Real time protection and scanners are now gone. Same with immunization such as spywareblaster. He saw that there are restricted sites still there and I'm having trouble deleting all something thousand of them. Is there an easier way of doing that??

Reinstall SpywareBlaster and disable its protection, then uninstall again.

Also you can try using ZonedOut (http://www.funkytoad.com/content/view/15/33/) to delete teh entries.

Thanks.

{QUOTE-> Real time protection and scanners are now gone. Same with immunization such as spywareblaster. He saw that there are restricted sites still there and I'm having trouble deleting all something thousand of them. Is there an easier way of doing that?? <-QUOTE}

Why would your dad do that? Does he not want his PC to be protected?

Nope for some stupid reason he doesn't. Oh well. That computer will come crashing faster then the burlin wall in a matter of days.

Nope that didn't get rid of the restricted sites. Should I redownload spywareterminator and disable the immunization in that??

I'd take an image of the disk, and then just leave it until the computer is useless. Then maybe he will get the picture

{QUOTE-> I'd take an image of the disk, and then just leave it until the computer is useless. Then maybe he will get the picture <-QUOTE}
Excellent idea.

Hi, folks: That person does not have to be your dad, anyone who has intimate access to that pc will do anything to surprise you. I would install Virtual-type app to freeze their pc session. Then you will not find your firewall has be deleted. I often suggest this solution to party which has repeated offenders nearby or standby. And that works. Good luck.

Have you considered Returnil or deepfreeze 6 ? Perhaps your Dad might accept them as an alternative to loads of security slowing him down ?

{QUOTE-> Nope that didn't get rid of the restricted sites. Should I redownload spywareterminator and disable the immunization in that?? <-QUOTE}

Maybe you simply haven't found him a security solution that is transparent enough. Possibly try sandboxie? When I trialed the software, I hardly knew it was running.

{QUOTE-> Nope that didn't get rid of the restricted sites. Should I redownload spywareterminator and disable the immunization in that?? <-QUOTE}
Which did you try reinstalling spywareblaster or using zonedout?

Try this: update spywareblaster, apply teh protection, and then use zonedout.

{QUOTE-> Why would your dad do that? Does he not want his PC to be protected? <-QUOTE}I'd be paring back the programs in his sig quite a bit.

Hi, folks: By reviewing some other posts you have here, I can not help thinking that if your dad is really capable of deleting all your real-time and on-demand scanners off your box, then he IS a tech-capable person to take all precautions. He must some damn-good reasons doing that, why don't you confront him with your questions? perhaps you two can settle the differences(i mean pc know-how disparity.)

The programs in my sig are for my laptop. The family PC had SpywareBlaster, Spywareterminator and Comodo Boclean.

http://www.mvps.org/winhelp2002/restricted.htm

Scroll down until you see To remove all the sites listed in the Restricted Zone Download DelDomains.inf and be sure you read that section, especially the note about the Trusted Zone.

Best Wishes,
VV

{QUOTE-> I'd take an image of the disk, and then just leave it until the computer is useless <-QUOTE}

I wouldn't . If I should decide I would just leave this computer "swim in the ocean" . When the dad doesn't want anything , early or later he/his computer or his personal data will fall viction of real cyber crime <=> he will lose money . When he loses money or even worse , then he might understand

im sure there must be a reason why he doesnt want the secuirty.
talking is the best and only real way to solve this issue.
what ever you try to instaal and password protect or whatever your dad will just try to get rid of it again.
so its best to just talk to your dad and ask why he uninstalled the stuff.
lodore

My dad likes cracks and p2p, his pc is slower then a donkey but yet when i offer him to secure his pc his awnser is he allready has a great security setup called avg free. Then i introduced him to avira,SAS, wich founded lot's of malware, got rid of it and some cleaning up here and there and pc is faster then ever. So then he decides despite of the fact i told him not to install 2 av's realtime he runs them both making the pc slow again. The he tells me av's lie when they find a virus. I guess dad's are like that or w/e. Oh yeah he doesn't want to change from ie6.

{QUOTE-> I wouldn't . If I should decide I would just leave this computer "swim in the ocean" . When the dad doesn't want anything , early or later he/his computer or his personal data will fall viction of real cyber crime <=> he will lose money . When he loses money or even worse , then he might understand <-QUOTE}


A bit extreme ? - whether or not he needs any security depends upon a number of factors of which neither of us are aware. Or are you really claiming that falling victim to cyber crime is inevitable without loads of "security" ? Is it not possible, depending upon his knowledge, and surfing habits that a good hardware Firewall, a decent browser and a little care that he does not need the security he objects to ?

my dad is the oposite.
he always wants to run scans even thou the computer has never had any malware.
lodore

Hello cheater87

A remark, if you allow...

