Config. Utility against unchecking programs?
in [Windows XP]
|
Prev: USB Port not detected
Next: Deleting User
From: Twayne on 26 Jul 2010 19:26 In news:i2j8f7$s3f$1(a)news.albasani.net, VanguardLH <V(a)nguard.LH> typed: > Adela wrote: > >> [MS WinXP Home 2002 - SP3; OE 6; IE 8; MS Office Pro; >> Avast Antivir Free; Dell Dimension XPS T448MHz Pentium >> III; 640 MB RAM; high speed cable; Windows Media Player; >> Adobe Reader 8; Adobe Flash Player 10 Activex..] >> >> Hello, could someone tell me why the following and if >> there's a way around it please?: >> >> When I go to Startup to uncheck some programs to speed up >> the computer, it always appears a popup window saying that >> I changed the Configuration Utility to "Selective" or >> "Diagnostic" and that I should change it back to >> "Standard"... This defeats the purpose for which so many >> techis recommend to uncheck some of these programs. If >> there's a way to go around it, could someone help? >> >> Thanks so much for a suggestion. Adela > > Why not check the box already in that prompt that says not > to prompt you again? Because that is a mis-use of the tool and a few months down the road can become pretty consufing to someone trying to use it to troubleshoot again. Some of those entries will come back automatically and others won't, plus the record of their paper trail so to speak will be gone. Loading, but not using, code is highly un-recommended by nearly every experienced computer person. You find the offending programs with it, THEN go do an uninstall, fix or whatever is needed in those programs WHERE THE PROBLEM ACTUALLY EXISTS.
From: VanguardLH on 27 Jul 2010 22:43 Twayne wrote: > In news:i2j8f7$s3f$1(a)news.albasani.net, > VanguardLH <V(a)nguard.LH> typed: >> Adela wrote: >> >>> [MS WinXP Home 2002 - SP3; OE 6; IE 8; MS Office Pro; >>> Avast Antivir Free; Dell Dimension XPS T448MHz Pentium >>> III; 640 MB RAM; high speed cable; Windows Media Player; >>> Adobe Reader 8; Adobe Flash Player 10 Activex..] >>> >>> Hello, could someone tell me why the following and if >>> there's a way around it please?: >>> >>> When I go to Startup to uncheck some programs to speed up >>> the computer, it always appears a popup window saying that >>> I changed the Configuration Utility to "Selective" or >>> "Diagnostic" and that I should change it back to >>> "Standard"... This defeats the purpose for which so many >>> techis recommend to uncheck some of these programs. If >>> there's a way to go around it, could someone help? >>> >>> Thanks so much for a suggestion. Adela >> >> Why not check the box already in that prompt that says not >> to prompt you again? > > Because that is a mis-use of the tool and a few months down the road can > become pretty consufing to someone trying to use it to troubleshoot again. > Some of those entries will come back automatically and others won't, plus > the record of their paper trail so to speak will be gone. Loading, but not > using, code is highly un-recommended by nearly every experienced computer > person. > You find the offending programs with it, THEN go do an uninstall, fix or > whatever is needed in those programs WHERE THE PROBLEM ACTUALLY EXISTS. I've used the msconfig for year to disable/reenable startup items (well, the ones that it manages to list). If you are going to uninstall a program then you reenable the disabled startup item so the uninstaller can remove that registry startup item (or you just delete it yourself from the registry after reenabling it). This isn't the only utility that "disables" startup items to let you later reenable them. Uninstall software is NOT a reasonable solution. If you want to use RealPlayer, you will probably want to disable their realsched startup item. If you install OmniPage's OCR program, yep, it has startup items that aren't really needed. If you use Nero then it, too, has a startup item to look for conflicts with other CD/DVD burning software but is irrelevant if you don't have that other software installed. Avira wants to shove its adware bulletin screen when it loads but you can get rid f it by disabling it (rather than deleting it). You want those programs but you don't necessarily care for their startup behavior. A hammer is a tool that can be used for many purposes besides just shoving one particular sized nail into a particular type of wood. msconfig is also a tool that can be used for disabling/reenabling startup items and you use it per your own goal. There's nothing wrong with using msconfig to disable (rather than delete) startup items. Eliminating the software is usually NOT a reasonable choice for the user. I doubt there is a single piece of software that someone else wrote that you chose to install on your host that does exactly and only what you want it to do. There's nothing wrong with trying to alter a program's behavior if possible without having to discard it.
