OT: anti-malware progs ineffective

[Ken Smith]

In article <1107042460.352438.158490@c13g2000cwb.googlegroups.com>,
JeffM <jeffm_@email.com> wrote:
[...]

Reminds me of an Excel purchase order form I used to have to use.
Each one took 250kB of my HDD.

I think Excel also has the security problem I pointed out for Word. A lot
of that extra space is just a snapshot of the RAM in the PC when the
document was created. They allocate big chuncks of memory, don't clear it
and save it as part of the document. Any time you send a MS file out of
your PC you are also sending a chunk of who know what.


--
--
kensmith@rahul.net forging knowledge

 

[JeffM]

I have a hypothesis that the SW writers at MS deliberately screw up
Word
so that other vendors, Adobe and [WordPerfect] for example,
can't open Word documents.
Al Brennan (Kitchen Man)

Ken Smith's post reminded me of the part I like the most:
When using a new version of M$Word to try to open up a .doc
when that .doc was created with an old version of Word,
it often botches it.

OpenOffice.org, OTOH,
has a reputation for being able to accomplish this without acting
retarted.

 

[Fred Abse]

On Sun, 30 Jan 2005 11:53:40 -0700, learner wrote:

So? Read it again. I didn't say a shell 'couldn't be secure'

True, but taken as a whole, it still looks a bit like an oxymoron.

--
Then there's duct tape ...
(Garrison Keillor)

 

[Robert Monsen]

Kitchen Man wrote:

On Fri, 28 Jan 2005 10:39:41 +0000, Terry Pinnell
terrypinDELETE@THESEdial.pipex.com> wrote:


I was surprised to learn today that all anti-adware and anti-spyware
programs perform so badly. Here's an extract of the ranking, from
'Anti-adware misses most malware' By Brian Livingston, in
http://windowssecrets.com/050127/


Interesting discussion so far. I just went to the Zone Alarm web site
to check out their products. One option is to "scan your computer for
[malware] before downloading...." I pursued that option and got the
message:

"You're using Netscape(Mozilla)! Sorry. This is an ActiveX control, it
will only run in MS Internet Explorer!"

I likes Firefox, yes I do.

--
Al Brennan

Many of the spyware removal aids that are advertised actually install
adware/spyware. One of the guys who was doing this was recently
convicted of a crime for this, and was sentanced to jail in the US.
However, most of it is offshore.

Don't trust anything you don't pay for, and most of what you do pay for.
Use reviews on cnet or pc magazine to determine what to use to kill
these things off.

I hate these guys with a passion. At best, they are trying to use my
computer for free without my permission. At worst, they are setting up
an identity theft. Either way, their crap makes my computer harder to
use, and requires me to buy programs (antivirus, spyware removal aids)
that I wouldn't buy otherwise. They rank up there with spammers as the
chief assholes of the information age.

The thing that gnaws at me is that their tricks are usually as old as
the morris worm, and yet microsoft has yet to protect against them. They
seem stunned by every trivial stack overflow exploit that comes around,
sending out patches which usually screw up other things, and which often
don't even fix the problem.

Even linux, with it's macrokernel and loaded dlls that run in the
kernel, is prone to these attacks, although it's relative obscurity up
till now has protected it. Microkernels, like mach or minix, are the way
to go, but nobody seems capable of making a usable system out of these.

--
Regards,
Robert Monsen

"Your Highness, I have no need of this hypothesis."
- Pierre Laplace (1749-1827), to Napoleon,
on why his works on celestial mechanics make no mention of God.

 

[john jardine]

<Rubicon> wrote in message news:41fdb5a4.2546132@news.netaccess.co.nz...

John,

I've only just gotten rid of it myself.

Spybot was useless but didn't crash on my machine. Ad-Aware SE
Personal combined with the trial version of Spy Sweeper along with the
new AVG Free and all with the latest definitions finally managed to do
it.

The Spyware/Adware/Malware/Spam E-Mail just seems to be getting worse.
I'm becomming more and more reluctant to go online because of the
immense frustration at trying to get rid of them afterwards.

Good luck.

Andrew.

Pleased to know it's actually possible to get rid of the f***ing thing.
I've just downloaded those 3 software items and will give 'em a try. What
I'm ill at ease with, is paying for anti-virus software. The cynical part of
me is suspecting I'd then be actively propping up the whole nightmare.