Since this is your family PC, I presume your dad paid for it, so wouldn't you say that his opinion matters most in this case? Just like you thinking that the AS/AT/AV/whatever apps are needed, he may be thinking that they are not. And he could be right, you know... You don't need to run slew of real-time and on-demand system hogging apps just to feel secure, the only thing you really need for protection is a little bit of brains. I can see in your sig that you use some 'common sense', so I believe your dad uses that also.

On the other hand, it seems to me that your dad doesn't fully trust your advices when it comes to PC security, since he took some steps without your consent. Would you mind telling me why is that so?

cheater87 even in your previous thread (http://www.wilderssecurity.com/showthread.php?t=159125) you just told us your dad doesnt want any antivirus but you havent told us why. Have you asked him?

Cheater87, I'd suggest you re-install ST, undo its immunization, and then uninstall it again.

1) Have a sit down with Dad. Explain the importance of using common sense and limited accounts if he doesn't want anti-malware tools on his computer.
2) Get a job and buy your own pc. ;)

Cheater87, this is, what, the third time he's uninstalled something you've installed?
Find out why. Listen to what he says, and if it isn't valid from a security standpoint, try and explain why.
Bottom line is, if it's his computer, he has the say-so, although personally I think the morality of connecting an unsecured Windows 'pooter to the net is similar to that of sneezing over everyone when you've got the flu (or worse).

cheater87,

Regardless of the merit of the measures that you implemented, I'm sure anyone here would be somewhat miffed if they found the configuration of their PC (even if shared with others) had been altered.

Depending on usage styles, the PC could come crashing down in minutes, or be malware free for a number of years. Don't lose sight that either outcome is quite possible and, in fact, obtained by average users all the time.

Your father has made his wishes known, I'd say respect them. If he needs assistance in the future, that would be the appropriate time to broach the topic. In the meantime, you really shouldn't install any security measures without his explicit consent and knowledge. I do understand where you're coming from, but the primary owner has the final call, always.

Cheers,

Blue

good chance to install powershadow on your dad's computer :thumb:

{QUOTE-> 1) Have a sit down with Dad. Explain the importance of using common sense and limited accounts if he doesn't want anti-malware tools on his computer.
2) Get a job and buy your own pc. ;) <-QUOTE}
Cheater has a separate laptop.
{QUOTE-> The programs in my sig are for my laptop. The family PC had SpywareBlaster, Spywareterminator and Comodo Boclean. <-QUOTE}

Would it be possible to get your dad to visit a few security forums, preferably one that does malware removal? Let him see a few threads from people who have had passwords stolen and bank accounts cleaned out. It's suprising how many people still think spyware only exists in movies. Maybe if he could see how real the threat is, without becoming a victim, he might change his thinking.

There are steps you could take that would make it impossible to uninstall the security apps but like Blue said, it's the owners choice. It would be a big help if we knew what it is that he doesn't like about security apps. Prompts? Slow bootup? Slow internet? Blue Screens? He must have some reason, but until you find out exactly what they are and address them to his satisfaction, there's not much you can do. If nothing else, take a snapshot of the system while it's still clean and save it for when it's needed. Hopefully it's still clean.
Rick

Sometimes one will only listen after the train is wrecked. In any case, however, if Dad wants to use his computer without protection that is his prerogative.

Best,
Jerry

Hi Cheater:

I'm a Dad and a Granddad. If you came an messed with my PC (although you might find that harder here than there) I would NOT be a happy camper. This is an unresolved control issue between you and your Dad.

You refer to your laptop and the family PC right? Who owns the family PC I assume your Dad bought the PC for his use and the families is that right? I assume this is the case. You are a member of the family and therefore he lets you use the family PC but that does not include being the administrator for it unless he has delegated that task to you. Has he? I guess no.

So, you have tried several times to do the "right" thing and have come up short.

Time to back off, relax and let events unfold. You have told them of the possible consequences and you are now off the hook! You have told them right that the whole PC could be wiped, lost reduced to a crawl turned into a zombie etc etc.

You can use your own laptop exclusively right? PSW protect it and lock it when you walk away. You use that when you need your security and just live with the conditions as they are on the family PC. If they are behind a router with Windows FW on not much will happen unless some of those p2p get it.

Wait.

Hope this helps you.

My laptop is password protected and I lock it when I'm not around it. I'll let the family computer run its course. I also wiped out all restricted sites since he said he wants nothing protecting it but Norton. I'll see how the computer does. He says that they slow the computer down but this is because our old one was IIRC 6 or 7 years old and thats why it was slow. This was is less then a year old.

If he has Norton installed then he is not completely unprotected against malware. It could be worse....

Norton has barely any anti malware support. Its just tacked on most of it is virus protection.

what version of norton anyway?
lodore

Just make sure Windows firewall is on and do not allow exceptions. Run a few hardening tools to shut down un-needed services and try and get him to use Firefox. He'll be reasonably safe and there's no realtime protection involved.

