[SGVLUG] Need help with clearing popups from windows system
Alex Roston
tungtung at pacbell.net
Tue Sep 5 23:58:35 PDT 2006
Emerson, Tom wrote:
>Well, I can see two (or more) problems with this approach: as I
>understand it, every application "registers" itself in the registry
>during installation, if you re-install, wouldn't it re-write the
>registry from scratch? (meaning you'll have the executables "in place"
>for your userland apps, but windows wouldn't be "aware" of them) If it
>doesn't rewrite the registry, anything "hidden" in the registry that
>triggers an infection will still be there (i.e., anything defined to
>"run at boot time")
>
>
This has never been an issue, but keep in mind that I'm "current" with
Windows as of '98. During a reinstall, the registry took care of itself
and never caused any problems. As for the registry causing bad behavior,
this might or might not be a problem. Usually malwares of this type
attach themselves to, or replace, important windows programs that run
all the time (the Windoze equivalent of daemons) so replacing the old,
rooted daemon with a new daemon usually takes care of the problem.
>Secondly, if a non-microsoft application has been contaminated, and that
>in turn contaminates system files (so as to hide itself from scans), you
>haven't actually eliminated the problem (the trojan is still out
>there...) I suppose, though, the system would be "innoculated" in a
>sense in that some viruses will check before infecting, so the system
>*may* appear infected and the virus doesn't re-infect the system. Of
>course, the virus writer might take the easy route and ALWAYS infects
>every time it runs, but that's another matter entirely...
>
>
I don't think you have to worry about a non-microsoft application
causing the problem. It's almost certainly an important Windows file.
Alex
More information about the SGVLUG
mailing list