From: VanguardLH on 27 Jul 2010 23:07 Bob wrote: > WinPatrol's Host-based Intrusion Prevention System(HIPS) takes snapshot of > your critical system resources and alerts you to any changes that may occur > without your knowledge. > http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/WinPatrol.shtml Yes, at POLLED intervals (1 minute minimum) for the *free* version. That is why it can NEVER identify what process made the change. You are told long after the fact that a change got made. In fact, if you leave the default (install-time) timer values for WinPatrol, it can be so long after the change was made when you get the alert that you won't have a clue what you were doing some 10 minutes ago, or longer. By the way, the Softpedia article you mentioned is listing features available only in the paid version, not in the freeware version. "Sniffs out Worms, Trojan horses, Cookies, Adware, Spyware and more". Nope, not in the free version. In the free version, you can: - List startup items. (*) o You can disable them (and keep them disabled should a program try to reinstate them later). o You can delete them. That doesn't stop them from reappearing later. - Move some items into a "Delayed Start" list. o You can specify how long after logging in (and after WinPatrol loads) for when some startup items get loaded. - List and remove IE helpers (BHOs, add-ons, COM plugins, etc). (*) - List and remove events defined in Task Scheduler. (*) - List NT services. (*) - List currently running processes. o Lets you kill them although it uses no hard-kill features available with other software so it offers nothing more than you can do more than with Task Manager. - Filter out some cookies. (*) o This means you need to know what the cookie will contain. Cookie contents and even their field structure can change even at the same site. o Most web browsers already have cookie management that obviates this feature. - Monitor the filetype associations. (*) o You can delete a filetype association. You cannot use WinPatrol to fix it (by assigning a different handler for a filetype). - List hidden files. - List recently accessed files. - Alerts you if the hosts file has been modified. - Resets the home page and search in IE if it gets changed (even if you're the one that made the change). (*) These have a monitoring function that POLLS for changes at the specified interval. Most intervals are way too long so by the time you get an alert you may not remember what was happening that long ago. I suggest you reduce all timers down to 1 minute. That's not super quick but it's the shortest interval they will allow. NONE of the above has to do with *detecting* worms, trojans, adware, or spyware and cookie management in web browsers is probably better than guessing at some text that may appear in some cookies. WinPatrol lets you know when a change (that is being monitored) has occured but that could be made by yourself, by software you chose to install and even by very well-known and even well-behaved programs, or by malware. It is NOT the anti-malware tool the author likes to proclaim. It is an alert tool so *YOU* can decide if the change should be retained. Notice I did not say if the change was allowed because that means you get to decide to allow or block the change while it is pending. WinPatrol, like WinDefender, told you about the change long after it happened. If you choose to disallow the change, it *might* get changed back. If it is a simple change then the reversion is likely. If a process is still running that establishes and maintains that change then WinPatrol, like WinDefender, will fail to revert to the prior state. WinPatrol is a good tool to let you know if some portion of the state of your host has changed. It tells you about the change but it is long after the change was made. It cannot identify the culprit of who made the change. It cannot tell you if the change should be allowed or not. It does not detect malware. It merely tells you the state got changed and that happens even with your use of the OS or by the apps that you install or as you use them. Think of WinPatrol as one of those chemically-activated monoxide warning stickers. It tells you the level of monoxide is too high. By the time the color changes to warn you, the level has already been high for awhile. It doesn't tell you the source that is producing the monoxide. But knowing late without knowing why *might* still be better than not knowing at all (I said "might" because it presumes the user can understand the change that was made upon which WinPatrol alerted).
