If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#41
|
|||
|
|||
Thank you for your courteous response.
Please explain how malware is using WinME SR files to reinfect a machine. I am aware of the use of hidden "tickler" files to do so, particularly regarding spyware, and have had very difficult times myself removing such from naive users' machines during service. I typically recommend to such uncareful users that they install an "active" anti-spyware tool, eg., Webroot's Spy Sweeper, to help prevent reinfection. But I have not heard of the SR files being used to do so. Please elaborate in detail. -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Jack, Thank you for your comments but don’t misunderstand me. I have no intention of taking back any of my previous comments and I will not change my opinion on SR on or off before running AV/malware/spyware scanners. You will forgive me, but I think the different opinions are also based on different parameters. Mine is troubleshooting IRL, yours seems to be the defence of the theory and design behind SR. Which, again, is great, but will work against you when you want to cleanup an infected system. What you seem to be unaware is that recent malware is being designed to use SR to be quickly reinstalled (restored?). And you will never get rid of it without disabling SR before cleansing. I am not the only one thinking this way. Many people do, including other MVP ’s. Rather than a cordial resolution, not at all possible given the different opinions, time will tell which one is the correct one, if there is only one 100% correct. As you say: We agree we disagree. Take care. Zee "Jack E Martinelli" wrote in message ... Zee, I like your response. I differ from your judgement in some regards. I have read the entire previous thread here. I have no opinion or financial incentives regarding the new MS anti-spyware tool. I am a MS MVP: I have no other contract with Microsoft. I am here to help the Millennium user community. And I think I am honorable and uncorruptible. I genuinely think the others here are doing the same. IMO, disabling SR can permit removing some infected SR files, but these are already "quarantined" if SR is running effectively. Only an inadvertent or ignorant reversion using SR by the user can reinfect the machine from these files. IMO, this risk is far less than any from not having SR available in the possible circumstance that the current session results in a serious problem. If I understand Mike M and Noel correctly, this is their point, with which I agree. Cleansing a SR file is trivial relative to being able to restore a failing machine. It's the "parachute" thing. OTH, disabling SR before running a AV scan is not nearly as effective as running the AV in Safe Mode, if available, or DOS mode, to kill malactors not yet loaded and executing. I am most pleased with your reasonable response here and hope that we can discuss (debate ?) these apparent differences of opinion to a cordial resolution. It's not necessary that we finally agree on a best course of action. It is preferable that we have a civil discourse to a point where we can agree to disagree, if that is the case. As I said earlier, it's the "personal" in personal computer. I congratulate you for this reasonable rejoinder. I look forward to your response. -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Jack, If personal attacks are the issue here, I would suggest you to read the sequence of events. Regarding Symantec, I really find it weird that only mentioning a link to Symantec is seen/read as supporting Norton. Is this really caused by the BS software they have been releasing these last couple of years? Or maybe could it be related to the forthcoming MS AV...?? Just wondering... Please be aware that I am a strong supporter of SR. You won't read any comment of mine saying anything else. Regarding SR off or on before malware/spyware cleansing, that is a different issue. I have mine, turn it off, and there are MVP's and non-MVP experts supporting the same idea I have. Even Noel Paton admits that different opinions exist. My personal experience tells me that is wise, or you won't be able to clean some of the more recent malware. And, yes, do turn on SR as soon as you have a clean system, making sure you have a safe restore point. I will not comment anything else as I find it too biased to be considered debatable. Thank you for caring to post. Zee "Jack E Martinelli" wrote in message ... Disregarding for the moment this disagreement about the advisibility of disabling SR prior to running an AV scan, or for any other reason, Zee, I direct your attention to your particular words here to Mr. Mike Maltby, and to others elsewhere directed to Mr. Richard Harper. IMO, these constitute a personal attack, unrelated to any technical discussion about computer business. This is not acceptible in this ng, nor really anywhere else. We are civilized here. If you wish to troll, do so elsewhere. If you continue in this vein, I suggest you will soon not be obtaining any responses to any inquiries or posts here. Like your choice in disabling SR on your personal computer, it's your "personal" choice. Neither Mike M, Noel Paton, Richard Harper, Mart, nor any one else here really needs my support since many users here understand the importance of SR to maintain the WinME computer. Readers can review years of our comments to aid them. IMHO, you