Re: A suggestion for next month's Malicious Software Removal download

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

"PA Bear" <PABearMVP@xxxxxxxxx> writes:
The MSRT's doing a helluva job IMHO.

Download and read:
http://www.microsoft.com/downloads/details.aspx?FamilyId=47DDCFA9-645D-4495-9EDA-92CDE33E99A9&displaylang=en

Really. Here are just two examples of folks saying that THE
problem is MILLIONS of security hole Windows boxes flushing
the spam and fraud toilet at the net as fast as their little
DSL connection will go.

Read
http://www.zdnet.com.au/news/security/soa/ISPs_accused_of_ignoring_botnet_invasion/0,2000061744,39257307,00.htm
ISPs accused of ignoring botnet invasion

By Munir Kotadia, ZDNet Australia
24 May 2006 03:11 PM

Internet Service Providers are in the perfect position to kill vast
armies of compromised computers -- or bots -- that are being used
by cyber-criminals to launch the majority of spam and phishing
attacks, according security specialists at the AusCERT 2006 conference.

Botnets are vast groups of Windows-based PCs that have been infected
with a Trojan or virus that allows the computer to be illicitly
controlled from a remote location. Bot armies comprising of between
10,000 and 100,000 bots are openly advertised for hire on newsgroups
located in the darker corners of the Internet.

The majority of these bots are home computers that are connected
to the Internet over a broadband link such as ADSL or Cable, which
means all the malicious traffic initially passes through the network
of each individual bots' ISP.

Or

http://www.cotse.com/20050717.html
It's time ISP's were held accountable!

The biggest threat on the Internet, by far, are the millions of
end user machines infected by a virus/trojan. It's the end result
of someone clicking an attachment/running an infected file/not
applying the most recent security patch and effectively giving their
computer over to someone who is going to use it for nefarious
purposes.

That person first copies all useable personal information off that
computer (credit cards, accounts and passwords, etc.), then turns
it into a Zombie (a machine waiting to be controlled). These Zombie
machines are the individual units of much larger bot nets and they
are attacking in greater numbers than ever before.

Some of these bot nets are numbering hundreds of thousands of
machines and quite possibly might be nearing a million. A bot net
is controlled as a single computer. It's easily the worlds largest
multiprocessor server and time is sold on it at a premium."



Now how is it again that this thing that supposedly removes
malicious software from Windows computers doing a fine job?

How many hundred of the pump-n-dump stock swindle spam
are you reporting to abuse addresses every month since this
broke out a few months ago? There appears to be no sign
that this is even slowing down, even after I report a few
hundred of these each to Comcast and Verizon and SWBell and...
Every one of those is flushing out of a compromised DSL XP toilet.

--
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE, Shell/User, Security), Aumha.org VSOP, DTS-L.org

Don Taylor wrote:
Why doesn't Microsoft make next month's Malicious Software Removal
download exterminate some or most of the 'bots' that have taken
over the world's DSL connected machines that are owned by people
who haven't a clue what security is?

It doesn't seem like rocket science for them to go capture a few
of these machines, determine which bots they have, drop the code
into the monthly update to sterilize these, and then advertise the
hell out of this AND have it announce when it was done if it had
actually found and fixed this for the customer.

And every time a new infection grabbed the headlines they could
announce that they were on top of this.

Talk about finally a Windows Genuine Advantage?!?! That would be
it.

.

Relevant Pages

  • Re: Cryptogram Comment
    ... Or had to go through setting up basic security for their ... > bother me with Windows questions. ... > machines are broken. ... and Linux and other open OS's make all patches FREE to redistribute. ...
    (sci.crypt)
  • OT security on mainframe versus that on Windows was Re: RWs statement - what am I missing (was:
    ... One reason why Windows is so plagued by virus and other security ... Mainframe OSs have been far less prone ... professionally managed back-end machines versus desktop ...
    (comp.lang.cobol)
  • Re: RestrictAnonymous registry key
    ... other machines are on the network I have to get a list of other machines ... completed their migration to Windows 2000 and above. ... browse lists anyway). ... security at the NTFS level, and Named Pipes are a whole 'nother issue - I ...
    (microsoft.public.win2000.security)
  • Re: Windows XP remember GP when removed from domain
    ... security template ... ... Windows Platform Support Team ... > machines is what I'd ... >>Security policy is an actual registry change that needs ...
    (microsoft.public.windows.group_policy)
  • Re: compromised machines
    ... It wouldn't surprise me if they were running bots, ... Agobot, Polybot or Spybot, which compromise computers. ... If they crack a multi user computer (Windows 2000 Server comes to mind), ... Subject: compromised machines ...
    (Incidents)