PDA

View Full Version : [Fixed] RC1 beta testing



wk357mag
2007-08-19, 04:59
ok, first thing that jumps out at me. Is the HOST FILE.

I did a full uninstall of last beta client, to include deleting all hidden file, clean registry and so forth, prior to installing the newest client (RC1). I made sure the HOST FILE was cleaned out, to include DISABLING SpywareBlaster's too! reboot, installed new stuff.

I noticed that RC1 had some HOST FILE entried that did get installed during install, but it was a previouse version, which had alot of errors/typos in it, which has been corrected by you already. Problem is, once I updated and installed the latest host file, these were still in place.

To clean them out, I had to REMOVE the host file list completely, from with in the GUI. Then ADD it. Once this was done, was it all correct.

I know when you made version 1.4 it would check the host file for dublicates. I guess if there is to TYPOs, that you have to REMOVE the host file and ADD the new one, to get rid of the bad additions.

So I guess the FINAL release should INCLUDE the latest host file in it, that doesnt have the typo/error's in it.

Whats up with "CDILLA" and "SideStep", why are they always checked? I do uncheck them and dont seem to have a problem, but, I guess I have never had these get installed on my rig either.

Install was clean, nice job! So far, so good!! (still testing)

wk357mag
2007-08-19, 05:04
How do we implement the ERASURE shredder? Is this option there yet?

PepiMK
2007-08-19, 16:38
Hmmm... not sure I understand. The installation itself does nothing to the hosts file actually :blink: Did you immunize as part of the first start wizard? That would be the reason for adding stuff to the hosts file then.

Regarding removal of entries: there's indeed an undo option, might have to check that.

Regarding CDilla etc., see FAQ #051 (http://www.safer-networking.org/en/faq/51.html) :D

And no, Eraser support is not integrated yet, that'll be an update to tools.dll. Remember, this is intended to be a release, not a beta version, so it won't include beta features (that will be a beta update then).

wk357mag
2007-08-19, 17:29
Thanks for the info on Cdilla and sidestep!

1) Host file: I made sure that the host file was cleaned out, so it was empty prior to installing the lastest install of RC1. I DID NOT tell it to immunize during the install wizard, but suspect that it did so on its own. There is an option to immunize on program start. I didnt check this but maybe, this feature does it even when its not checked.

2) Shredder: Ok, I thought it was already in the last TOOLS update and thought we would see the option on this RC so it could be included with 1.5 Final. But it sounds like this was just wishful thinking on my part.


I will do a few more check on things, then uninstall and reinstall again, taking some screen shots along the way, just to confirm this host file thing.

wk357mag
2007-08-19, 20:37
ok, there is still a problem with the cleaning of internet history.

clean1: Shows full scan and cleaned as normally would do
clean2: Shows there is still one thing left in internet cache
clean3: Shows HISTORY no cleaned at all! Same as with last beta version
unstall leftover: Show there is still a registry entry present

I presume these registy keys are needed cause of the other files you keep, but thought I would make mention of it so you can confirm this, or note that a change was needed in uninstaller, should these not be needed

wk357mag
2007-08-21, 02:48
I have made multiple attempts and each is the same, no cleaning of the History!

This is WinXP Pro, SP2, fully updated. Surfing with IE6. Crap Cleaner does get everything cleaned.

PepiMK
2007-08-21, 11:22
Hmmm... reminder to myself: other thread (http://forums.spybot.info/showthread.php?t=16134&highlight=BRowserCI).
edit: update bugtracker entry (http://forums.spybot.info/project.php?issueid=36)

Uninstaller: that information is not that important, so I guess it could be removed as well :)

wk357mag
2007-08-21, 15:04
testing with the BrowserCI tool again. There are some changes to how it works.

If I hit the PURGE ALL it will do it and according to BrowserCI's GUI, its all gone, nothing left. Going into windows does actually show the HISTORY untouched and still present. Once again the GUI shows its been cleaned, but its still present. If I restart the BrowserCI, it still says its clean!

PepiMK
2007-08-21, 15:07
Going into Windows? Which History are you speaking about exactly? Windows MRU are not even found in BrowserCI, since that is only for browser stuff.

wk357mag
2007-08-21, 15:11
C:\Documents and Settings\xxUSERNAMExx\Local Settings\History

This is the path to my history, as seen in "clean3.jpg" above

PepiMK
2007-08-21, 16:08
Ah, ok. Test something else: start Internet Explorer, and look into IEs history. Even IE will show you a "clean list", without the deleted entries, so these entries have been removed from IEs perspective.