are the one willing to take an unnecessary, possibly catastrophic risk. Hopefully, less informed readers of this thread will understand this and avoid your advice. Many already understand the inadvisibility of using Norton tools, or following Symantec advice, under WinME. We pride ourselves in the Millennium ng's for being compassionate and courteous, and expect the same from you despite how heated any disagreement may become. There is no excuse for lack of grace under pressure. Thank you in advance for your serious, careful reconsideration, and any consideration of an apology to those personally attacked, so we can return to a technical discussion avoiding personalities, -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Mike, LOL I'm sure your *wisdom* is proportional to your lack of education and good sense. But, that's so typical of too many MVP's. Enjoy your life, mate. Zee "Mike M" wrote in message ... SNIP |
#42
|
|||
|
|||
Jack, You'll notice when every scan shows clean, and you'll find it active = again upon the first reboot. Turn off SR, clean, reboot and the system comes up clean. As I read somewhere else, on the same issue, but I am a dumb old = dinosaur who likes results to be predictable. Zee "Jack E Martinelli" wrote in message = ... Thank you for your courteous response. =20 Please explain how malware is using WinME SR files to reinfect a = machine. I am aware of the use of hidden "tickler" files to do so, particularly regarding spyware, and have had very difficult times myself removing = such from naive users' machines during service. I typically recommend to = such uncareful users that they install an "active" anti-spyware tool, eg., Webroot's Spy Sweeper, to help prevent reinfection. =20 But I have not heard of the SR files being used to do so. Please = elaborate in detail. =20 --=20 Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm =20 http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... =20 Jack, =20 Thank you for your comments but don=92t misunderstand me. =20 I have no intention of taking back any of my previous comments and I = will not change my opinion on SR on or off before running = AV/malware/spyware scanners. =20 You will forgive me, but I think the different opinions are also based = on different parameters. =20 Mine is troubleshooting IRL, yours seems to be the defence of the = theory and design behind SR. Which, again, is great, but will work against you = when you want to cleanup an infected system. =20 What you seem to be unaware is that recent malware is being designed = to use SR to be quickly reinstalled (restored?). =20 And you will never get rid of it without disabling SR before = cleansing. =20 I am not the only one thinking this way. Many people do, including = other MVP =92s. =20 Rather than a cordial resolution, not at all possible given the = different opinions, time will tell which one is the correct one, if there is = only one 100% correct. =20 As you say: We agree we disagree. =20 Take care. =20 Zee =20 =20 =20 =20 =20 "Jack E Martinelli" wrote in message ... Zee, I like your response. I differ from your judgement in some regards. I have read the entire previous thread here. I have no opinion or financial incentives regarding the new MS anti-spyware tool. I am a MS MVP: I have no other contract with Microsoft. I am here = to help the Millennium user community. And I think I am honorable and uncorruptible. I genuinely think the others here are doing the = same. IMO, disabling SR can permit removing some infected SR files, but = these are already "quarantined" if SR is running effectively. Only an = inadvertent or ignorant reversion using SR by the user can reinfect the machine = from these files. IMO, this risk is far less than any from not having SR available in = the possible circumstance that the current session results in a serious problem. If I understand Mike M and Noel correctly, this is their point, with = which I agree. Cleansing a SR file is trivial relative to being able to = restore a failing machine. It's the "parachute" thing. OTH, disabling SR before running a AV scan is not nearly as = effective as running the AV in Safe Mode, if available, or DOS mode, to kill = malactors not yet loaded and executing. I am most pleased with your reasonable response here and hope that = we can discuss (debate ?) these apparent differences of opinion to a = cordial resolution. It's not necessary that we finally agree on a best = course of action. It is preferable that we have a civil discourse to a point = where we can agree to disagree, if that is the case. As I said earlier, = it's the "personal" in personal computer. I congratulate you for this reasonable rejoinder. I look forward to = your response. --=20 Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Jack, If personal attacks are the issue here, I would suggest you to = read the sequence of events. Regarding Symantec, I really find it weird that only mentioning a = link to Symantec is seen/read as supporting Norton. Is this really caused by the BS software they have been releasing = these last couple of years? Or maybe could it be related to the forthcoming MS AV...?? Just wondering... Please be aware that I am a strong supporter of SR. You won't read = any comment of mine saying anything else. Regarding SR off or on before malware/spyware cleansing, that is a different issue. I have mine, turn it off, and there are MVP's and