My weekly routine is as follows:-
1) run CWShredder
2) run Spybot S&D ver 1.2
3) run AVG ver 7 with auto updates
4) run WS Trojan Scanner (on line)
5) run Symantec (on line) virus check
and all reported clear, until;
6) ran Panda Activescan (on line) which reported 2 spyware infections,
but did not name them nor was able to disinfect.

Any suggestions?

Leythos wrote:
against some some of the early coolsearch malware it hasn't been kept
up and the coolsearch folks have long been known to tune and change
their exploit gambit. I suspect thats why CWshredder hasn't been kept
up, the author invested a lot of time on the tool. Those cool search
folks are very good (personally I suspect they are Russian mafia but
that is only my opinion), and they change their exploit methodology
frequently. If you follow Leythos advice and be very careful of
download/installs, stay patched, you are probably safer than 90%.

I didn't see anything on backups in your list. (I do incremental daily
on my system with full monthly backup). XP Sp2 users may find it
difficult to recover from a problem (might read this months PC mag
article on how to build a xp sp2 recovery disk). Hardware does fail.
Many Sp2 users will be shocked to find out their system restore
functionality Pre SP2 has been broken and you can't go back. Especially
since a number of mass producers don't provide a win install disk.

You might want to invest some effort on backup and recovery. It is
often easier to rebuild a properly backed up system than it is to figure
out how to fix it. Hardware does fail. New exploits are a daily event.
Backups are your best friend! It can take a long time to recover from a
disaster, crap happens, a system can be rebuilt in minutes from a
properly backed up system. My method would not work for most folks (I
use virtual machines, it works for me) however find a method that works
for you, do a backup and test it to ensure your methodology works. Try
to automate the process as much as possible so the system does the work,
not you.

Winged

Yeah, you seem to have a compulsive repetitive habit; seek help :-)

Cheers,
Ken Russell

kenrussellyourhat@optushome.com.au
Remove yourhat to reply by e-mail
..

"Bren" <bren@chariot.net.au> wrote in message
news:c18fca02.0502220513.4c8e3856@posting.google.c om...

Thanks for your comments to date.

winged <winged@nofollow.com> wrote in message news:<cvgodq$9fu@dispatch.concentric.net>...

No LAN, or router. Just a DSL 300 modem with WIN SP2 firewall.

Using IE6 and OE6

Sounds good. Switch off System Restore first or does Safe Mode do this
automatically?

Vital information!


My newsagent, has a wealth of both local (Aus) and overseas magazines
giving WIN XP support.

Thanks for your comments.

In article <cvgodq$9fu@dispatch.concentric.net>, on 22 Feb 2005 21:05:46 EST, winged
<winged@nofollow.com> wrote:

[]

| I am not sure of the value of running CWShredder. While it is effective
| against some some of the early coolsearch malware it hasn't been kept
| up and the coolsearch folks have long been known to tune and change
| their exploit gambit. I suspect thats why CWshredder hasn't been kept
| up, the author invested a lot of time on the tool.

CWShredder is now owned and maintained by Intermute. Latest version
is 2.13 (February 2005).

--
DavidPostill

Good points. I'd add that I use Norton Ghost evrytime I have more software
updates than I would care to reload. Data is backed up frequently.

In the event of a casualty, I have to feed in ghost CDs follwed by a data
restore. Maybe this is too much trouble, but I bet the day I stop doing it
will be the day it all goes to hell in a handbasket!

"winged" <winged@nofollow.com> wrote in message
news:cvgodq$9fu@dispatch.concentric.net...

Leythos wrote:
product. I use multiple ghost images to break up the rebuild process
and use scripts to control the rebuild. On patch days I run one set of
backups the night after then the following day scripts patch the virtual
files,, then the virtuals get backed up the next night on hd dvd rw. I
try to maintain at least 3 months of archive, just in case. I use an old
DAT drive to do daily incrementals for changed files. This is a script
that just id's changes since previous day. I know my version of ghost
is old, but it still works well for me. I have been meaning to get a
newer version of ghost ...but that would probably require more work....

Winged

David Postill wrote:
product.

Winged

winged <winged@nofollow.com> wrote in message news:<cvgodq$9fu@dispatch.concentric.net>...
I have now run AVG 7, MS Antispyware (beta), AdAware SE, and Spybot
S&D 1.3; all in Safe Mode, but the Panda Activescan (online) still
reports 2 "spyware infections," very early in the scanning process.

Any suggestions for removing, or is Panda being over zealous? Should I
ignore them as "negligible?"
There has been no noticeable change in performance on my Compaq 2000
running XP with SP2 firewall.

and it could be that they are alarming you to entice you to buy their
product. That trick is everywhere.
"Leythos" <void@nowhere.lan> wrote in message
newsan.2005.02.24.12.16.26.523753@nowhere.lan...

"ROBERT S AMP BA Drake" <robtsdrake@verizon.net> wrote in message news:<HQkTd.13874$EL5.3893@trnddc05>...

I had a look in HKLM - RUN and found the following suspicious looking
entry:

PERSWF
C:\WINDOWS\1kU8U.exe

Tried to delete the file using Windows Explorer but couldn't find it
in the WINDOWS folder. Also couldn't find it using Search facility.
Could it have been removed by the antispyware with the entry being
left in the registry?
Can I now delete the entry in the registry?
There was nothing in HKCU - RUN.