[NCSA-discuss] windows cleanup following gratuitous download

Wed Oct 11 08:53:48 EDT 2006

On Tue, 10 Oct 2006, Glenn Hennessee wrote:

> Start by downloading and installing Spybot Search and 
> Destroy and AdAware.

I had disks spinning last night.

Both were useful. Both have a button to Exit the scan, which 
I assumed would loose all info on the current scan. I 
couldn't find a button to pause/stop and see how things were 
going. Turns out the Exit button is it. It took a little 
while to figure out how to delete the offending 
cookies/files. Initially I manually deleted and rescanned to 
check I'd deleted the right file, but I later figured out 
how to delete the offending files within the checker.

There were lots of cookies, which I hadn't paid attention to 
that are now all gone. I didn't find anything alarming (at 
least didn't get any notices saying "Trojan").

The /Disk/Properties/DiskCleanUp which is supposed to remove 
temporary internet files and temp files doesn't do much of 
anything. After an install of a program and cleanup, Temp is 
still full of files. I manually deleted all of those. I 
found some undeletable files there, which I figured must be 
from running programs and that Temp is like unix /tmp. These 
became deletable later in the evening, presumably when I 
wasn't running whatever the application was anymore. There 
was an .ini file in Temp, which I was warned was a system 
file and deletion would cause the whole machine to collapse 
into a puddle of tears. I found this hard to beleive, but 
didn't delete it.

I downloaded STinger (recommeneded by Jeff the Riffer). It 
seemed to be an antivirus program current to Apr 2005. Since 
Symantec Antivirus (current to this weekend) didn't find 
anything, I wasn't too surprised that STinger didn't find 
anything either.

> get ZoneAlarm.

Kevin Wilcox gave me the download site. It was trivial to 
set up and initially you don't set up any rules. ZoneAlarm 
pops up a window for each new connection request, tells you 
the program making the request and you 
permanently/temporarily accept/reject the connection. I 
haven't figured out what to do if you want to change the 
rules later. I can't read any files in the network 
neighborhood anymore - I don't know if this is from 
ZoneAlarm or just my general difficulties with figuring out 
Windows and maybe I haven't been able to read the network 
neighborhood for a while and haven't noticed (I added the 
local network as "Trusted").

> HijackThis can be very useful at times for finding  registry 
> entries, etc.

have downloaded it but haven't tried it yet

It seems like the machine at home didn't have anything bad 
happen to it.

Thanks everyone for all the suggestions.

Joe
-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!