non-MVP = experts supporting the same idea I have. Even Noel Paton admits that different opinions exist. My personal experience tells me that is wise, or you won't be able = to clean some of the more recent malware. And, yes, do turn on SR as soon as you have a clean system, making = sure you have a safe restore point. I will not comment anything else as I find it too biased to be considered debatable. Thank you for caring to post. Zee "Jack E Martinelli" wrote in = message ... Disregarding for the moment this disagreement about the = advisibility of disabling SR prior to running an AV scan, or for any other = reason, Zee, I direct your attention to your particular words here to Mr. = Mike Maltby, and to others elsewhere directed to Mr. Richard Harper. IMO, these constitute a personal attack, unrelated to any = technical discussion about computer business. This is not acceptible in this ng, nor really anywhere else. We = are civilized here. If you wish to troll, do so elsewhere. If you continue in this vein, I suggest you will soon not be = obtaining any responses to any inquiries or posts here. Like your choice in disabling SR on your personal computer, it's = your "personal" choice. Neither Mike M, Noel Paton, Richard Harper, Mart, nor any one = else here really needs my support since many users here understand the importance of SR to maintain the WinME computer. Readers can review years = of our comments to aid them. IMHO, you are the one willing to take an unnecessary, possibly catastrophic risk. Hopefully, less informed readers of this thread will understand = this and avoid your advice. Many already understand the inadvisibility = of using Norton tools, or following Symantec advice, under WinME. We pride ourselves in the Millennium ng's for being = compassionate and courteous, and expect the same from you despite how heated any disagreement may become. There is no excuse for lack of grace = under pressure. Thank you in advance for your serious, careful reconsideration, = and any consideration of an apology to those personally attacked, so we can return to a technical discussion avoiding = personalities, --=20 Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Mike, LOL I'm sure your *wisdom* is proportional to your lack of education = and good sense. But, that's so typical of too many MVP's. Enjoy your life, mate. Zee "Mike M" wrote in message ... SNIP =20 |
#43
|
|||
|
|||
There's a very good reason for the fact you haven't heard about it, Jack -
it CANNOT be done without user intervention! -- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "Jack E Martinelli" wrote in message ... .. But I have not heard of the SR files being used to do so. Please elaborate in detail. -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. |
#44
|
|||
|
|||
That is pure bull - the fact is that there is a memory-resident checker
present, which reinstalls the infection on the shutdown/restart cycle - it has NOTHING WHATEVER to do with System Restore, unless you actually use SR to restore the system. -- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "oops!!" wrote in message ... Jack, You'll notice when every scan shows clean, and you'll find it active again upon the first reboot. Turn off SR, clean, reboot and the system comes up clean. As I read somewhere else, on the same issue, but I am a dumb old dinosaur who likes results to be predictable. Zee "Jack E Martinelli" wrote in message ... Thank you for your courteous response. Please explain how malware is using WinME SR files to reinfect a machine. I am aware of the use of hidden "tickler" files to do so, particularly regarding spyware, and have had very difficult times myself removing such from naive users' machines during service. I typically recommend to such uncareful users that they install an "active" anti-spyware tool, eg., Webroot's Spy Sweeper, to help prevent reinfection. But I have not heard of the SR files being used to do so. Please elaborate in detail. -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Jack, Thank you for your comments but don’t misunderstand me. I have no intention of taking back any of my previous comments and I will not change my opinion on SR on or off before running AV/malware/spyware scanners. You will forgive me, but I think the different opinions are also based on different parameters. Mine is troubleshooting IRL, yours seems to be the defence of the theory and design behind SR. Which, again, is great, but will work against you when you want to cleanup an infected system. What you seem to be unaware is that recent malware is being designed to use SR to be quickly reinstalled (restored?). And you will never get rid of it without disabling SR before cleansing. I am not the only one thinking this way. Many people do, including other MVP ’s. Rather than a cordial resolution, not at all possible given the different opinions, time will tell which one is the correct one, if there is only one 100% correct. As you say: We agree we disagree. Take care. Zee "Jack E Martinelli" wrote in message ... Zee, I like your response. I differ from your judgement in some regards. I have read the entire previous thread here. I have no opinion or financial incentives regarding the new MS anti-spyware tool. I am a MS MVP: I have no other contract with Microsoft. I am here to help the Millennium user community. And I think I am honorable and uncorruptible. I genuinely think the