From: Twayne on 28 Jul 2010 21:40 In news:i2o6tk$av2$1(a)news.albasani.net, VanguardLH <V(a)nguard.LH> typed: > Bob wrote: > >> WinPatrol's Host-based Intrusion Prevention System(HIPS) >> takes snapshot of your critical system resources and >> alerts you to any changes that may occur without your >> knowledge. >> http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/WinPatrol.shtml > > Yes, at POLLED intervals (1 minute minimum) for the *free* > version. That is why it can NEVER identify what process > made the change. You are told long after the fact that a > change got made. In fact, if you leave the default > (install-time) timer values for WinPatrol, it can be so > long after the change was made when you get the alert that > you won't have a clue what you were doing some 10 minutes > ago, or longer. To the contrary, a very good set of data is grabbed at the point where the program gets isolated and much information is available there. It even gets used should you decide to reverse your decision about changes you made. You should get better real world experence than try to pull it all from documentation so there are no mis-cues. I could easily take you on re the pay-for version, which is VERY reasonably priced, but that's why I chose to use URLs rather than leave some stuff out. The surfer can get to anythinig avaiable about the program from that page if they wish to. It captures a set of data for you which can be saved so no data is lost. The vast majority of time, the message appears DURING the initial startup routiines and does so IMMEDIATELY. It may take a few seconds for the message to get thru prioritiies to get to the screen, but it still has the attempting to run program stopped and held in abayance until the user decides what to do. > > By the way, the Softpedia article you mentioned is listing > features available only in the paid version, not in the > freeware version. "Sniffs out Worms, Trojan horses, > Cookies, Adware, Spyware and more". Nope, not in the free > version. Yesss, and that's what it says right there on the page, right? I didn't say the "free" verson did or ddn't do any specific thing. For whatever reason you are splitting hairs and attempting to put words in my mouth, almost like a troll or miscreant might do; that doesn't help your crediblity very much. You'll also find even the paid version very inexpensive should one like the free version and wish to go paid. There's nothing new in the world about that, and it has nada to do with the price of tea in China. ============ " WinPatrol PLUS is a great investment! One Time fee includes for ALL future WinPatrol versions. No Hidden or Reoccurring Subscription Fees. Single License valid on all your personal desktops and laptops! No Toolbars or other unwanted software WinPatrol PLUS is quicker and faster. Upgrade Now with No Additional Download ============ " Download WinPatrol 18.1 More info at bottom of post > > In the free version, you can: > - List startup items. (*) > o You can disable them (and keep them disabled should a > program try to reinstate them later). > o You can delete them. That doesn't stop them from > reappearing later. - Move some items into a "Delayed Start" > list. o You can specify how long after logging in (and > after WinPatrol loads) for when some startup items get > loaded. > - List and remove IE helpers (BHOs, add-ons, COM plugins, > etc). (*) > - List and remove events defined in Task Scheduler. (*) > - List NT services. (*) > - List currently running processes. > o Lets you kill them although it uses no hard-kill > features available with other software so it offers > nothing more than you can do more than with Task Manager. > - Filter out some cookies. (*) Filter out ANY cookie you can name and accepts wildcards. > o This means you need to know what the cookie will > contain. Cookie contents and even their field structure > can change even at the same site. But not often, and it if does, a new cooking listing is created that's easy to identify if one suspects it came back. Many of the are already pre-listed, in fact. > o Most web browsers already have cookie management that > obviates this feature. > - Monitor the filetype associations. (*) > o You can delete a filetype association. You cannot use > WinPatrol to fix it (by assigning a different handler > for a filetype). > - List hidden files. > - List recently accessed files. > - Alerts you if the hosts file has been modified. > - Resets the home page and search in IE if it gets changed > (even if you're the one that made the change). Good piece of advertising for Winpatrol, but I fail to find any reason for your list. It's just mostly copied from the URL that was given by myself which says that and a lot more too. But your list leaves some things to be desired and should be complete if you're going to post it: > > (*) These have a monitoring function that POLLS for changes > at the specified interval. Most intervals are way too long > so by the time you get an alert you may not remember what > was happening that long ago. I suggest you reduce all > timers down to 1 minute. That's not super quick but it's > the shortest interval they will allow. That's silly. Most aspects of WP operate in real time and the only waits are for cues/buffers to complete. But even if it were that long, the information has still been trapped and logged, making the time it takes to