thorough CLSID scanning?

G

Guest

Hi all,
Is there a utlity for XPpro that specifically scans the registry for
unwanted clsid's? I recently was infected by the Vundo variant and noticed
that the usual scanning by adaware, spybot and ccleaner doesn't always
detects certain clsid's and bho's. I was just wondering if there is a
specific scanner thats thorough in finding [clsid's in particular] that other
scanners don't. Thanks for any suggestions.
 
R

Rock

Hi all,
Is there a utlity for XPpro that specifically scans the registry for
unwanted clsid's? I recently was infected by the Vundo variant and
noticed
that the usual scanning by adaware, spybot and ccleaner doesn't always
detects certain clsid's and bho's. I was just wondering if there is a
specific scanner thats thorough in finding [clsid's in particular] that
other
scanners don't. Thanks for any suggestions.
Click to expand...

See this link and scroll down to Winfixer (Vundo)
http://www.elephantboycomputers.com/page2.html#Removing_Malware
 
C

cquirke (MVP Windows shell/user)

On Thu, 28 Sep 2006 13:50:01 -0700, Speedy G.
Is there a utlity for XPpro that specifically scans the registry for
unwanted clsid's?
Click to expand...

I use Nirsoft's RegScanner to search for a sting and list all found
entries, from which they can be Regedited. I'm less keep in blind
S&R, as it's easy to go wrong - e.g. the classic...
- make all of A to be B
- make all of B to be A
- hey, why are there no B anywhere anymore?
I recently was infected by the Vundo variant and noticed that
the usual scanning by adaware, spybot and ccleaner doesn't always
detects certain clsid's and bho's. I was just wondering if there is a
specific scanner thats thorough in finding [clsid's in particular] that other
scanners don't. Thanks for any suggestions.
Click to expand...

I use the above, from Bart CDR boot, as redirected by the RunScanner
plugin. Important tip: You must launch both Regedit and RegScanner
each via RunScanner, before using RegScanner - else RegScanner will
spawn an un-reidirected Regedit, and that won't work well at all.

Google( Bart PE )
Google( RunScanner )
Google( Nirsoft RegScanner ) or go www.nirsoft.net (avoid .com site!)


------------ ----- --- -- - - - -
Click to expand...
Drugs are usually safe. Inject? (Y/n)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Confusion about MBR depending if USB drive is connected 2
Cannot find system32.exe? 3
Malware scanning from a Preinstalled Environment 9
revsci(2).txt 2
Files being locked based on file names?! sasser? HELP 2
Sophos Antivirus - CPU usage peaking to 100% 4
Report on Smitfraud-c and Smitfraud-C.toolbar888 10
Challenging Problem: XP Gurus Needed: Desktop Icons Revert To Defaults 10

Top