others here are doing the same. IMO, disabling SR can permit removing some infected SR files, but these are already "quarantined" if SR is running effectively. Only an inadvertent or ignorant reversion using SR by the user can reinfect the machine from these files. IMO, this risk is far less than any from not having SR available in the possible circumstance that the current session results in a serious problem. If I understand Mike M and Noel correctly, this is their point, with which I agree. Cleansing a SR file is trivial relative to being able to restore a failing machine. It's the "parachute" thing. OTH, disabling SR before running a AV scan is not nearly as effective as running the AV in Safe Mode, if available, or DOS mode, to kill malactors not yet loaded and executing. I am most pleased with your reasonable response here and hope that we can discuss (debate ?) these apparent differences of opinion to a cordial resolution. It's not necessary that we finally agree on a best course of action. It is preferable that we have a civil discourse to a point where we can agree to disagree, if that is the case. As I said earlier, it's the "personal" in personal computer. I congratulate you for this reasonable rejoinder. I look forward to your response. -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Jack, If personal attacks are the issue here, I would suggest you to read the sequence of events. Regarding Symantec, I really find it weird that only mentioning a link to Symantec is seen/read as supporting Norton. Is this really caused by the BS software they have been releasing these last couple of years? Or maybe could it be related to the forthcoming MS AV...?? Just wondering... Please be aware that I am a strong supporter of SR. You won't read any comment of mine saying anything else. Regarding SR off or on before malware/spyware cleansing, that is a different issue. I have mine, turn it off, and there are MVP's and non-MVP experts supporting the same idea I have. Even Noel Paton admits that different opinions exist. My personal experience tells me that is wise, or you won't be able to clean some of the more recent malware. And, yes, do turn on SR as soon as you have a clean system, making sure you have a safe restore point. I will not comment anything else as I find it too biased to be considered debatable. Thank you for caring to post. Zee "Jack E Martinelli" wrote in message ... Disregarding for the moment this disagreement about the advisibility of disabling SR prior to running an AV scan, or for any other reason, Zee, I direct your attention to your particular words here to Mr. Mike Maltby, and to others elsewhere directed to Mr. Richard Harper. IMO, these constitute a personal attack, unrelated to any technical discussion about computer business. This is not acceptible in this ng, nor really anywhere else. We are civilized here. If you wish to troll, do so elsewhere. If you continue in this vein, I suggest you will soon not be obtaining any responses to any inquiries or posts here. Like your choice in disabling SR on your personal computer, it's your "personal" choice. Neither Mike M, Noel Paton, Richard Harper, Mart, nor any one else here really needs my support since many users here understand the importance of SR to maintain the WinME computer. Readers can review years of our comments to aid them. IMHO, you are the one willing to take an unnecessary, possibly catastrophic risk. Hopefully, less informed readers of this thread will understand this and avoid your advice. Many already understand the inadvisibility of using Norton tools, or following Symantec advice, under WinME. We pride ourselves in the Millennium ng's for being compassionate and courteous, and expect the same from you despite how heated any disagreement may become. There is no excuse for lack of grace under pressure. Thank you in advance for your serious, careful reconsideration, and any consideration of an apology to those personally attacked, so we can return to a technical discussion avoiding personalities, -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Mike, LOL I'm sure your *wisdom* is proportional to your lack of education and good sense. But, that's so typical of too many MVP's. Enjoy your life, mate. Zee "Mike M" wrote in message ... SNIP |
#45
|
|||
|
|||
Clearly ignorance is showing its head here Noel. Before condemning system
restore Zee ought to learn a little about viruses and the mechanisms they use. Until he looks at the problem logically, something he appears to have failed to do to date, and carefully considers and understands the consequences to the end user of disabling system restore and then (accidentally) trashing their system whilst attempting to rid their system of malware there is little point in continuing. -- Mike Maltby MS-MVP Noel Paton wrote: That is pure bull - the fact is that there is a memory-resident checker present, which reinstalls the infection on the shutdown/restart cycle - it has NOTHING WHATEVER to do with System Restore, unless you actually use SR to restore the system. |
#46
|
|||
|
|||