Past day or so I've been using Firefox as the browser which has been no
problem. But the major scumware component is still present somewhere in
windows and I'm seeing the Internet-Explorer browser opening up over the top
of Firefox (or this outlook express) every 6 minutes or so and advertising
crap. Even has the cheek to rattle my a: floppy disc drive and then put up
an antivrus advert.

Even have my own f***ing bank advertising with coolWWW, so am having to
pursue with vigour and extreme predjudice, the bank's marketing people. Each
hour megabytes of scumware programmes are self installing all over the hard
disc, along with scum porn and ringtone icons littered everywhere. They'll
continously alter the 'host.TXT' file, the start up prog list, the active
running progs,the home page, the IE addons and numerous registry entries.
In addition to this, the scumware also enjoys auto-altering certain
"permissions" on IE (an oxymoron if ever I saw one) so I can't close it down
or get at the 'options tab etc. Have now to run another prog called
'permissions' to reset a number of IE check boxes before I can even start
removing the rubbish that's come in.
Even tried to remove IE itself http://www.litepc.com/ieradicator.html but
this prog is worthless.
I tried reinstalling windows, but no joy as it assumes existing files are
OK. There's only a couple of self supporting virus/trojan files at work but
windows is littered across 1000's of files so manually finding 'em is damned
near impossible. Can't even just delete all the windows files as any normal
software install will bung masses of unknown .exes, .dlls, junk, etc, in
among the windows stuff. Jesus H Christ, windows is a f***ing mess.
'Spybot', 'miniremoval', 'CWshredder', 'Hijackthis', 'Win patrolExplorer'
(and about 4 others!), have proved useless and I just hope that your
suggestions will work for me.
If not, then I'm looking to manually dismantle as much of Internet Explorer
as I can without unduly crippling windows (or Firefox).

10/10 for whoever wrote this POS. I just wish the major software companies
would make their products as reliable.

regards
john

 

[Rich Grise]

On Sun, 30 Jan 2005 16:28:01 +0000, Ken Smith wrote:

I have to use my Win-98 CD, not hers. Hers is an upgrade version.

Once the system is brough back to a base install of Win-ME, I'd like to be
able to update it before hooking onto the net. Microsoft has now made
that imposible for me to do. I can't download the updates onto my Linux
box.

It shouldn't be that hard. Just download the upgrades, then serve them up
from the Linux box to the Doze box, with the Linux box being the server,
and configure it to emulate M$'s site.

This should not be difficult, since Micro$~1 uses Linux on its servers. ;-)

Cheers!
Rich

 

[Jim Thompson]

On Sun, 30 Jan 2005 17:32:43 -0000, "john jardine"
<john@jjdesigns.fsnet.co.uk> wrote:

Rubicon> wrote in message news:41fdb5a4.2546132@news.netaccess.co.nz...

John,

I've only just gotten rid of it myself.

Spybot was useless but didn't crash on my machine. Ad-Aware SE
Personal combined with the trial version of Spy Sweeper along with the
new AVG Free and all with the latest definitions finally managed to do
it.

The Spyware/Adware/Malware/Spam E-Mail just seems to be getting worse.
I'm becomming more and more reluctant to go online because of the
immense frustration at trying to get rid of them afterwards.

Good luck.

Andrew.


Pleased to know it's actually possible to get rid of the f***ing thing.
I've just downloaded those 3 software items and will give 'em a try. What
I'm ill at ease with, is paying for anti-virus software. The cynical part of
me is suspecting I'd then be actively propping up the whole nightmare.

Past day or so I've been using Firefox as the browser which has been no
problem. But the major scumware component is still present somewhere in
windows and I'm seeing the Internet-Explorer browser opening up over the top
of Firefox (or this outlook express) every 6 minutes or so and advertising
crap. Even has the cheek to rattle my a: floppy disc drive and then put up
an antivrus advert.

