L
Linuxgirl
Brodie said:
LOL..............stay away from porn sites.
LOL..............stay away from porn sites.
B
Brodie
This reloades every time anti spy deletes it after about half an hour it
disconnect your from the internet and trys to dial in.
Ive followed all the guides on the web but none of them have it right
same with spy bot. dose any 1 know how to fix this problem? thank you
disconnect your from the internet and trys to dial in.
Ive followed all the guides on the web but none of them have it right
same with spy bot. dose any 1 know how to fix this problem? thank you
V
Vanguard
Brodie said:
What happens when you reboot into Safe Mode and then use MSAS, Ad-Aware,
Spybot, etc?
M
Menno Hershberger
Brodie said:
You might want to be careful about using Adaware.
"plop" just posted a URL about that. Maybe you should read it first.
http://www.lavasoftsupport.com/inde...66&showtopic=60484&hl=tib browser object&st=0
Or: http://tinyurl.com/5qu4q (if that wrapped)
V
Vanguard
Menno Hershberger said:
Hence why anti-spyware software is risky when used by dummies. Malware
that inserts its LSP (layered service provider) into the TCP layer and
then having some anti-spyware remove that LSP doesn't mean that
anti-spyware will correctly chain the remaining LSPs. It also means
that the anti-spyware may not correctly reinsert that malware LSP to get
back to the prior state. That's why you backup before using
anti-spyware by create a snapshot in System Restore and also saving a
drive image. Alternatively you can try using "netsh winsock reset"
(which, I believe, became available in Windows XP Service Pack 2),
LSPfix (http://www.cexx.org/lspfix.htm), or WinsockXPFix.exe (I haven't
used this one and, I believe, its site has moved). I suppose doing a
Repair (aka in-place install) of Windows might work, too.
P
plun
Vanguard said:
We have a lot of "dummies" then in this world..............
http://support.microsoft.com/default.aspx?scid=kb;en-us;892350
I would say that we need better software or programmers...
B
Bill Sanderson
Good call.
Reading down, in at least some instances, the Winsock fixes take care of the
issues left after using Ad-aware to remove this.
Here are those fixes again, in case anyone needs them:
http://support.microsoft.com/kb/892350
http://www.iup.edu/house/resnet/winfix.shtm
Reading down, in at least some instances, the Winsock fixes take care of the
issues left after using Ad-aware to remove this.
Here are those fixes again, in case anyone needs them:
http://support.microsoft.com/kb/892350
http://www.iup.edu/house/resnet/winfix.shtm
B
Bill Sanderson
I'm somewhat surprised at the folks in the ad-aware thread that didn't seem
to be aware of this fix.
The dummies of this world can include some of the brightest--nobody knows
everything. I agree with Plun--we need smarter software. I'm hoping to see
some additional smarts in Microsoft Antispyware before the final release.
to be aware of this fix.
The dummies of this world can include some of the brightest--nobody knows
everything. I agree with Plun--we need smarter software. I'm hoping to see
some additional smarts in Microsoft Antispyware before the final release.
P
plop
Which fix?
The essence of the problem was that perfectly LEGIT items were
flagged.
It almost looks like the devs ran scan, monitored changes but
never validated the results.
Depending on your networking settings (router, dialup, etc) you
might have several instances of the following:
--I CERTAINLY HAPPEN TO HAVE ALL!--
------------------------------------
--depp scan results section-- (first page)
..................
Object : system\currentcontrolset\enum\root\legacy_rasman<<<< LEGIT!
TIB Browser Object Recognized!
..................
Object : system\currentcontrolset\services\rasman\enum<<<< LEGIT!
TIB Browser Object Recognized!
.............
Object : system\currentcontrolset\enum\root\legacy_tapisrv<<< LEGIT!
....EtcEtcEtc
Tibs and similar install dialer in dialupnetworking.
They do NOT modify winsock or any LSPs, (unlike siliar pestware),
hence some of the suggesested fixes failed to restore completely-
(as noted on the 2nd page!)
It's unfortunate that not a single person gone over the log! lol
Not knowing what tapisvc is or... um rasman???
Gimme a break!
I agree with Plun--we need smarter software. I'm hoping to
Ditto!
Smart software, as well as --informed users-- is the key.
Validate the entries pointed on "any" scan results prior to removal!
Take your time, get familiar with the registry, dont put your
faith blindly in anything that presumably attempts to "fix", as
the "fixing" may end up causing greater problem than original!
B
Bill Sanderson
Nuts! I didn't read the details in all that. You're dead right--somebody
was flagging stuff by reflex, rather than experience. Late in the thread,
someone did say the lspfix helped him out with this particular removal. I
suspect that was coincidence--or more than one removal at the same time.
I've done very little work with HijackThis logs--I posted my own a time or
two in microsoft.public forums to see what experts would make of them, and
got quite a bit of nitpicking about things like backweb, etc. There's an
awful lot of subjectivity involved in this kind of analysis.
was flagging stuff by reflex, rather than experience. Late in the thread,
someone did say the lspfix helped him out with this particular removal. I
suspect that was coincidence--or more than one removal at the same time.
I've done very little work with HijackThis logs--I posted my own a time or
two in microsoft.public forums to see what experts would make of them, and
got quite a bit of nitpicking about things like backweb, etc. There's an
awful lot of subjectivity involved in this kind of analysis.
M
Meow
Brodie said:
Anti spy is finding the dialer, NOT the Trojan that is creating the
dialer. Try a few of the on line virus checkers which may find the
Trojan for you, "hijackthis"
http://www.spychecker.com/program/hijackthis.html might find it.
Meow