[SGVLUG] Need help with clearing popups from windows system

Matthew Gallizzi matthew.gallizzi at gmail.com
Tue Sep 5 19:00:31 PDT 2006


To be honest, I'd just reformat and reinstall. In the past I find myself
trying to learn what the heck is going on ... but, fact? Well, fact is -
this is bloated Windows. Copy over everything to a USB drive and copy back
and reinstall. Problem solved. Not only will Windows run faster, but a bunch
of junk will be removed too.

Anywho, that's my two cents.

On 9/5/06, Ken Lin <indigo451 at yahoo.com> wrote:
>
> Sorry, what was the website the adware is referring to maybe the specific
> cleaning tool is listed in secunia or symantec
>
> http://www.symantec.com/enterprise/security_response/removaltools.jsp
>
> also spybot search and destroy is pretty good at blocking bad websites.
> they call it innoculating IE by filling in the blocked website list for you
>
> http://www.safer-networking.org/
>
>
> *"Emerson, Tom" <Tom.Emerson at wbconsultant.com>* wrote:
>
> > -----Original Message----- Of Claude Felizardo
> > On 9/5/06, Alex Roston wrote:
> > > [...] I haven't fooled with it
> > > lately, but at one point it was possible to do a "hot" reinstall of
> > > Windows, and this didn't work very well for replacing files
> > which had
> > > been deliberately buggered.
> >
> > Hang on, are you saying it is possible to reinstall windoze
> > on top of an existing system and not have to reinstall all of
> > your apps? I mean I thought one of the problems with windoze
> > is that it's still difficult to determine if your data files
> > are stored in a subdirectory of the App or in one of the "My
> > blah" folder. Can you repair in place?
>
> Well, I can see two (or more) problems with this approach: as I
> understand it, every application "registers" itself in the registry
> during installation, if you re-install, wouldn't it re-write the
> registry from scratch? (meaning you'll have the executables "in place"
> for your userland apps, but windows wouldn't be "aware" of them) If it
> doesn't rewrite the registry, anything "hidden" in the registry that
> triggers an infection will still be there (i.e., anything defined to
> "run at boot time")
>
> Secondly, if a non-microsoft application has been contaminated, and that
> in turn contaminates system files (so as to hide itself from scans), you
> haven't actually eliminated the problem (the trojan is still out
> there...) I suppose, though, the system would be "innoculated" in a
> sense in that some viruses will check before infecting, so the system
> *may* appear infected and the virus doesn't re-infect the system. Of
> course, the virus writer might take the easy route and ALWAYS infects
> every time it runs, but that's another matter entirely...
>
>


-- 
Matthew Gallizzi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.sgvlug.net/pipermail/sgvlug/attachments/20060905/63ce3ba3/attachment.html


More information about the SGVLUG mailing list