get to read the message pretty much moot. Even moreso when you consider the PLUS features and so on that are provided with the program. > > NONE of the above has to do with *detecting* worms, > trojans, adware, or spyware and cookie management in web Neither the program nor I made any claims that it did. What it does do is watch EXECUTABLES that start and if it's not already logged as OK, it'll throw the error, asking the user whether they iinitiated that or not with the capability to determine what to do about it. > browsers is probably better than guessing at some text that > may appear in some cookies. I sometimes find looking in cookies quite useful in determining whether it's one I want to keep or not. You're crying about a capablity one doesn't have to use if they have no use for it. YOU do not determine what others want or may find useful. WinPatrol lets you know when a > change (that is being monitored) Changes being monitored are clearly visible in the dialogs, and the user can add/delete from those lists as they desire. Mine will now allow Spybot to make changes to it without notifying me, but any other entity, includng another user, gets the error thrown. has occured but that could > be made by yourself, by software you chose to install and > even by very well-known and even well-behaved programs, or > by malware. It is NOT the anti-malware tool the author > likes to proclaim. It is an alert tool so *YOU* can decide > if the change should be retained. That has turned out to be a great feature in some instances here. A lot of malware doesn't fire when it's download but waits for something specific to happen on the machine. And if your AV/malware detectors didn't get them, that's one more layer of protection. But now you've turned to criticizing hype you found on some page instead of assuming that people can't read and make their own decisions. Personally I find the extra layer of realtime protection useful and it has been beneficial. Notice I did not say if > the change was allowed because that means you get to decide > to allow or block the change while it is pending. Exactly. That's a useful feature if you'll just think about it by viewing the forest instead of a few trees. > WinPatrol, like WinDefender, told you about the change long > after it happened. If you choose to disallow the change, > it *might* get changed back. If it is a simple change then > the reversion is likely. That's one of the tests I put Winpatrol thru before I started using it and my results were just the opposite: even if I stopped a system file, it remained stopped and couldn't boot. Please provide an example I can use to prove that? If a process is still running > that establishes and maintains that change then WinPatrol, > like WinDefender, will fail to revert to the prior state. The ONLY time I've seen anything remotely similar to that, WP advised me it couldn't be stopped. Again, please cite an example so I can make this happen without knowing it occurred? > > WinPatrol is a good tool to let you know if some portion of > the state of your host has changed. It tells you about the > change but it is long after the change was made. No, not "long" after, which to your definition is apparently minutes. It cannot > identify the culprit of who made the change. It can, and does. It cannot > tell you if the change should be allowed or not. It does > not detect malware. It's not meant to. It merely tells you the state got > changed and that happens even with your use of the OS or by > the apps that you install or as you use them. > > Think of WinPatrol as one of those chemically-activated > monoxide warning stickers. It tells you the level of > monoxide is too high. By the time the color changes to > warn you, the level has already been high for awhile. It > doesn't tell you the source that is producing the monoxide. > But knowing late without knowing why *might* still be > better than not knowing at all (I said "might" because it > presumes the user can understand the change that was made > upon which WinPatrol alerted). Jeez, talk about apples and oranges! Resorting to analogies usually means the writer is out of words but still wants to make more of an impression. You have failed in any way to change any of my opinions because your credibility was shot in the first few paras. Not sure what you're on about here either, but the best use of Winpatrol for me is being advised whenever some executable starts up that has never run before. Then it allows the user to allow it run always, run once, not this time, or never run. The program name and several other details about it are listed, too, for help in identifying it. If you've just installed something, it's expected for that to happen. If not, then it's likely it's not something the user wanted and is worth stalling untili it can be checked out. It halts it from running in that case, I go to the PLUS features of Winpatrol, and see what that program is and what it does and whether it's known to be malicious or malware or what. If it's not recognized there, then it can be Googled for hints as to what it might be which wll help decide whether it's wanted or not. If it is, next time the message pops up, and you trust it, you react accodingly. Or not. It hasn't failed me yet over several years so I am pretty satisfied with it, really. I'm guessing but it would appear to me that your real aversion