Once again my dad deleted all anti spyware programs on teh family computer.

Cheater87, this is, what, the third time he's uninstalled something you've installed?
Find out why. Listen to what he says, and if it isn't valid from a security standpoint, try and explain why.
Bottom line is, if it's his computer, he has the say-so, although personally I think the morality of connecting an unsecured Windows 'pooter to the net is similar to that of sneezing over everyone when you've got the flu (or worse).

 

cheater87,

Regardless of the merit of the measures that you implemented, I'm sure anyone here would be somewhat miffed if they found the configuration of their PC (even if shared with others) had been altered.

Depending on usage styles, the PC could come crashing down in minutes, or be malware free for a number of years. Don't lose sight that either outcome is quite possible and, in fact, obtained by average users all the time.

Your father has made his wishes known, I'd say respect them. If he needs assistance in the future, that would be the appropriate time to broach the topic. In the meantime, you really shouldn't install any security measures without his explicit consent and knowledge. I do understand where you're coming from, but the primary owner has the final call, always.

Cheers,

Blue

 

good chance to install powershadow on your dad's computer

 

Cheater has a separate laptop.

Would it be possible to get your dad to visit a few security forums, preferably one that does malware removal? Let him see a few threads from people who have had passwords stolen and bank accounts cleaned out. It's suprising how many people still think spyware only exists in movies. Maybe if he could see how real the threat is, without becoming a victim, he might change his thinking.

There are steps you could take that would make it impossible to uninstall the security apps but like Blue said, it's the owners choice. It would be a big help if we knew what it is that he doesn't like about security apps. Prompts? Slow bootup? Slow internet? Blue Screens? He must have some reason, but until you find out exactly what they are and address them to his satisfaction, there's not much you can do. If nothing else, take a snapshot of the system while it's still clean and save it for when it's needed. Hopefully it's still clean.
Rick

 

Sometimes one will only listen after the train is wrecked. In any case, however, if Dad wants to use his computer without protection that is his prerogative.

Best,
Jerry

 

Hi Cheater:

I'm a Dad and a Granddad. If you came an messed with my PC (although you might find that harder here than there) I would NOT be a happy camper. This is an unresolved control issue between you and your Dad.

You refer to your laptop and the family PC right? Who owns the family PC I assume your Dad bought the PC for his use and the families is that right? I assume this is the case. You are a member of the family and therefore he lets you use the family PC but that does not include being the administrator for it unless he has delegated that task to you. Has he? I guess no.

So, you have tried several times to do the "right" thing and have come up short.

Time to back off, relax and let events unfold. You have told them of the possible consequences and you are now off the hook! You have told them right that the whole PC could be wiped, lost reduced to a crawl turned into a zombie etc etc.

You can use your own laptop exclusively right? PSW protect it and lock it when you walk away. You use that when you need your security and just live with the conditions as they are on the family PC. If they are behind a router with Windows FW on not much will happen unless some of those p2p get it.

Wait.

Hope this helps you.

 

My laptop is password protected and I lock it when I'm not around it. I'll let the family computer run its course. I also wiped out all restricted sites since he said he wants nothing protecting it but Norton. I'll see how the computer does. He says that they slow the computer down but this is because our old one was IIRC 6 or 7 years old and thats why it was slow. This was is less then a year old.

 

If he has Norton installed then he is not completely unprotected against malware. It could be worse....

 

Norton has barely any anti malware support. Its just tacked on most of it is virus protection.

 

what version of norton anyway?
lodore

 

Just make sure Windows firewall is on and do not allow exceptions. Run a few hardening tools to shut down un-needed services and try and get him to use Firefox. He'll be reasonably safe and there's no realtime protection involved.

 

Everyone in my family excluding my mom uses Firefox. Shes still sticks with AOL. Looks like there are some active x things that can get on the computer because AOL uses the IE engine.

 

In my work and family we have 7 machines - set up the way I want with no realtime protection - and then frozen with either DeepFreeze or Returnil.
Basically the idea is he who pays gets to decide. My wife or sons can install all the anti-spyware junk they want but at reboot it is gone.

 

its funny to read this...my parents used to not listen to me. they only had mcafee av/firewall because it came with the pc. did not want me to install anything. just like an addict who doesn't want your help getting clean, you have to let the parents go until they hit rock bottom and want your help getting the pc "clean" too.

my sister started using their pc because hers "stopped working". theirs almost "stopped working" as well - took around 15-20 minutes just to boot! (xp with a 1.7 p4 and 512k RAM, so that SHOULD NOT have been happening).

my dad finally asked me why all these ads came up and it took so long to boot. so i told him if we go, we go all the way. i let him use my laptop the night i did the cleaning, and he finally saw what a spyware free pc looked like. i locked them down like no tomorrow, and he did not protest any changes i made. he bought a wired router with firewall as well (the addict is clean!) i installed the same setup i have, and we never looked back. hasnt had virus or spyware (other than tracking cookies) since.

as a reward for christmas, i bought them a new desktop. the first thing they did when they opened the box was say "set this up tomorrow when you have time to secure it".

funny thing is, they have referred 5 of their friends to me, and i made a little dough on the side from it as well. after my sister saw my parents pc cruising along, she finally let me at her pc, which wouldnt load windows at all. we ended up formatting and installing windows again. she has gotten some spyware (bad habits) but SAS always cleans her out of a jam.

i say let em crash, but be there for them when they do.