Whatever. See you around and probably speaking of this again soon Zee "Noel Paton" wrote in message ... That is pure bull - the fact is that there is a memory-resident checker present, which reinstalls the infection on the shutdown/restart cycle - it has NOTHING WHATEVER to do with System Restore, unless you actually use SR to restore the system. -- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "oops!!" wrote in message ... Jack, You'll notice when every scan shows clean, and you'll find it active again upon the first reboot. Turn off SR, clean, reboot and the system comes up clean. As I read somewhere else, on the same issue, but I am a dumb old dinosaur who likes results to be predictable. Zee "Jack E Martinelli" wrote in message ... Thank you for your courteous response. Please explain how malware is using WinME SR files to reinfect a machine. I am aware of the use of hidden "tickler" files to do so, particularly regarding spyware, and have had very difficult times myself removing such from naive users' machines during service. I typically recommend to such uncareful users that they install an "active" anti-spyware tool, eg., Webroot's Spy Sweeper, to help prevent reinfection. But I have not heard of the SR files being used to do so. Please elaborate in detail. -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Jack, Thank you for your comments but don’t misunderstand me. I have no intention of taking back any of my previous comments and I will not change my opinion on SR on or off before running AV/malware/spyware scanners. You will forgive me, but I think the different opinions are also based on different parameters. Mine is troubleshooting IRL, yours seems to be the defence of the theory and design behind SR. Which, again, is great, but will work against you when you want to cleanup an infected system. What you seem to be unaware is that recent malware is being designed to use SR to be quickly reinstalled (restored?). And you will never get rid of it without disabling SR before cleansing. I am not the only one thinking this way. Many people do, including other MVP ’s. Rather than a cordial resolution, not at all possible given the different opinions, time will tell which one is the correct one, if there is only one 100% correct. As you say: We agree we disagree. Take care. Zee "Jack E Martinelli" wrote in message ... Zee, I like your response. I differ from your judgement in some regards. I have read the entire previous thread here. I have no opinion or financial incentives regarding the new MS anti-spyware tool. I am a MS MVP: I have no other contract with Microsoft. I am here to help the Millennium user community. And I think I am honorable and uncorruptible. I genuinely think the others here are doing the same. IMO, disabling SR can permit removing some infected SR files, but these are already "quarantined" if SR is running effectively. Only an inadvertent or ignorant reversion using SR by the user can reinfect the machine from these files. IMO, this risk is far less than any from not having SR available in the possible circumstance that the current session results in a serious problem. If I understand Mike M and Noel correctly, this is their point, with which I agree. Cleansing a SR file is trivial relative to being able to restore a failing machine. It's the "parachute" thing. OTH, disabling SR before running a AV scan is not nearly as effective as running the AV in Safe Mode, if available, or DOS mode, to kill malactors not yet loaded and executing. I am most pleased with your reasonable response here and hope that we can discuss (debate ?) these apparent differences of opinion to a cordial resolution. It's not necessary that we finally agree on a best course of action. It is preferable that we have a civil discourse to a point where we can agree to disagree, if that is the case. As I said earlier, it's the "personal" in personal computer. I congratulate you for this reasonable rejoinder. I look forward to your response. -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Jack, If personal attacks are the issue here, I would suggest you to read the sequence of events. Regarding Symantec, I really find it weird that only mentioning a link to Symantec is seen/read as supporting Norton. Is this really caused by the BS software they have been releasing these last couple of years? Or maybe could it be related to the forthcoming MS AV...?? Just wondering... Please be aware that I am a strong supporter of SR. You won't read any comment of mine saying anything else. Regarding SR off or on before malware/spyware cleansing, that is a different issue. I have mine, turn it off, and there are MVP's and non-MVP experts supporting the same idea I have. Even Noel Paton admits that different opinions exist. My personal experience tells me that is wise, or you won't be able to clean some of the more recent malware. And, yes, do turn on SR as soon as you have a clean system, making sure you have a safe restore point. I will not comment anything else as I find it too biased to be considered debatable. Thank you for caring to post. Zee "Jack E Martinelli" wrote in message ... Disregarding for the moment this disagreement about the advisibility of disabling SR prior to running an AV scan, or for any other reason, Zee, I direct your attention to your particular words here to Mr. Mike Maltby, and to others elsewhere directed to Mr. Richard Harper. IMO, these constitute a personal attack, unrelated to any technical discussion about computer business. This is not acceptible in this ng, nor really anywhere else. We are civilized here. If you wish to troll, do so elsewhere. If you continue in this vein, I suggest you will soon not be obtaining any responses to any inquiries or posts