Re: ADW_WINSTATX.A & MS AntiSpyWare
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 03/28/05
- Previous message: optikl: "Re: Pc-cillan vs. Earthlink TotalAccess conflict under WinXP?"
- In reply to: jazurell: "ADW_WINSTATX.A & MS AntiSpyWare"
- Next in thread: optikl: "Re: ADW_WINSTATX.A & MS AntiSpyWare"
- Reply: optikl: "Re: ADW_WINSTATX.A & MS AntiSpyWare"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 27 Mar 2005 19:09:10 -0500
From: "jazurell" <jazurell@discussions.microsoft.com>
| Everytime I run a MS AntiSpyWare scan, TrendMicro picks up ADW_WINSTATX.A as
| virua/worm. Is this built into the MS Beta program? It seems less than a
| coincidense that this happens each time I scan with the AntiSpyWare program
| and at no other time. Thanks.
It means that you have the infector on your PC. As MS AS scans the PC, it opens the file
handle of the infected file, at that moment the "On Access" scanner of Trend software flags
the infection. It should ask you delete it or delete automatically.
It would help to know what files is being flagged .
An infector name that begins with ADW means it is adware and is not a virus or worm.
The question is -- Why isn't MS AS catching this as well ?
I suggest the following...
Dump the contents of the IE Temporary Internet Folder cache (TIF)
start --> settings --> control panel --> internet options --> delete files
1) Download the following three items...
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp
Ad-aware SE (free personal version v1.05)
http://www.lavasoftusa.com/
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download SYSCLEAN.COM and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt518.zip
Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM.
2) Update Ad-aware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode and shutdown as many applications as possible.
5) Using both the Trend Sysclean utility and Ad-aware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point
* * Please report back your results * *
-- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm
- Previous message: optikl: "Re: Pc-cillan vs. Earthlink TotalAccess conflict under WinXP?"
- In reply to: jazurell: "ADW_WINSTATX.A & MS AntiSpyWare"
- Next in thread: optikl: "Re: ADW_WINSTATX.A & MS AntiSpyWare"
- Reply: optikl: "Re: ADW_WINSTATX.A & MS AntiSpyWare"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
