Re: adwware

From: Marco Ellmann (news.20.kobalt_at_spamgourmet.com)
Date: 01/18/05

• Next message: Bigbruva: "Re: adwware"
• Previous message: Colin Nash [MVP]: "Re: Change all XP Pro client workstation admin password"
• In reply to: Bigbruva: "Re: adwware"
• Next in thread: Bigbruva: "Re: adwware"
• Reply: Bigbruva: "Re: adwware"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 18 Jan 2005 03:16:34 +0100

Bigbruva schrieb:
> I'm sorry Marco, but in my opinion you are over reacting!

OK, thats your opinion. But I am only quoting well known security
standards and Jesper M. Johansson, a Security Program Manager of the
Microsoft Corporation.

Look again:
http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

He says:
"The only way to clean a compromised system is to flatten and rebuild."
And he is one of the official "masters of windows security".

> This system reporting Adware NOT root kits or Trojans. This adware has known
> behaviors and this on a users home computer. Your course of action is okay
> if you are protecting business data worth thousands but for a home users
> machine you are suggesting a huge amount of work!

The problem with this vermin is, that you can not trust a system in any
way that was compromised. There might be other backdors you are not able
to find because some malicious code is still active. It is known that
modern Adware often comes with spyware, trojans, etc. They use
progressive methods to hide themselves like Kernel drivers that are able
to manipulate other programs in memory.
And if you look in the original message: There are more then one adware
programs active. And they were able to infect the computer also Norton
Internet Security was activ! That sounds not too good in my opinion!

Perhaps there is another, faster solution:
He can try to use System Restore
(http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/systemrestore.mspx)
to recover the system to a restore point before the infection took
place. This doesn't guarantee an absolutely clean system but it often
works well.

Good look!

Marco Ellmann

---

• Next message: Bigbruva: "Re: adwware"
• Previous message: Colin Nash [MVP]: "Re: Change all XP Pro client workstation admin password"
• In reply to: Bigbruva: "Re: adwware"
• Next in thread: Bigbruva: "Re: adwware"
• Reply: Bigbruva: "Re: adwware"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Electronic Intercepts from Al Qaeda (Warning: LONG) ... that's an opinion and I respect that. ... >> countries of Arab origin or countries with some special political ... agencies are officially involved in upgrading the security in major airports ... >> firearm with them aboard the plane. ... (sci.crypt) RE: Your Opinion ... Subject: Your Opinion ... more security apps they can sell. ... in that it is a theoretical conflict of interest. ... Symantec CEO John Thompson. ... (Bugtraq) Re: HELP - Send/Receive E-mail Problem after Norton (NIS 2005) LiveUpdate ... My Opinion, Symantec messes with your system, uses to much resources (memory ... >>> Two weeks ago I installed Norton Internet Security 2005. ... (microsoft.public.windowsxp.help_and_support) Re: IIS6 Security and other web servers ... > Dear friends, ... > I just want to throw a little question to know your opinion. ... > Security point of view. ... > latest vulnerability advisories, for Apache and IIS6. ... (Security-Basics) Re: OT This Aint Good ... > The chief function of government is to provide security (common ... In the absence of a government that is capable of providing ... But an opinion does not make it a fact. ... but the SCOTUS disagrees with those who want to ... (rec.outdoors.rv-travel)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.security  > 2005-01