Re: Why buy Virus/Adware/Spyware when free stuff is better?



<DIV>&quot;Rob R. Ainscough&quot; &lt;robains@xxxxxxxxxxx&gt; wrote in message news:u0D1uvowGHA.3964@xxxxxxxxxxxxxxxxxxxxxxx</DIV>> I've purchased BitDefender (full version with adware/spyware protection) and
have Microsoft's Window's Defender installed -- firewall is ON (both software/hardware). So I'm surfing via the help system provided in VS 2005 and during my search come to what appears to be a development type of site, next thing I know I've got a flashing systray icon (red sphere with X in it) and a message that says "Warning your computer is in Danger!" (this one does registry hacks to prevent Task Manager from loading, changes my desktop background, and creates startup files, etc. etc.). I ran Active Ports and sure enough I find a program called dlh9jkdq2.exe running and communication to some other drone hijacked PC. Tracert shows the drone PC is still relatively local to my area (SFO1).

1. How did this malware make it thru all my protection?

BitDefender and Symantec are antivirus programs, not necessarily antispyware programs. Since Ad-Aware and/or Spybot removed the malware, it was more then likely spyware, not a virus. Without knowing what the detection called it, we can't tell for sure. It's analogous to a heart surgeon doing brain surgery. They're both surgeons and it's still surgery, but they aren't the same thing.

As for Windows Defender, in theory it should have found and removed the malware (since going by what I said above that Ad-Aware snd Spybot found it). However one common thread you will find in this newsgroup and in the forums dedicated to Windows Defender, SpyBot, and Ad-Aware is this. NO antispyware program will ever be 100% perfect. So, it's recommended that you scan with more then one (but only have one running "full-time"). They should all complement each other and back each other up.

One final thing is that if you're running in an Administrative account (which I will admit that I do), it's partially your fault also that you got infected. Why? Because most, if not all, malware can only run in the context (permissions) of the account that is currently logged in. So, if you're running as a limited user, it can't install very easy (although some can, I'm sure). However, if you're running as an Administrator, it can install extremely easy.

So I run a full scan via BitDefender and then another one via Windows Defender -- Windows defender was completely useless and found nothing wrong. BitDefender finds "suspicious files" but does nothing to fix the problem (I tried Symantec also, same story). So I download Adware (lava soft) and SpyBot Search & Destroy -- both free versions. Run them both and they do indeed remove the malware/virus.

2. So payware virus/spyware protection like Symantec, BitDefender don't catch these problems, yet freeware tools do??

You do realize that BitDefender offers a free version also, right? So you should have just downloaded the free version then. (I'm being sarcastic here).

Makes me wonder if the Anti-Virus/Spyware companies actually hire hackers to produce viruses? And then it begs the question, that M$ might just leave enough holes open so that these companies can continue.

The security issues have been problems for everyone, not just Microsoft. And you can pretty much ask any programmer. They'll tell you that with over 10 million lines of code, you're bound to have holes, bugs, and other issues. I have yet to see a perfectly written program or Operating System. I would also imagine that if you can write 10 million lines of perfectly secure, bug-free code, Microsoft will hire you in about 5 seconds (4 of them being the time that it takes for you to answer the phone).

Oh, and yes my WinXP was completely up to date.

This is yet another example of the crap that Microsoft likes to call an OS? Every 5 years we're promised a more secure OS and every 5 years we get the same crap that is usually compromised before it is even released. Microsoft's response "it's up to the user to ensure their system is secure" -- yeah pearls of wisdom from the money machine. Microsoft security is a joke, this forum is just a facade to make people actually think M$ care about security, they don't, they never will, and they doom themselves to mediocre.

Rob.

I hate to tell you this, but ultimately it IS up to the user to make sure the system is secure. Do you want secure, or do you want ease of installation? In reality, you can't have both. If you want it to be simple to install a program, then it will be simple for malware to install a program. If you want total security, then it's going to be harder for you to install the program. Don't believe me? Check out UAC in Windows Vista. It's definitely more secure then XP (since even the "Administrators" aren't "Administrators"). But you have to go through hoops in order to install the simplest programs.

As for this newsgroup, I haven't seen very many MSFT responses here. The common thread that you'll see here is "We are all volunteers." Very few (if any of us) are employees of Microsoft. The closest I am is that I've been beta testing their software (including Vista) for a few years now. Usually, but not always, the only posts from Microsoft here, are the ones about the MBSA. A few may follow up on threads, but it's not a normal thing.

If you think that Microsoft is the only company with 'holes' in their software, then I highly suggest that you check out http://www.secunia.com. You'll be amazed at the different software vendors (including programs for Windows, Linux, and even Macintosh) that have security issues. You'll even be amazed to find out that Hardware has security issues.

--
Patrick Dickey.

smile... someone out there cares deeply for you.
http://www.microsoft.com/protect
http://update.microsoft.com
http://www.pats-computer-solutions.com

.