Even have my own f***ing bank advertising with coolWWW, so am having to
pursue with vigour and extreme predjudice, the bank's marketing people. Each
hour megabytes of scumware programmes are self installing all over the hard
disc, along with scum porn and ringtone icons littered everywhere. They'll
continously alter the 'host.TXT' file, the start up prog list, the active
running progs,the home page, the IE addons and numerous registry entries.
In addition to this, the scumware also enjoys auto-altering certain
"permissions" on IE (an oxymoron if ever I saw one) so I can't close it down
or get at the 'options tab etc. Have now to run another prog called
'permissions' to reset a number of IE check boxes before I can even start
removing the rubbish that's come in.
Even tried to remove IE itself http://www.litepc.com/ieradicator.html but
this prog is worthless.
I tried reinstalling windows, but no joy as it assumes existing files are
OK. There's only a couple of self supporting virus/trojan files at work but
windows is littered across 1000's of files so manually finding 'em is damned
near impossible. Can't even just delete all the windows files as any normal
software install will bung masses of unknown .exes, .dlls, junk, etc, in
among the windows stuff. Jesus H Christ, windows is a f***ing mess.
'Spybot', 'miniremoval', 'CWshredder', 'Hijackthis', 'Win patrolExplorer'
(and about 4 others!), have proved useless and I just hope that your
suggestions will work for me.
If not, then I'm looking to manually dismantle as much of Internet Explorer
as I can without unduly crippling windows (or Firefox).

10/10 for whoever wrote this POS. I just wish the major software companies
would make their products as reliable.

regards
john

Knocking on wood... I'm very impressed with Mozilla Firefox. NO
adware since I switched from IE. And I don't need StopZilla or Cookie
Pal anymore.

...Jim Thompson
--
| James E.Thompson, P.E. | mens |
| Analog Innovations, Inc. | et |
| Analog/Mixed-Signal ASIC's and Discrete Systems | manus |
| Phoenix, Arizona Voice480)460-2350 | |
| E-mail Address at Website Fax480)460-2142 | Brass Rat |
| http://www.analog-innovations.com | 1962 |

I love to cook with wine. Sometimes I even put it in the food.

 

In <pan.2005.01.30.20.37.52.815264@example.net>, on 01/30/05
at 08:32 PM, Rich Grise <richgrise@example.net> said:

Heck. I just installed Linux.

The only thing I can't do _yet_ is Mechanical Desktop. For that, I have
two options - block connections to this box on the subnet by way of the
firewall, or just unplug the damn ethernet. Problem solved!

I'm idly shopping around for a Linux distro that's as easy for Aunt
Tillie to use as Windoze. So far, Redmond^H^H^H^Hhat seems to be the
closest.

Then, we could just start selling computers with Linux pre-installed, and
be done with it!

There are many places that sell linux preconfigured, even wallyworld
offers a number of them, for a pretty decent low price.

I find that IBMs OS/2 is still a very useful option that can do nearly
everything a windows box can do. I have to use Win2K for my CAD/Layout
work, and so that is why I recommend Mozilla and 'anything but outhouse'
to people who are unwilling, or unable to ditch windows as a simple
alternative to elminate nearly all virus/spyware.

No need to start a for/against linux thread, as I have been rooting
for it for years, but am disillusioned by the apparent desire of the
community to splinter, rather that come together and use their powers for
good, instead of silly. We don't need any more editors, partition tools,
file managers, and mp3 players. We need what you suggested. A solid,
consistent desktop, because if we could have something that would keep
people from having to get "under the hood" then my sister and my mom could
use it and get rid of windows.

IBM is deploying linux throughout, and was once purported to be creating a
desktop to do just that, so maybe one day there would be hope for
something useful.

It would be nice. Till then, I can do most everything with OS/2 and am
happy with not viruses, no spyware, and, IMO, the finest operating system
ever, for a PC. Total sales does not define the best <g>

John

 

[JeffM]

Even linux, with it's macrokernel and loaded dlls
Robert Monsen

*n?x does not have DLLs.

There is, however, a similar concept called a daemon.

that run in the kernel, is prone to these attacks,
although it's relative obscurity up till now has protected it

Oh, god.

Not the old "Popularity breeds vulnerability* garbage again.

One more time
for those who have missed the debunking of this old wives' tale:

The Apache Web Server currently runs 68% of all web servers;
Microsoft Internet Information Server is currently at 21%.
Apache has outstriped M$ in market penetration since 1995.
http://news.netcraft.com/archives/web_server_survey.html
The number of exploits against IIS dwarfs those against Apache.
Security is found in good design--not in obscurity.

 

[Ken Smith]

In article <pan.2005.01.30.20.14.25.247099@example.net>,
Rich Grise <richgrise@example.net> wrote:

On Sun, 30 Jan 2005 16:28:01 +0000, Ken Smith wrote:

I have to use my Win-98 CD, not hers. Hers is an upgrade version.

Once the system is brough back to a base install of Win-ME, I'd like to be
able to update it before hooking onto the net. Microsoft has now made
that imposible for me to do. I can't download the updates onto my Linux
box.

