|
Posted by Dave on December 15, 2005, 2:53 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> James Egan wrote:
>
>> wrote:
>>
>>
>>> I just wanted to confirm that if a program is unchecked in msconfig
>>> (and does not load itself on startup so the boc becomes checked) and
>>> is also not in the registry after I have deleted it, that presumably,
>>> it does not load on start-up.
>>
>>
>>
>>
>> msconfig isn't a comprehensive list. Look at autoruns
>> http://www.sysinternals.com/Utilities/autoruns.html
>>
>> Also, some malware uses companion processes to make it hard to close
>> down. If you close down one of the processes, its companion
>> immediately restarts it. Similarly, if you have not stopped all the
>> running processes and uncheck the boxes in msconfig or autoruns, you
>> may well find that they are immediately re-checked by the running
>> processes. For that reason it is advisable to run Process Explorer
>> http://www.sysinternals.com/Utilities/ProcessExplorer.html
>> to ensure all unwanted processes are terminated before unchecking any
>> startup boxes.
>>
>>
>> Jim.
>>
> Thank you.
>
> The problem I had was that despite deleting the entries from msconfig
> and regedit, the entires (which looked like Japanese characters) kept
> returning. I dealt with it by putting msconfig in diagnostic mode then
> deleting from the registry which seemed to have worked. Having looked
> through the two utlities you suggested, I cannot see any start-up
> processes or autoruns that would cause a concern.
>
> However, on a possibly related point, google.com just gave the following
> error message which I understand suggests a DDoS attack is occuring:
>
> "...we can't process your request right now. A computer virus or spyware
> application is sending us automated requests, and it appears that your
> computer or network has been infected.
>
> We'll restore your access as quickly as possible, so try again soon. In
> the meantime, you might want to run a virus checker or spyware remover
> to make sure that your computer is free of viruses and other spurious
> software."
>
> Now, I am actually using a proxy to connect to google. Therefore, are
> other people using the same proxy to invoke a DDoS, or do I still have a
> problem (ZoneAlarm Pro, Ad-Aware, Spybot, and a couple of other AV
> products revealed no problems).
>
> I have tried www.google.com several more times with no problems.
http://www.spy.org.uk/spyblog/2005/06/stupid_google_virusspyware_cap.html
Google seem to be intent on destroying their $78 billion dollar market
capitalisation by blocking innocent users or customers from their search
engine. Have you noticed this stupid Google captcha page recently ?
Captchas, which require you to visually decode some distorted images of
a password and type them into a form before proceeding, are a huge
annoyance to partially sighted people and they do not address the
fundamental problems of spam or malware etc.
400_virus_Google_Captcha_403.jpg - stupid Google captcha
"A computer virus or spyware application is sending us automated
requests, and it appears that your computer or network has been infected."
No our "computer or network" is not infected, and we resent this "guilt
by association".
The way that Google has implemented this captcha block is also extremely
annoying, given that on several occaisions, having typed the password in
correctly, another captcha screen is presented, and then yet another one !
Google seem to be blacklisting by the IP address of our ISP's proxy
server, and doing so inconsistently and erratically. Possibly they are
confused by the load balancing either at our ISP or on their own systems.
If we re-configure a web browser not to use the proxy server, then our
PC's IP Address does not trigger this stupid captcha block.
This is not an anonymous proxy server so it does forward our IP address
in the HTTP_VIA or HTTP_X_FORWARDED_FOR headers, which, one would have
thought Google would be checking against their blacklist, but apparently
not.
| 
XML site map