What you see in the Local Settings\History folder is a complicated thing. Those are not regular files - this folder is actually empty except for a desktop.ini, which names two class IDs responsible for displaying what is seen there (that way, every folder on a hard disk could be used to display stuff that's totally unrelated to the files there). UICLSID is responsible for "Temporary Internet Files" in general, CLSID is responsible for the "History". Both are pointing to ieframe.dll.

Now I would expect that this explorer folder handlers would enumerate history the same way Internet Explorer itself (and BrowserCI, Spybot-S&D, ...) does - but it seems it doesn't, taking the information from another place instead. Since the only file that contains links is the known index.dat, it might be that the explorer folder handler does ignore any delete-entry flags inside index.dat.

So, to sum things up: not only the Spybot GUI or BrowserCI, but also Internet Explorer, the target of the operation, shows it as cleaned. That there still is some history visible through another way probably validates another, new detection entry.

BTW: DeleteUrlCacheEntry (http://msdn2.microsoft.com/en-us/library/aa383983.aspx) is the function to use to remove something from many an IE related list (history and cookies for example are just cache entries there). Note the description "Removes the file associated with the source name from the cache, if the file exists." which sounds like it would actually do get rid of everything.

wk357mag
2007-08-21, 19:28
ok, did a new test here.

Went surfing, close browser, got off line.

Manually checked the cache, history and cookie folders, they are full as normal. Check History from with in IE and its shows my browser history, as normal.

Run spybot, clean all thing offered.

Manually check cache, history and cookie folders. The cache and cookie folders are CLEANED (excluding choosen exceptions) but the history is present.

Check History from with in IE and it DOES SHOW history. It wasnt cleaned thru spybot.

I then run BrowserCI, and PURGE history. The BrowserCI GUI now shows that there is NO history, but manually checking the history folder shows its still present. I then start IE and check History thru it and it is STILL PRESENT from with in the browser.

Now I run Crap Cleaner, who has an option of cleaning "HISTORY", which does clean the physical history folder, it does make it so history cant be seen in browser.

"nCleaner" (another tool) can also clean my History.

So BrowserCI cant clean my history, though its GUI shows its clean and SpyBot cant clean history either

PepiMK
2007-08-21, 20:10
Check History from with in IE and it DOES SHOW history. It wasnt cleaned thru spybot.

Yes, as you can see in the bugtracker, that was still a bug and to be expected ;)


The BrowserCI GUI now shows that there is NO history, but manually checking the history folder shows its still present.

That's still the same as I wrote...


I then start IE and check History thru it and it is STILL PRESENT from with in the browser.

And there we've got a different result. I'll check if the BrowserCI version that's available to download is up to date :)

I guess I should have just kept History out instead of re-adding it :D:

wk357mag
2007-08-21, 22:53
Let me say, I wasnt arguing with you, just doing a test and telling you step by step, so you can understand me.

The BrowserCI version, I got from you, you posted a link in the other thread. So I dont know what the version number is.

PepiMK
2007-08-22, 11:49
I was also just trying to find similarities and differences ;)

Hmmm...

Interesting... I went deeper into it... with mixed results. BrowserCI now has (still need to make the download available) another helper window showing the complete IE cache content. This clearly shows that the cache now gets purged (except for very few content currently opened in another window), and I've debugged the return values as well - the IE API returns that those entries were successfully deleted!
There's also a possible cache entry value (0x000010000) that's not even documented in Microsofts Platform SDK, but it doesn't seem to be related with this (but indicates that some changes, probably for IE7, might not be documented).

Sure, we could kill the history index.dat file the hard way probably (if IE is closed etc. - other files are usually attempted to be deleted), but that would make all the exclude options void. Or a custom index.dat file format parser, but that may take time...
Also, while removing index.dat on powering up or down is no problem, doing it during runtime is not "clean" and needs shutdown of ALL associated applications - that means not only Internet Explorer, but also Windows Explorer, any Help file, etc.. There are methods to delete it otherwise, but that would usually be what makes it impossible to get a Certified for Vista thing, to say it carefully. Well, we've given up on that silly certification anyway... ;)

wk357mag
2007-08-22, 15:23
you may not know what the answer to this question is, but how does CrapCleaner do its cleaning. Seems to me to be perfect in this area. I wonder how they clean this with out the problems.

http://www.scanwith.com/download/CCleaner.htm

If your going to look at it, I would recommend the OLDER version, as the newer is still beta, VERY beta. BEst to try "1.41.544-Slim"

Rosenfeld
2007-09-01, 00:56
IE7's internet options, general tab, delete, history also clears the History folder completely, as seen in Windows Explorer.