Unfortunately, even CSE isn't perfect... Yesterday a worker brought in a laptop which did have CSE on it. Somehow his kids got into it, and it got rooted - big time!
Administrators no longer had the right to run the ControlPanel (the launcher of which soon vanished). Attempts to get the CSE agent to do a scan resulted in a re-boot. Scrub time! -------------------------------------- Richard McClary, Systems Administrator ASPCA Knowledge Management 1717 S Philo Rd, Ste 36, Urbana, IL 61802 217-337-9761 http://www.aspca.org "Alex Eckelberry" <[EMAIL PROTECTED]> wrote on 01/11/2008 02:04:59 PM: > > Counterspy was very disappointing for me and I found that Spybot > would find malware that counterspy would not. > > Just make sure that the malware that wasn't found was a) not a > cookie and b) not a false positive. > > In actual testing, Spybot ranks last. Example: > > http://reviews.cnet.com/4520-3688_7-6721518-1.html > > (CounterSpy got Editor's Choice for 2008) > > http://reviews.cnet.com/search-results/sunbelt- > counterspy-2-0/4505-5_7-31232203.html > > Or this review of SpyBot: > > http://downloads.pcworld.about.com/article/id,136196-page,1/article.html > > I don't mean to bash Spybot. I personally know Michael Kolla, and > they are really good, honest people over there. > > I will just say that the kind of malware we're seeing these days is > way, way beyond the old-style antispyware product. What worries me > is that people are putting faith in products like SpyBot based on > their old reputation (it once was the very best). > > Alex > > > > > From: James Kerr [mailto:[EMAIL PROTECTED] > Sent: Friday, January 11, 2008 2:49 PM > To: NT System Admin Issues > Subject: Re: Kind of OT: Home PC Hacking > > Spybot may not be the best out there and usually I use a few > different solutions all together to be sure I got everything. > Counterspy was very disappointing for me and I found that Spybot > would find malware that counterspy would not. Havent tried Spyware > Dr but I will give it a go next time someone brings me a PC full O' malware. > ----- Original Message ----- > From: Alex Eckelberry > To: NT System Admin Issues > Sent: Friday, January 11, 2008 2:31 PM > Subject: RE: Kind of OT: Home PC Hacking > > That's a good suggestion, but it won't necessarily catch rootkits. > > A free program like Spybot is absolutely not going to find the > really bad things (rootkits, etc.). Bluntly, it is not nearly what > it was several years ago. > > I would do Joe's suggestion, along with the following: > > - Full scan with a free product like CounterSpy Trial or Spyware > Doctor Special Edition (both will actually remove stuff, as opposed > to push you to buy something) > > - Optionally, a full scan at antivirus.com > > - Optionally, run a free rootkit scan with the free F-Secure Blacklight > > - Install a free 2-way firewall, like ours (Sunbelt Personal > Firewall) or Zone Alarm and see what's going on. > > All free solutions, all very effective. > > > From: Louis, Joe [mailto:[EMAIL PROTECTED] > Sent: Friday, January 11, 2008 2:21 PM > To: NT System Admin Issues > Subject: RE: Kind of OT: Home PC Hacking > > I always tell people to redirect a netstat to a text file from a fresh reboot > > netstat -ano (winxp prof) > netstat -an (xp home) > > Download, install (using only defaults) and run ccleaner (using onlydefaults). > download and run, HiJackThis and review the log. > > Those are your best chances of trying to see what the problem w/o > having to spend a great deal of time with it. > > From: Bob Fronk [mailto:[EMAIL PROTECTED] > Sent: Friday, January 11, 2008 2:16 PM > To: NT System Admin Issues > Subject: Kind of OT: Home PC Hacking > > I have an employee who believes that someone may be maliciously > "hacking" into their home computer (not company owned). > > The PC is Windows XP SP2 with all updates. I am not sure if XP > firewall on or not, but they are behind a Linksys router. (Not > wireless) It is also running AV but I think is just a free version of AVG. > > > I told them I felt like Malware and Spyware was more of a threat > than someone actually hacking their PC. There is no actual proof > beyond a PC that "crashed". It sounded to me like it was full of > malware or maybe a worm virus as it "Slowed down" considerably > before the crash. > > What is the likelihood of a "hack"? What would be some of the > things to look for? > > > Bob Fronk > > This email and any attached files are confidential and intended > solely for the intended recipient(s). If you are not the named > recipient you should not read, distribute, copy or alter this email. > Any views or opinions expressed in this email are those of the > author and do not represent those of the Davis H. Elliot Company . > Warning: Although precautions have been taken to make sure no > viruses are present in this email, the company cannot accept > responsibility for any loss or damage that arise from the use of > this email or attachments. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~