanderson wrote :
I don't share your opinion ; )

I'd bet that the items included in that report are pretty well thought out,
and that if they need tuning, we'll see some change in beta2.

I'm quite sure that the input from those reports is expected to be of real
value.
Click to expand...

Well !

Maybe these inputs gives some statitics and static information
but no dynamic malware mechanism info.

Antivirus and antispyware labs needs real material to
investigate all mechanism with binaries, no one can change that basic
fact about detection and cleaning malware.

And for sure cannot MS change this ;) But maybe MSAS team
found a secret shortcut to this ?!? ;)

--
plun
 
I know they need the binaries, and I know they have ways to get them--but I
don't have a clear picture. I think the honeypot reference that Andy
mentioned may be relevant--but I'm not sure what the long term plan is. If
I get a chance to ask somebody in an unguarded moment, I'll try to remember
to do that.

--
 
Back
Top