Re: Brand new Dell - already infected?

From: bryan (bryan_at_discussions.microsoft.com)
Date: 08/21/05


Date: Sat, 20 Aug 2005 22:04:02 -0700

RE: OK... I think we see the trend here; usually new versions from vendors
to fix issues with DEP. So what I'd do is:
- build a list of what software's running on the box
(especially underfootware)
- test suppressing these in MSConfig
- if offender's identified, check that vendor's FAQs etc. on DEP
- stay off the 'net while firewall and av are disabled

I just need some clarification on your suggestion. DEP was shutting down
notepad, wordpad, word and Access. When I disabled DEP for IE, all programs
worked fine. Before disabling DEP, I created a notepad file with 2 lines: abc
and 123. I saved it and re-opened it. DEP then shut it down. If DEP is
supposed to detect code of malware, what could it have detected between abc
and 123? If you really feel that I could be infected despite the fact that
everything is working fine, I am happy to conduct more tests. Please be kind
enough to be as non-technical as possible. And thank you very much for your
support. Bryan

"Leythos" wrote:

> In article <416fg1p5h8olub1i7pahbtvoeokiq6un9p@4ax.com>,
> cquirkenews@nospam.mvps.org says...
> > IOW, if those 1000 PCs are all in one corporate network with
> > tightly-controlled settings, aopps, the same av rolled out throughout
> > the organisation, same hardware vendors, etc. then there may be plenty
> > of configurations you haven't had experience with.
>
> My experience and depth is based on hundreds of different
> sites/installations over the last X years. I includes about 90 different
> platform setups (hardware/software/apps/security/av....) at this time
> and grows every week.
>
> Not to mention all of the friends/family I support what are not in
> controlled environments by their own choice.
>
> --
>
> spam999free@rrohio.com
> remove 999 in order to email me
>