It shouldn't be that hard. Just download the upgrades, then serve them up
from the Linux box to the Doze box, with the Linux box being the server,
and configure it to emulate M$'s site.

Give it a try. Microsoft's web site refuses to let you download them.

--
--
kensmith@rahul.net forging knowledge

 

[Ken Smith]

In article <5sadnWsGW48E7mDcRVn-2Q@buckeye-express.com>,
Mark Jones <abuse@127.0.0.1> wrote:
[...]

I use OpenOffice, http://www.openoffice.org/ , it saves all documents in a
zip-compressed XML format.

It also writes fair HTML and *.doc files. It can also nearly read DXF
format files. Sometimes it works sometimes it doesn't but it is nice to
be able to directly import my drafting exports.

--
--
kensmith@rahul.net forging knowledge

 

[JeffM]

I use OpenOffice, http://www.openoffice.org/,
it saves all documents in a zip-compressed XML format.
Mark Jones

It also writes fair HTML
Ken Smith

Not well enough for me to use it for HTML. (Mozilla Composer)

and *.doc files.

If there are no graphics (only formatted text),

I like .RTF (smaller than .DOC; no version issues).
RTFs can even be read with Wordpad (which opens much faster),
and unlike Wordpad, OOo saves the margin formatting in RTFs.

 

[keith]

On Sun, 30 Jan 2005 16:28:01 +0000, Ken Smith wrote:

In article <pan.2005.01.29.18.43.20.815905@att.bizzzz>,
keith <krw@att.bizzzz> wrote:
(1)
I make a documentment called Physics.html

(2)
I save Physics.html to the CD.

(3)
Months pass and lots of things happen

I edit Physics.html to add the proof of the existance of God.
You write a new CD because you have created new data.


(4)
My computer gets infected

I find more proof and in my research I've found the secret of cold
fusion.
You write a new CD because you have created new data.
(5)
I clean off my system and re-install from safe media

(6)
I copy Physics.htlm from the CD

At this point my computer is not infected and I have Physics.html back.

...and lost the proof of God *and* the secrets of cold fusion. If you
saved the proof of God to CD *after* editing Physics.html, at least you
have that. If you saved after you added the secrets of cold fusion, that
copy is infected and your system is now reinfected.

HTML files can't carry viruses so I'm safe.

Ah, I thought you did something more valuable than write HTML. I thought
that was simply an example.

You say you installed Win98. On a clean partition? Is the MBR intact?

To re-install Win-ME you have to wipe out stuff so that Win-ME doesn't
think that this is merely a repair. If Win-ME thinks it is a repair it
carefully keeps all of the viruses safe.

Well, since I'm not foolish enough to use either WinME, or Win98, I
wouldn't have guessed they were quite *that* retarded. I do have to come
up with a Win95 or Win98 system diskette to update the BIOS on my
motherboard, which may be a small problem...

If you wipe stuff, Win-ME upgrade disks refuse to install. They won't
even accept a Win-98 CD as proof of this being a real upgrade and not a
pirate.

Dump it and get a real OS. Win2K, if you must.

I have to install the Win-98 to get the machine into a state that the
Win-ME will then over write. To make the Win-98 install, you can't have
the Win-ME installed.

I have to use my Win-98 CD, not hers. Hers is an upgrade version.

Once the system is brough back to a base install of Win-ME, I'd like to
be able to update it before hooking onto the net. Microsoft has now
made that imposible for me to do. I can't download the updates onto my
Linux box.

So dump Win9x! It'll make your life so much more pleasant.

--
Keith

 

[Ken Smith]

In article <41fd6b7c$1$woehfu$mr2ice@news.aros.net>, <learner@juno.com> wrote:
[....]

http://www.dslreports.com/forum/remark,5255271~root=winme~mode=flat

Thanks, I've go some reading to do.


--
--
kensmith@rahul.net forging knowledge

 

[Ken Smith]

In article <ctkad6$1hm$3@blue.rahul.net>,
Ken Smith <kensmith@green.rahul.net> wrote:

In article <41fd6b7c$1$woehfu$mr2ice@news.aros.net>, <learner@juno.com> wrote:
[....]
http://www.dslreports.com/forum/remark,5255271~root=winme~mode=flat

Thanks, I've go some reading to do.

The text this gets you to is for downloading on a Windows machine. It
seems to require activeX be enabled.

