Re: Recurring Spyware

---

• From: "cquirke (MVP Windows shell/user)" <cquirkenews@xxxxxxxxxxxxxxx>
• Date: Mon, 08 May 2006 03:54:17 +0200

---

On Sun, 7 May 2006 13:35:21 -0500, "Shenan Stanley"

Karl in Scottsdale wrote:

Furthermore, you are suggesting that the Tech Support folks at MS,
having spent much time helping me clean my system in detail using
probably most of the steps outlined in Stanley Shenan's reply to my
post, are incompetent - and they left some Spy Ware somewhere on my
system that magically 'woke-up' 3-days later to attempt to
re-infect my system?

Not incompitent; just not compitent enough, in this case. After all,
without a maintenance OS that can boot without running ?infected code
off the HD, there's a limit to how good things can expected to be.

Did they have you install at least five (5) of the antispyware applications
from the list I posted?

I'd love to see that list :-)

I assure you, Panda, after the second Spy Ware event, there is no
way in h*** that I knowingly or unknowingly installed Spy Ware on
my computer. My Zone Alarm is now set to the highest protection
possible, Ad-Aware and Ad-Watch are running full time, SpyBot S&D
resident is NOW (since yesterday) running full time, and I have the
most up to date version and definitions for Norton Anti Virus, as
well as a fully current version of IE.

Sounds good. Any old versions of Sun Java JRE, Winamp, Acrobat Reader
or Firefox lying around? Most of these will overwrite vulnerable old
versions, but not Sun; they keep the old JREs in place for "backward
compatibility" (i.e. so malware can still exploit them)

...while typing and possibly not looking directly at the screen) happen
to press ENTER

If typing human language, every 5th character will be Space - and
guess what Space does, when a pop-up dialog snatches the focus?

whatever it is has an open-door on your computer.

That can be so anyway, e.g. if F&PS is possible and you have hidden
admin shares leaving the entire HD open to drop-ins.

Spybot Search and Destroy 1.4's immunization is passive

So is Spyware Blaster, which I'd recommend. Passive is good, in many
ways; no overhead, doesn't crash into other resident defenses, etc.

I should NOT have to rely on the software that is trying or
succeeding at installing itself to STOP the Install - WINDOWS
should have its OWN app that will LOCK the registry and LOCK
whatever loopholes these folks use

The problem is there by design - NT/2000/XP is designed to be a
network client, so it waves all sorts of opportunities around. After
all, the Internet's just a big network, right?

Well, that's like saying a tree is a chair because it's made out of
wood. A network has a bounded and trusted set of entities on it,
whereas the Intenet is unbounded and wild, so "network client" rapidly
devolves to "Internet chew-toy".

Plus, NT is something of a reversal of the whole "PC" thing...

First, we begged mainframe jocks to compute for us
Then the PC arrived and we could do our own thing
Then faster PCs tempted MS to tackle minis and *NIX
So PCs became the "client" end of client-server...
and Big Brother admin was leveaged over user control.
So now we beg the sysadmin to allow us to use our PCs

Having deeply-pervasive automated control over things that have no
end-user UI makes it really easy for anything that gets a toe in the
door to escalate to full control and run away with the PC.

Yes - in a perfect world ...

....a stand-alone OS would put the keyboard into full control, not
allow any "remote admin" whatsoever, and would display (and be bound
by) risk information about everything you see and can do. Starting
with data vs. code file types; no more meaningless "open", you'd trust
data to be capable of doing nothing and you would avoid running code.

-------------------- ----- ---- --- -- - - - -

Tip Of The Day:
To disable the 'Tip of the Day' feature...

-------------------- ----- ---- --- -- - - - -

.

---

• Follow-Ups:
  • Re: Recurring Spyware
    • From: Karl in Scottsdale

• References:
  • Re: Recurring Spyware
    • From: Shenan Stanley

• Prev by Date: Re: gpedit.msc and the Guest Account
• Next by Date: Re: make domain GP not apply to local computer?
• Previous by thread: Re: Recurring Spyware
• Next by thread: Re: Recurring Spyware
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Recurring Spyware ... I can't say that I fully comprehend everything you said, ... network client, so it waves all sorts of opportunities around. ... So PCs became the "client" end of client-server... ... Having deeply-pervasive automated control over things that have no ... (microsoft.public.windowsxp.security_admin) Re: Recurring Spyware ... A PC is only as good as it's maintenance. ... succeeding at installing itself to STOP the Install - WINDOWS ... network client, so it waves all sorts of opportunities around. ... Having deeply-pervasive automated control over things that have no ... (microsoft.public.windowsxp.security_admin) Re: more on id cards.....after listening to a moron named hutton going on about clean coal! ... brown has now shown himself as a serious public liar.... ... it was bad enuf that he is incompetent and a control freak...... ... (uk.politics.misc) Re: Truth hurts ... A man can be competant at his work yet not so competant at emotional ... house - one of the project managers working there couldn't even program ... > control the incompetent men.....and the competent men control the ... (soc.men) Make the USA a Colony Again - It needs it ... The video above shows again how Americans are incompetent. ... We (Britons) need to take control again. ... Americans have shown they are useless and unable to control the USA: ... (alt.politics)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)