RE: [ActiveDir] OT:spyware

[Christopher Hummert]

Yea....download CWShredder from here: http://www.spywareinfo.com/~merijn/downloads.html   The site runs a little slow and you'll need the VB6 runtimes to run it, but it will take care of it.     From: Dipowarga Wirawan [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 29, 2004 1:40 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT:spyware I use McAfee antispyware.  It works ok.  I got Cool Web Search, it doesn’ t detect it. Anyone experience CWS and remove them successfully?       From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Wednesday, September 29, 2004 3:33 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT:spyware   Symantec Anti- Virus Enterprise 9.0. It has some spyware protection but not that great as my users are still getting a ton….   From: Mulnick, Al [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 29, 2004 4:26 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT:spyware   What are you using for anti-virus protection?  Some of the newer AV products are coming with this built in vs. having to push out additional software.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Wednesday, September 29, 2004 4:14 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] OT:spyware Lately I my users have been plagued with spyware and adware. What do you guys do to fight this? Can Spybot be pushed out as an msi via a gpo? Or ad-aware? Should I set the killbit on all the local active x controls? Should I prevent active x and _javascript_ing in IE thru a gpo?   I’m running win2k/xp clients, but mostly win2k.   Finally, when you get a worm or a virus that writes to the hklm\software\microsoft\windows\currentversion\run key, does the worm/virus run under the user’s security context? Meaning, if the user is just a local user and thus has no privileges to write to those keys, shouldn’t the worm or virus not be able to as well?   Thanks and sorry for the deluge of questions, OT as they are.