here. Like your choice in disabling SR on your personal computer, it's your "personal" choice. Neither Mike M, Noel Paton, Richard Harper, Mart, nor any one else here really needs my support since many users here understand the importance of SR to maintain the WinME computer. Readers can review years of our comments to aid them. IMHO, you are the one willing to take an unnecessary, possibly catastrophic risk. Hopefully, less informed readers of this thread will understand this and avoid your advice. Many already understand the inadvisibility of using Norton tools, or following Symantec advice, under WinME. We pride ourselves in the Millennium ng's for being compassionate and courteous, and expect the same from you despite how heated any disagreement may become. There is no excuse for lack of grace under pressure. Thank you in advance for your serious, careful reconsideration, and any consideration of an apology to those personally attacked, so we can return to a technical discussion avoiding personalities, -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... Mike, LOL I'm sure your *wisdom* is proportional to your lack of education and good sense. But, that's so typical of too many MVP's. Enjoy your life, mate. Zee "Mike M" wrote in message ... SNIP |
#47
|
|||
|
|||
It's also absolutely pointless. If you could restore from the SR archive
without user intervention, you wouldn't need to. Shane "Noel Paton" wrote in message ... There's a very good reason for the fact you haven't heard about it, Jack - it CANNOT be done without user intervention! -- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "Jack E Martinelli" wrote in message ... . But I have not heard of the SR files being used to do so. Please elaborate in detail. -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. |
#48
|
|||
|
|||
I have no problems admitting my ignorance of how that malware works. However I do not ignore the steps necessary to reach the cure in an effective and predictable way. Something that many people consider slightly more important. Zee "Mike M" wrote in message ... Clearly ignorance is showing its head here Noel. Before condemning system restore Zee ought to learn a little about viruses and the mechanisms they use. Until he looks at the problem logically, something he appears to have failed to do to date, and carefully considers and understands the consequences to the end user of disabling system restore and then (accidentally) trashing their system whilst attempting to rid their system of malware there is little point in continuing. -- Mike Maltby MS-MVP Noel Paton wrote: That is pure bull - the fact is that there is a memory-resident checker present, which reinstalls the infection on the shutdown/restart cycle - it has NOTHING WHATEVER to do with System Restore, unless you actually use SR to restore the system. |
#49
|
|||
|
|||
In this immediate case, I agree with Noel.
His "memory-resident checker" is what I called my "tickler file". These possibly very hidden files, which restore the active mal-actor on reboot, do not involve SR in any way. This conversation raises an interesting issue, however. I suspect only Mike M may know the answer: Are there any non-MS, non-SR tools which could detect a potential virus in one of the two SR file types, the *.CPY or the *.CAB files, and restore (decompress) them to an active agent? If so, I am not aware of any. That doesn't mean that some bad actor could not invent or usurp some. What about it, Mike? However, Zee, your described situation does not necessarily implicate any SR infected files in the virus restoration axis, IMO. It is more likely consistent with my "tickler file", aka, Noel's "memory-resident checker" file. -- Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS Help us help you: http://www.dts-L.org/goodpost.htm http://www.microsoft.com/athome/secu...t/default.aspx Your cooperation is very appreciated. ------ "oops!!" wrote in message ... I have no problems admitting my ignorance of how that malware works. However I do not ignore the steps necessary to reach the cure in an effective and predictable way. Something that many people consider slightly more important. Zee "Mike M" wrote in message ... Clearly ignorance is showing its head here Noel. Before condemning system restore Zee ought to learn a little about viruses and the mechanisms they use. Until he looks at the problem logically, something he appears to have failed to do to date, and carefully considers and understands the consequences to the end user of disabling system restore and then (accidentally) trashing their system whilst attempting to rid their system of malware there is little point in continuing. -- Mike Maltby MS-MVP Noel Paton wrote: That is pure bull - the fact is that there is a memory-resident checker present, which reinstalls the infection on the shutdown/restart cycle - it has NOTHING WHATEVER to do with System Restore, unless you actually use SR to restore the system. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
sluggish performance... | Jeff | General | 3 | October 25th 04 08:52 PM |
Stubborn Viruses | Mikey | General | 20 | October 6th 04 11:59 AM |
Viruses and missing DLL'S | Peter L. Clarke | General | 1 | July 17th 04 01:59 PM |
What do viruses target? | Steve | Internet | 2 | July 15th 04 12:17 AM |
Wont start past Checking memory for viruses OK | Susan | Improving Performance | 2 | June 19th 04 06:57 AM |