 

I'll take your advice Tmaertin.

 

Look Tell your Dad to put everything back on at once or I'll steal his Bacon Sandwiches

 

Every so often I try out a new anti spyware program and sometimes they even find something. I then report to the company concerned and they report back that it is a false positive.

Perhaps your father agrees with me that too much is made of the dangers of spyware ? For those on dial up or without a hardware firewall or those downloading "free" software or pirated software etc do need to be more careful but if you father is careful then perhaps he is not wrong to not to want to bog the machine down with too many "security" programs ?

 

I wonder. A few years ago it seemed there was a virus or trojan or unwanted program at every internet turn. Periodically things would install on my PC and I'd have to work out (as a total naive idiot) what they were, was this normal etc.
These days it's hardly ever I get much of an alert about anything. The Avast webshield has been known to block a site sometimes, I don't think I've ever had an alert from ST, all my routine scans (which have become a lot less frequent) with the likes of AVG, DrWeb, Avast, SAS etc come up clean or maybe a FP, and I wonder how "dark side" or "unlucky" or silly you have to be to actually get a nasty.
Could it be that the patches and fixes we install (or have installed) actually are doing the job? Or do you have to be seriously silly to get some malware these days?

 

Is it possible that in those days you were on dial up and had no hardware firewall ? running IE5 ?.......

gets my vote

 

I'm not so sure there's any less malware, trojans, etc on the net. When bot armies number in 6 and 7 digits, there must be many more compromised PCs than most realize. I can't offer any proof for this, but I suspect that stuff is infecting more PCs than it ever has, but it's written better and hidden with rootkits, so most infected users see no evidence that they are infected. Some of the better rootkit trojans can remove competing malware and prevent those malware overloads that used to cause visible performance problems. What seems to have changed is that malware isn't as "in your face" as it used to be, but it's there and more insidious than ever.

No. You only need to visit one bad site, or one good site that's been recently hacked.
Example: https://www.wilderssecurity.com/showthread.php?t=184525
How many users would expect to be attacked by their bank's site? If that had been combined with a newly discovered zero day exploit, what percentage of users would have been secured well enough to prevent it?
Rick

 

LOL - even more reason not to run anti-spyware and anti-virus programs. when I run on demand A2, or Super-antispyware, or Spyware Terminator or, or ..... and I come up clean I'm wasting my time because the bad guys are now so clever I'm infected and don't know it yet. Glad to see that the logic of trial by drowning is alive and well

 

There is no AV, AS, AT, etc that comes close to detecting everything. I regularly get malware in a webmail box I set up for catching spam. When I upload that malware to VirusTotal, less than half the scanners identify the files as infected. The webmails own AV rarely does until a day or 2 later. That's just malware that turns up in a mailbox. What happens when it's delivered via a site you trust after it's been hacked? Security apps that depend on identifying malicious code in order to protect your PC are becoming less effective. With so much of it being spread by botnets, it often floods the net before the security vendors can respond with updates.

Most anti-spyware and AVs won't detect an already installed rootkit. Few if any can remove one. If they don't recognize a rootkit before it installs, it often remains undetected. Many of the AVs, AS, etc. are just now coming out with modules and add-ons for installed rootkit detection. None of them are 100% effective either. Unless the user runs tools designed specifically for rootkit detection, often several different ones, rootkits already installed often evade detection for a long time.

Much of todays malware doesn't bog down a system like it used to. The average user isn't going to look for malware when the PC appears to be running normally. Present day malware also kills, disables, or effectively blinds AVs, firewalls, HIPS, etc. Have you looked at the tests NicM did on this? https://www.wilderssecurity.com/showthread.php?t=180969 Malware has been attacking AVs and AS apps for a lot longer.

The old conventional advice of "don't open this, don't visit those, etc, doesn't get it done anymore. No security app or OS is 100% secure. No software is exploit-proof. No website is 100% secure from being hacked. No file type or media format is so safe that it can't be used to deliver malicious code. Call it paranoid or whatever else you choose, but if your security package is based on apps that need to identify a threat in order to protect you from it, it's only a matter of time until it fails.
Rick

 

Have just run several Sophos, Blacklight and Rootkitrevealer and they found nothing. Any suggestions as to which programs might find something ?

 

I hear Sony is working on one...

 

You can add RKU, GMER, and Icesword to those. Rootkit detectors are a bit like AVs. They use slightly different methods which gives each one different strengths and weaknesses. None of them are 100%. Another way to find the hidden files is to examine the hard drive from a separate OS such as a live CD and compare the file list to what is visible when the OS is active. Considering how many files there can be in the typical XP box, this can be quite time consuming.

Do you have some reason to think you have one or are you just trying to be sure that you don't? With existing tools, the best you can do is to be about 95% sure a system is clean. The only way to be close to 100% sure is to start with a clean install, use known to be clean offline installers for all your software, then set up a security package that strictly enforces a policy of default-deny on the user, OS components, installed apps, and the activities of each.

If this sounds paranoid, consider that several tookits are available that can custom build malware. See article here.

Expecting signature based security apps to keep up with this is wishful thinking. Malicious code gets distributed faster than the vendors can release detection signatures.
Rick