to WP is that it's basically a heuristics approach to maintaining the health of a system, which means it's possible for it to catch unknown, unseen yet malware. For the small amount of memory it uses, I'd say it's a pretty darned good piece of code. =========== WinPatrol PLUS allows you to efficiently monitor programs running on your computer without slowing you down or hogging all your memory. WinPatrol takes snapshot of your critical system resources and alerts you in real-time to any changes that may occur without your knowledge. You'll be notified of critical system changes and have access to over 30,000 easy to understand program descriptions. Must have addition to your current AV protection. Single License $29.95 USD Single User / Multiple Machines Limited Time $10 off $19.95 Family Pack $49.95 USD Unlimted Computers / Immediate Family Limited Time Now Only $39.95 More Info Task Catcher Task Catcher is designed to restart programs which fail or may be blocked by malware. If a program crashes Task Catcher will detect the failure and relaunch your program automatically. Task Catcher allows you to efficiently monitor programs running on your computer without slowing you down or hogging all your memory. Task Catcher will block unwanted programs from running and restarts your favorite programs if they are disabled or crash. As always, our goal is to put YOU back in control of your computer. $12.95 USD More Info
From: VanguardLH on 29 Jul 2010 15:33
Twayne wrote: > VanguardLH typed: > >> Bob wrote: >> >>> WinPatrol's Host-based Intrusion Prevention System(HIPS) takes >>> snapshot of your critical system resources and alerts you to any >>> changes that may occur without your knowledge. >>> http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/WinPatrol.shtml >> >> Yes, at POLLED intervals (1 minute minimum) for the *free* version. >> That is why it can NEVER identify what process made the change. You >> are told long after the fact that a change got made. In fact, if >> you leave the default (install-time) timer values for WinPatrol, it >> can be so long after the change was made when you get the alert that >> you won't have a clue what you were doing some 10 minutes ago, or >> longer. > > To the contrary, a very good set of data is grabbed A snapshot is taken and WP checks for delta changes through its monitoring. > at the point where the > program gets isolated and much information is available there. There is no isolation of any program or process by WP. > It even gets > used should you decide to reverse your decision about changes you made. It knows from the delta what was the original value and attempts to re-assert it. It usually works but not always. > It captures a set of data for you which can be saved so no data is lost. The > vast majority of time, the message appears DURING the initial startup > routiines and does so IMMEDIATELY. Nope, not until AFTER WinPatrol loads which it does as a user-level process, not as a service and not as a kernel-mode driver. After WP loads, it will poll at the interval configured. 1-minute is the minimum configurable polling interval. Some of its monitors are set for a *lot* longer than that. >> By the way, the Softpedia article you mentioned is listing >> features available only in the paid version, not in the >> freeware version. "Sniffs out Worms, Trojan horses, >> Cookies, Adware, Spyware and more". Nope, not in the free >> version. > > Yesss, and that's what it says right there on the page, right? Yes, users looking for freeware solutions are always looking instead for the payware version, uh huh. > I didn't say > the "free" verson did or ddn't do any specific thing. Bob did, though, and *he* was the person to whom I replied. Thereafter my discussion focused on the abilities of the FREE version. I even prefaced my reply with "To be accurate, the free version of WinPatrol". Guess you missed that first sentence. <snipped my list of features and which have monitors> > Good piece of advertising for Winpatrol, but I fail to find any reason for > your list. It's just mostly copied from the URL that was given by myself > which says that and a lot more too. Didn't bother with your URL or copying from their web site. I *use* WinPatrol (free version) myself and simply walked through the tabbed GUI for the user configurable options to list some of its features. It was not meant to be exhaustive. I'm not here to overtly spamm the product. >> (*) These have a monitoring function that POLLS for changes >> at the specified interval. Most intervals are way too long >> so by the time you get an alert you may not remember what >> was happening that long ago. I suggest you reduce all >> timers down to 1 minute. That's not super quick but it's >> the shortest interval they will allow. > > That's silly. Most aspects of WP operate in real time and the only > waits are for cues/buffers to complete. In the FREE version, which is what Bob mentioned, and to which I replied regarding its deficiencies or behavior, why don't YOU go look at its user configurable options. Please explain just why there are values to define for the POLLING interval for each monitor. If they aren't obeyed, why are they there? I know from actual use of the free version just how the monitors work and that alerts won't appear until the next polling interval happens. >> NONE of the above has to do with *detecting* worms, trojans, adware, >> or spyware and cookie management in web > > Neither the program nor I made any claims that it did. I was addressing the claim stated in the Softpedia article to which you linked. YOU weren't even participating in this subthread yet! >> Notice I did not say if the change was allowed because that means you >> get to decide to allow or block the change while it is pending. > > Exactly. That's a useful feature if you'll just think about it by > viewing the forest instead of a few trees. (And you thought my analogy was bad. Uffda!) It means the process that made the change cannot be identified. That means you can not block that same process or its parent executable from making that same change again. It means you have no evidence to let you track the culprit to determine if the change was made by some action you committed, by a program that to you is good and wanted, or by malware. Personally if I see my tire is flat, I'd like to know if I ran over a bolt or nail, if a sharp stone wedged in, if something stabbed it with a knife in the sidewall, if they removed the valve or just depressed the plunger, or just what caused the tire to go flat. However, knowing the tire is flat is also useful because it alerts me that I need to take LATE action to repair the situation before I go driving on that tire. (Oh, gee, another analogy. Guess that'll be over your head, too.) > Please provide an example I can use to prove that? cdiskdun.sys, a backdoor trojan, if running will not permit you or WinPatrol from deleting the file or of deleting the enumeration in the registry that defines the NT service for this malware whose server executable is usually found in the %temp% folder. You need to kill the process before you or WinPatrol can delete the file. The service definition in the registry for this malware is left behind by WinPatrol, so you have to edit the registry yourself. Some registry entries cannot be edited using regedit.exe even if you change permissions on them but instead have to reboot to have the kernel do the cleanup in the history subhives. WinPatrol is useful to alert you that the new service showed up. It just might not get rid of it completely. >> WinPatrol is a good tool to let you know if some portion of the state >> of your host has changed. It tells you about the change but it is >> long after the change was made. > > No, not "long" after, which to your definition is apparently minutes. Yes, 1 minute OR LONGER. The install-time defaults are longer than 1 minutes for most of WinPatrol's monitors. Just do an install of the free version of WinPatrol and just go look at the default configuration for its monitors. > It cannot identify the culprit of who made the change. It can, and > does. It (the free version) NEVER tells you what process made the change. It can't because the change was detected *after* it was made. Unlike other HIPS security apps, the change is not pended. You are not alerted at the instant the change is made or even within a few seconds of the change. You won't know until the next polling interval occurs. >> Think of WinPatrol as one of those chemically-activated monoxide >> warning stickers. It tells you the level of monoxide is too high. >> By the time the color changes to warn you, the level has already >> been high for awhile. It doesn't tell you the source that is >> producing the monoxide. But knowing late without knowing why *might* >> still be better than not knowing at all (I said "might" because it >> presumes the user can understand the change that was made upon which >> WinPatrol alerted). > > Jeez, talk about apples and oranges! Resorting to analogies usually > means the writer is out of words but still wants to make more of an > impression. Just because you have no imagination to provide an illustration that explains the situation to someone not versed in the intracies of a process doesn't obviate the usefulness to someone other than you. > You have failed in any way to change any of my opinions because your > credibility was shot in the first few paras. I wasn't trying to change your opinion. I was showing that the free version, the one that Bob mentioned, detects the changes late (plus from talking with its author there are some changes not yet alerted by WP). I *do* use WinPatrol. Have used it for several years. Have even conversed with the author to get additional startup items included that he missed (to explain how they work). I know very well how the free version works. It doesn't do much of what you claim. None of its alerts are immediate. One minute is the minimal configurable polling interval. While you can go off on a tangential subthread about what the paid Plus version has, I responded to Bob who proffered the *free* version as a solution. Bob mentioned the free version. You roamed off to the Plus version. Yes, there are more features in the paid Plus version, like the on-access scanner. However, I saw no indication that Adela, the OP, had interest in finding payware solutions. She was trying to use something that was already available in her OS hence free to her. I didn't say WinPatrol Free wasn't a useful tool. Just don't make the free version sound like it has more features than it really has. I responded to and discussed the limitations of the free version as a reply to Bob mentioning it. It's you that wants to spam, er, promote the payware version. |