--
--
kensmith@rahul.net forging knowledge

 

[Ken Smith]

In article <1107139223.903955.204430@c13g2000cwb.googlegroups.com>,
JeffM <jeffm_@email.com> wrote:

I use OpenOffice, http://www.openoffice.org/,
it saves all documents in a zip-compressed XML format.
Mark Jones

It also writes fair HTML
Ken Smith

Not well enough for me to use it for HTML. (Mozilla Composer)

I write HTML from OpenOffice but I would net suggest it for someone
developing web pages. I am mostly using it as part of converting *.TXT
files to something else that others will know what to do with.

If there are no graphics (only formatted text),
I like .RTF (smaller than .DOC; no version issues).
RTFs can even be read with Wordpad (which opens much faster),
and unlike Wordpad, OOo saves the margin formatting in RTFs.

I like the RTF idea but it conflicts with the spirit of my suggestion. I
suggested *.TXT partly so that the results will be ugly to look at.

RTF can produce fairly good looking documents without the security issues
that come with MS-Word.


--
--
kensmith@rahul.net forging knowledge

 

[Rich Grise]

On Mon, 31 Jan 2005 00:23:56 +0000, Ken Smith wrote:

In article <pan.2005.01.30.20.14.25.247099@example.net>,
Rich Grise <richgrise@example.net> wrote:
On Sun, 30 Jan 2005 16:28:01 +0000, Ken Smith wrote:

I have to use my Win-98 CD, not hers. Hers is an upgrade version.

Once the system is brough back to a base install of Win-ME, I'd like to be
able to update it before hooking onto the net. Microsoft has now made
that imposible for me to do. I can't download the updates onto my Linux
box.

It shouldn't be that hard. Just download the upgrades, then serve them up
from the Linux box to the Doze box, with the Linux box being the server,
and configure it to emulate M$'s site.

Give it a try. Microsoft's web site refuses to let you download them.

"Thank you for your interest in Windows Update

"Windows Update is the online extension of Windows that helps you get the
most out of your computer.

"You must be running a Microsoft Windows operating system in order to use
Windows Update."

OOps. Sorry. Guess you'll just have to install Linux and be done with it! ;-)

Cheers!
Rich

 

[Rich Grise]

On Sun, 30 Jan 2005 17:32:43 +0000, john jardine wrote:

Past day or so I've been using Firefox as the browser which has been no
problem. But the major scumware component is still present somewhere in
windows and I'm seeing the Internet-Explorer browser opening up over the
top of Firefox (or this outlook express) every 6 minutes or so and
advertising crap. Even has the cheek to rattle my a: floppy disc drive
and then put up an antivrus advert.

This sounds like "Windows Messaging", one of their worst holes. I'm going
to be booting Doze in a few minutes - I don't remember the exact
procedure, but it isn't hard.

I'll get back with this answer. (it's not hard to find it in Windoze Help,
if you feel like it. Search on "messaging".)

Good Luck!
Rich

 

[Rich Grise]

On Sun, 30 Jan 2005 17:32:43 +0000, john jardine wrote:

Pleased to know it's actually possible to get rid of the f***ing thing.
I've just downloaded those 3 software items and will give 'em a try. What
I'm ill at ease with, is paying for anti-virus software. The cynical part of
me is suspecting I'd then be actively propping up the whole nightmare.

Past day or so I've been using Firefox as the browser which has been no
problem. But the major scumware component is still present somewhere in
windows and I'm seeing the Internet-Explorer browser opening up over the top
of Firefox (or this outlook express) every 6 minutes or so and advertising
crap. Even has the cheek to rattle my a: floppy disc drive and then put up
an antivrus advert.

This sounds like Windows Messaging. Log out and log in as administrator.
Right-click the "My Computer" icon on the desktop, then click "Manage".
under Services and Applications/Services , right-click "Messenger", and
"Stop". Log out and log in as yourself.

I don't know if you'll have to do this every time you boot. I did it
before, and was kind of surprised to see that it's started itself again.

Good Luck!
Rich

 

[Rich The Newsgropup Wacko]

On Sun, 30 Jan 2005 22:19:13 +0000, john jardine wrote:

running as if normal. It took 3 locks ups and 2 crashes before Ad-Aware
winkled them all out. All this grief is the result of my visiting a porn
site two weeks ago. Let one in and they hold the door open for the rest.

Sheesh! If you're going to look at porn, go to
news:alt.binaries.pictures.erotica.*

Everything you could want, and then some, for free, and generally not
loaded up with spyware - just pics and vids. ;-)

Good Luck!
Rich