Everyone in my family excluding my mom uses Firefox. Shes still sticks with AOL. Looks like there are some active x things that can get on the computer because AOL uses the IE engine.

{QUOTE-> Just make sure Windows firewall is on and do not allow exceptions. Run a few hardening tools to shut down un-needed services and try and get him to use Firefox. He'll be reasonably safe and there's no realtime protection involved. <-QUOTE}

In my work and family we have 7 machines - set up the way I want with no realtime protection - and then frozen with either DeepFreeze or Returnil.
Basically the idea is he who pays gets to decide. My wife or sons can install all the anti-spyware junk they want but at reboot it is gone.

its funny to read this...my parents used to not listen to me. they only had mcafee av/firewall because it came with the pc. did not want me to install anything. just like an addict who doesn't want your help getting clean, you have to let the parents go until they hit rock bottom and want your help getting the pc "clean" too.

my sister started using their pc because hers "stopped working". theirs almost "stopped working" as well - took around 15-20 minutes just to boot! (xp with a 1.7 p4 and 512k RAM, so that SHOULD NOT have been happening).

my dad finally asked me why all these ads came up and it took so long to boot. so i told him if we go, we go all the way. i let him use my laptop the night i did the cleaning, and he finally saw what a spyware free pc looked like. i locked them down like no tomorrow, and he did not protest any changes i made. he bought a wired router with firewall as well (the addict is clean!) i installed the same setup i have, and we never looked back. hasnt had virus or spyware (other than tracking cookies) since.

as a reward for christmas, i bought them a new desktop. the first thing they did when they opened the box was say "set this up tomorrow when you have time to secure it".

funny thing is, they have referred 5 of their friends to me, and i made a little dough on the side from it as well. after my sister saw my parents pc cruising along, she finally let me at her pc, which wouldnt load windows at all. we ended up formatting and installing windows again. she has gotten some spyware (bad habits) but SAS always cleans her out of a jam.

i say let em crash, but be there for them when they do.

I'll take your advice Tmaertin.

Look :dry: Tell your Dad to put everything back on at once or I'll steal his Bacon Sandwiches :shifty:

Every so often I try out a new anti spyware program and sometimes they even find something. I then report to the company concerned and they report back that it is a false positive.

Perhaps your father agrees with me that too much is made of the dangers of spyware ? For those on dial up or without a hardware firewall or those downloading "free" software or pirated software etc do need to be more careful but if you father is careful then perhaps he is not wrong to not to want to bog the machine down with too many "security" programs ?

I wonder. A few years ago it seemed there was a virus or trojan or unwanted program at every internet turn. Periodically things would install on my PC and I'd have to work out (as a total naive idiot) what they were, was this normal etc.
These days it's hardly ever I get much of an alert about anything. The Avast webshield has been known to block a site sometimes, I don't think I've ever had an alert from ST, all my routine scans (which have become a lot less frequent) with the likes of AVG, DrWeb, Avast, SAS etc come up clean or maybe a FP, and I wonder how "dark side" or "unlucky" or silly you have to be to actually get a nasty.
Could it be that the patches and fixes we install (or have installed) actually are doing the job? Or do you have to be seriously silly to get some malware these days?

{QUOTE-> I wonder. A few years ago it seemed there was a virus or trojan or unwanted program at every internet turn. <-QUOTE}

Is it possible that in those days you were on dial up and had no hardware firewall ? running IE5 ?.......

{QUOTE->
do you have to be seriously silly to get some malware these days? <-QUOTE}

gets my vote

I'm not so sure there's any less malware, trojans, etc on the net. When bot armies number in 6 and 7 digits, there must be many more compromised PCs than most realize. I can't offer any proof for this, but I suspect that stuff is infecting more PCs than it ever has, but it's written better and hidden with rootkits, so most infected users see no evidence that they are infected. Some of the better rootkit trojans can remove competing malware and prevent those malware overloads that used to cause visible performance problems. What seems to have changed is that malware isn't as "in your face" as it used to be, but it's there and more insidious than ever.
{QUOTE-> do you have to be seriously silly to get some malware these days? <-QUOTE}
No. You only need to visit one bad site, or one good site that's been recently hacked.
Example: http://www.wilderssecurity.com/showthread.php?t=184525
How many users would expect to be attacked by their bank's site? If that had been combined with a newly discovered zero day exploit, what percentage of users would have been secured well enough to prevent it?
Rick

{QUOTE-> so most infected users see no evidence that they are infected.
Rick <-QUOTE}

LOL - even more reason not to run anti-spyware and anti-virus programs. when I run on demand A2, or Super-antispyware, or Spyware Terminator or, or ..... and I come up clean I'm wasting my time because the bad guys are now so clever I'm infected and don't know it yet. Glad to see that the logic of trial by drowning is alive and well :ouch:

There is no AV, AS, AT, etc that comes close to detecting everything. I regularly get malware in a webmail box I set up for catching spam. When I upload that malware to VirusTotal, less than half the scanners identify the files as infected. The webmails own AV rarely does until a day or 2 later. That's just malware that turns up in a mailbox. What happens when it's delivered via a site you trust after it's been hacked? Security apps that depend on identifying malicious code in order to protect your PC are becoming less effective. With so much of it being spread by botnets, it often floods the net before the security vendors can respond with updates.

