Re: Alerting - Malicious software removal tool

Why do you keep referring to "completely clean their machine"?

There is no ONE program that will do such. If there is - PLEASE - point all of us to it. We would much appreciate it.

Why would you expect the Microsoft Malicious Removal Tool to be able to do what other anti malware programs can not do?

Be reasonable and allow that it is/should be a part of a layered anti malware approach and that what it does it does good!



--

Richard Urban
Microsoft MVP
Windows Desktop Experience


"Leythos" <spam999free@xxxxxxxxxx> wrote in message news:MPG.239a081ebce8bf47989727@xxxxxxxxxxxxxxxxxxxxxxx
In article <fva0j4h7ln2crtfa9kempmasq533i5ifu9@xxxxxxx>,
geoff@xxxxxxxxxxxxxxx says...
On Fri, 28 Nov 2008 09:12:53 -0500, Leythos <spam999free@xxxxxxxxxx> wrote:

>I provided three accounts for them to use "Administrator" with password,
>"Mom" and "Son", M/S were limited user accounts. Set IE to high-security
>Mode, bought them a NAT Router (no inbound Port forwarding), installed
>all updates and patches. Installed AVG Free (and updates), and several
>manual scanners. Automatic Updates enabled. I explained that they should
>not use the Administrator account except in rare cases where "MOM"
>needed to install an application that she could not install from
>her/son's accounts, that they were NOT to run anything as the
>"Administrator" account.
>
>I got the computer back in two weeks, hosed again. The "Mom" had let the
>kid use the administrator account because he could not get his "Games"
>to run under his account, etc.... Needless to say, it was compromised
>again in less than two weeks because the OS, using MS Suggested High-
>Security settings would not provide the user with what they needed to
>run the programs that they wanted to use while protecting them from
>malware.
>
>I installed Ubuntu, OO, and setup email and FireFox for them, machine
>has been used for almost a year now and it's doing all that they NEED,
>unable to play some of the games (online) that the kid wanted (since
>they need active-x), but the computer is STILL running smooth and no
>problems reported (and I check about once a month).

A very typical scenario. But the real security breach was the humans. The
mother let the kid use the administrator account and he was the source of
the original infection. You failed to analyze the root cause and correct it
on the first iteration.

No, I clearly understood the root cause - users that don't want to be
locked down or "will not be" locked down. Users that want the freedom to
use their computers to have fun.

The money they spent on your fixes would have been better spent on a new
computer for her and letting the kid use the old one with a reinstalled OS.
So you installed an OS that neither of them understand and I'll bet you
didn't give them the root access password so neither of them can get very
far. You would have done just as well reinstalling XP and denying them the
administrator password.

It's not my computer, so the mother has the ROOT password, she has to
have it in order to apply updates - Ubuntu needs root access to do
updates. Your solution is not viable, not giving the password, in the
real world.

I didn't charge them, don't charge home users to fix their system.

So, again, YOU missed the real root cause:

1) Root cause of compromised computers - OS with exploits and holes that
can't be closed while allow the masses to easily use their computers
without LOTS of extra effort that most are not willing to put out.

2) Humans that are not willing to use their computers in the MS
recommended HIGH-Security settings mode, since most vendors apps for
residential users won't install or run while HS mode is in use.

I was actually hoping that MS would abandon the legacy idea when they
came out with Vista - all of the crap they put into it to look pretty,
to require Core 2 processors with 2GB ram, and 512MB video cards just to
have a machine that performs as well as the 2.5Ghz P4, 512MB RAM, and a
128MB video card, but they failed again on changing the OS to be secure.

We've all seen Vista machines compromised by the same crap that hits our
XP machines, and yea, it's great that MS is trying to clean up the mess
that gets ISP's residential networks black-listed for spamming/zombies,
but they didn't address the core problem - THE OS ITSELF.

I would be willing to pay $400 for a new 3 CAL license of XYZ OS from MS
if they could keep the pretty stuff, find a way to run Office 2003
(since 2007 is so dang bad) and to play the 1 or 2 games that I like -
having it spawn them in a VM so that it's destroyed after the session
ends, but only if they could ELIMINATE the threats for most users.

Before you reply, consider your idea of the root cause against what MAC
and Linux people have, and look at how some of them run as ROOT and
don't experience the issues that masses of Win people experience.

So, would the MSRT have prevented any of this - nope, would it have
completely cleaned their machines - nope. So, we're back to the idea
that the MSRT is not effective.


--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@xxxxxxxxxx (remove 999 for proper email address)

.

Relevant Pages

  • Re: user privledges
    ... > redhat 7.2 i created a user account for myself to use on a daily basis. ... > fare i have just been su - and entering the root pass. ... it started but would not install because i did ... sofware to /opt/musicmatch as a normal user. ...
    (comp.security.unix)
  • Re: hi all..
    ... And with sudo, I certainly wouldn't because they already have root. ... If you somehow had access to my account right now, ... install an effective key logger without root. ...
    (Fedora)
  • Re: Easy way/script to add another user like me?
    ... of cracking the root password because they already know the ... Hence the valid need for sudo to limit what other users can ... would have to have been a special sudoer account password. ... install I can 'sudo /bin/bash' and effectively be fully root, ...
    (Ubuntu)
  • user privledges
    ... redhat 7.2 i created a user account for myself to use on a daily basis. ... fare i have just been su - and entering the root pass. ... i just downloaded the music match install script for linux. ... with the normal user account. ...
    (comp.security.unix)
  • Re: Networking XP home & PRO computers w/Linksys Router
    ... using Static IP's on the computers? ... > The Linksys router uses NAT to route solicited network traffic to the computer. ... use of the Guest account ... Don't install software based upon advice from unknown ...
    (microsoft.public.windowsxp.network_web)