[plug] [OT] Sony malware on Windows

Fri Nov 18 19:08:35 WST 2005

Alternative solution #1:

Don't use ZoneAlarm... Windows XP's own firewall is pretty good (since 
it pretty much is ZoneAlarm).

Using XP's Firewall and a decent hardware router (properly configured) 
is usually enough protection.

Alternative solution #2:

Tell user's to learn a little about what they are clicking.  Quite often 
removing EVERYTHING programs such as Ad-Aware or HiJackThis discover is 
a bad move - so what!  They give you the full picture, they tell you it 
is a minor threat - possibly even nothing to worry about at all - and 
the rest is up to the user.  I know I have never had this kind of 
problem.  Then again, I know what I am doing and read things / ensure I 
understand things before I click them / remove them.

Arie Hol wrote:

>On 18 Nov 2005 at 16:37, Chris Caston wrote:
>
>8<----------------- snip ----------------->8
>
>  
>
>>Shame it appears you will need to buy longhorn if you want to keep 
>>    
>>
>using
>  
>
>>it when it becomes "Windows defender"
>>
>>Also for cleaning up all the crap that MS Anti-spyware, S&D and Adaware
>>miss I recommend a-sqaured hijack free:
>>    
>>
>
>Your mention of Adaware - brought to mind a recent problem I came across 
>on a Windows PC.
>
>Problem :
>User downloaded and tried to update to the latest free version of 
>Zonealarm - installer raised errors relating to 'invalid root 
>certificate'  and 'missing root certificate' then subsequently failed. 
>leaving the system with no firewall to protect it.
>
>Cause :
>User had run Adaware and 'removed' all items found by the Adaware scan.
>Apparently Adaware had found the 'root certicate' for Zonealarm and 
>considered it as a 'minor threat' - the user would not 'accept' even a 
>minor threat and told Adaware to 'clean' all items found - subsequently 
>'breaking' Zonealarm at next system boot ( no long wait here ??).
>
>Solution :
>1 - Consult Zonealarm user forums - search hundreds of posts covering the 
>problem - try many 'possible' solutions until you find the right one - 
>finally install version 6.0 or later of Internet Explorer in order to get 
>the 'root certificate' problem fixed.
>
>2 - Get Adaware to back off on the 'minor threats'. (not good ??)
>
>Outcome :
>Even if you do not want/need/use IE you need to have it installed to 
>ensure that your Zonealarm fiewall will update/run/survive to protect 
>your PC.
>
>Moral :
>What next from Microsoft ?????
>
>
>
>
>Regards Arie
>------------------------------------------------------------------
> For the concert of life, nobody has a program.
>------------------------------------------------------------------
>_______________________________________________
>PLUG discussion list: plug at plug.org.au
>http://www.plug.org.au/mailman/listinfo/plug
>Committee e-mail: committee at plug.linux.org.au
>
>  
>

-- 
Jonathan Young
Director of PC-PHIX
jonathan at pcphix.com

Phone: 0410 455 674
Web: http://www.pcphix.com/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20051118/62ddb1c1/attachment.html>