Most anti-spyware and AVs won't detect an already installed rootkit. Few if any can remove one. If they don't recognize a rootkit before it installs, it often remains undetected. Many of the AVs, AS, etc. are just now coming out with modules and add-ons for installed rootkit detection. None of them are 100% effective either. Unless the user runs tools designed specifically for rootkit detection, often several different ones, rootkits already installed often evade detection for a long time.

Much of todays malware doesn't bog down a system like it used to. The average user isn't going to look for malware when the PC appears to be running normally. Present day malware also kills, disables, or effectively blinds AVs, firewalls, HIPS, etc. Have you looked at the tests NicM did on this? http://www.wilderssecurity.com/showthread.php?t=180969 Malware has been attacking AVs and AS apps for a lot longer.

The old conventional advice of "don't open this, don't visit those, etc, doesn't get it done anymore. No security app or OS is 100% secure. No software is exploit-proof. No website is 100% secure from being hacked. No file type or media format is so safe that it can't be used to deliver malicious code. Call it paranoid or whatever else you choose, but if your security package is based on apps that need to identify a threat in order to protect you from it, it's only a matter of time until it fails.
Rick

{QUOTE-> Unless the user runs tools designed specifically for rootkit detection, often several different ones, rootkits already installed often evade detection for a long time.

<-QUOTE}

Have just run several Sophos, Blacklight and Rootkitrevealer and they found nothing. Any suggestions as to which programs might find something ?

I hear Sony is working on one...;)

{QUOTE-> Have just run several Sophos, Blacklight and Rootkitrevealer and they found nothing. Any suggestions as to which programs might find something ? <-QUOTE}
You can add RKU, GMER, and Icesword to those. Rootkit detectors are a bit like AVs. They use slightly different methods which gives each one different strengths and weaknesses. None of them are 100%. Another way to find the hidden files is to examine the hard drive from a separate OS such as a live CD and compare the file list to what is visible when the OS is active. Considering how many files there can be in the typical XP box, this can be quite time consuming.

Do you have some reason to think you have one or are you just trying to be sure that you don't? With existing tools, the best you can do is to be about 95% sure a system is clean. The only way to be close to 100% sure is to start with a clean install, use known to be clean offline installers for all your software, then set up a security package that strictly enforces a policy of default-deny on the user, OS components, installed apps, and the activities of each.

If this sounds paranoid, consider that several tookits are available that can custom build malware. See article here. (http://www.informationweek.com/software/showArticle.jhtml?articleID=201804277)
{QUOTE-> The toolkits are set up to be automatically updated whenever new exploits become available. They're also updated as new anti-forensic techniques come out, allowing them to evade detection by traditional signature, reputation and URL-based security products. <-QUOTE}
Expecting signature based security apps to keep up with this is wishful thinking. Malicious code gets distributed faster than the vendors can release detection signatures.
Rick

{QUOTE->

Do you have some reason to think you have one or are you just trying to be sure that you don't?


<-QUOTE}

Just trying to be sure that I don't. I have never had anything bad ever show up.
Having run various programs for anti-virus, antispyware, HIPs..... and seen nothing but false positives 7 months ago I removed everything and since then have just had my hardware firewall and FF as protection - run with Returnil or DeepFreeze6 with an Acronis Image as an ultimate fall back. I have collected a number of security programs which Reurnil allows me to install, run and then remove. Every few days I run a test -- but no joy - nothing, nada
Anyway -thanks - have added RKU to my collection.

{QUOTE-> I'd take an image of the disk, and then just leave it until the computer is useless. Then maybe he will get the picture <-QUOTE}
brilliant idea!.

What is an image of the disk and how do I take it???

An image is a file thats an exact copy of a partition(s) (maybe someone can give a better def). Some software you can use is Acronis True Image, Paragon Drive Backup, or ShadowProtect.

You can also use Karen's replicator which is freeware to make a copy of the drive (you need another off storage device for a backup).
Disk image definition:
http://en.wikipedia.org/wiki/Disk_image

Or you can pop open the PC and take your digital camera and take a photo image of your hard drive. But I don't think it will come in handy when your system crashes though. ::) ;D ;)

LOL thats a good one. Camera haha. :P