Joho the Blog
|
|
|
July 22, 2004
I started getting the following error message in XP:
The program it wants me to run is not on my machine. So, after a little googling, here's a partial fix (or: http://tinyurl.com/95zt). This reinstalls the .NET framework, which you need, apparently, if you're working with VB 6. This worked well enough that now the error messages I get when I run into Java on the Web are debilitating but not lethal. Good news with my daughter's XP desktop: After many hours of work, I think I have it almost entirely free of spyware. After running all the standard spyware removal programs, I finally installed a spare copy of Norton Firewall I'd found buried in a stack of disks. Duh. Then, I believe I extirpated the last of the malware spawners. The spyware removers were unable to remove it because it was a running process. It would run itself even if I booted into safe mode. So, I foolishly waded into the Task Manager's process list and weed-whacked until I found the relevant process. (Yes, this can corrupt your system. I assume you make backups more frequently than you make caca.) It was a RUNDLL thing. Killed it and deleted the file in Windows\System32 the spyware removers had discovered. Now, for the first time in months, the spyware removers report no malware. For now. (I hadn't installed a firewall before because my daughter is not an under-the-hood sort of user, and, in my experience, firewalls force us to make decisions based on too little information expressed in too much jargon.) Posted
by D. Weinberger at July 22, 2004 10:22 AM
|
Comments
RE: that malware program you were fighting with, I have found that the best way to track down these pests that Ad-Aware and Symantec Anti-Virus can't kill is to go to \\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run and scan the list for any suspicious-looking entries. Granted, you need to have a real good basic understanding of a) the Registry, and b) what software you have loaded on your PC. Still, these malware writers have yet to reach the level of sophistication where their Registry entries look perfectly legit and blend in with all the other entries in \Run. Also, as you no doubt already know, you will want to delete the Registry entry to the RUNDLL malware as well as the actual file.
Posted by: Plainsmonk | July 22, 2004 04:46 PM
Thanks. And, no, I didn't delete the registry entry. Good call!
Posted by: David Weinberger | July 22, 2004 07:20 PM
Get an Apple! Only joking! I upgraded from ME to XP a few months ago, and I had to upgrade from Norton 2001 to Norton 2004. Norton 2004 is terrible and slow, too bloated. So a friend recommended ZoneAlarm for the firewall, which is more intuitive than Norton, and AVG anti-virus. They're both free for non-commercial use.
So far so good.
Posted by: Tony Goodson | July 22, 2004 07:40 PM
Plainsmonk, actually, HijackThis, one of the utilities I've been using, does scan the registry's Run list, plus lots more.
Tony, I hear only good things about ZoneAlarm, but the day I tried to download it, the link was broken (or something), and since I had the Norton handy... (Jeez, that sounds like a god-ate-my-homework excuse, but it's true.)
Posted by: David Weinberger | July 23, 2004 07:25 AM
David, I wasn't aware of HijackThis. Downloaded it just now and it's a cool tool! Beats having to always drill down through the Registry to get at the \Run listings, etc. Still, it's a dangerous tool in the wrong (i.e., ignorant of the Registry) hands.
Posted by: Plainsmonk | July 26, 2004 01:03 PM
could you tell me any good sites on car insurance who are willing to exchange links
Posted by: car insurance | September 20, 2004 03:57 PM
hmmmmmmmmmmm
Posted by: credit cards | October 21, 2004 03:18 PM
Personally, I think that a high quality registry cleaner is in order. I currently use Registry Repair by StompSoft. http://www.stompsoft.com/registry-repair.html This software has helped me tremendously by keeping my system clean of all of those unwanted registry entries.
Sue
Posted by: Susan | August 15, 2006 11:57 AM