Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsJob BoardISP NewsFAQsForumsToolsMapsAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Using Process Explorer to remove hard to remove malware
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Question About Some Packets. »
« IM Monitoring at LAN?  
AuthorAll Replies


bcastner
Premium,MVM
join:2002-09-25
Chevy Chase, MD
clubs:
·Verizon Online DSL

edit:
April 12th, @10:05PM
reply to trparky
Re: Using Process Explorer to remove hard to remove malware

Start first, not last, with the "Automated Tools". You mentioned several of note, although SpySweeper Trial will not remove anything. Many here have liked "SuperAntispyware", so I note that for userland issues of Vundo, and some Zlob.

In any case, this is just wrong in my opinion:
quote:
Half the time I don't care about looking up something, I don't have the time... I just dive right on it and start ripping things out of the startup routines, drivers, BHOs, services, etc. I try to get the machine that I'm working on back to a sterile environment in which at that point, I let loose the tools of automated removal.
There are so many things that are perfectly legitmate entries, that using HijackThis or MSCONFIG to "rip out" entries" is a serious mistake. If you had written instead:

quote:
I start with Add or Remove Programs, and remove any entry that is non-critical or unknown to me...."
I might have had some sympathy.
Please do not use HijackThis or MSCONFIG as removal tools. You can, with training, use them as an AutoStart entry editor, a kind of friendly REGEDIT. But nothing more.

Finally, as this Forum and many others offer friendly, one-on-one, malware removal, please take advantage of this. I can assure you that most of the folks who respond can do this better than you can. I know this for a fact, as many can do it better than I can.

Bill Castner
--
============
MS-MVP 2004 - -2008, ASAP Member
Users Helping Users

to forum · permalink · · 2008-04-12 14:27:42 · Reply to this
-
Forums » Up and Running » Security » SecurityQuestion About Some Packets. »
« IM Monitoring at LAN?  

Thursday, 21-Aug 00:51:58 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 9 years online! © 1999-2008 dslreports.com.
page compression OFF
Most commented news this week
· [99] Was FiOS a Good Idea?
· [77] Landscaping, Courtesy of AT&T?
· [74] ISPs Whine About Network Neutrality 'Paranoia'
· [66] FCC Finally Issues Comcast Throttling Order
· [56] Google Launches White Space Broadband Website
· [53] Craig Moffett: Network Upgrades Are For Ninnies
· [52] Qwest, Unions Strike Deal
· [49] Olympics Didn't Cause The Exaflood
· [49] AT&T Cooking Up New VoIP Product
· [48] Did Apple iPhone Fix Make Problems Worse?
Most people now reading
· Criss Angel revealed. [56k lookout! (broadband heavy)]
· [Speed] Comcast to throttle individual users; all protocols [Comcast HSI]
· How I Stole Someone's Identity [Security]
· how do I get the washing machine hose off the faucet? [Home Repair & Improvement]
· Neighbor Yanks a Power Line & Voltage Overloads the Block [Home Repair & Improvement]
· Is something missing? (Stove question) [Home Repair & Improvement]
· DIR-655 Firmware 1.20 Released [D-Link]
· How-to: make ActionTec MI424-WR a network bridge [Verizon Fiber Optics]
· Unsupported Computer Configuration [AT&T Southeast]
· Most reliable and speedy variety of WRT54G for Toomato/MLPPP [Canadian Broadband]