Windows accounts and spyware

[Garrot]

On Sat, 07 Oct 2006 10:23:01 GMT, Broooz wrote:

> Is there any easy way of removing spyware from all your windows accounts at
> once or do you need to log on into each session and run the spyware
> programmes in each session?
>
> If you can't do this, is there any spyware that is capable of hiding in a
> windows account that can affect what you are doing in another account? So,
> for example, if you are using a computer for banking, do you need to check
> all the accounts are clean before logging into your bank account?
>
> Thanks

Once compromised it is best to format and start clean, depending on the
nature of the spyware.

[Lil' Abner]

Garrot <invalid@invalid.invalid> wrote in
news:vd7om511rzx3$.ifujswl6x180.dlg@40tude.net:

> On Sat, 07 Oct 2006 10:23:01 GMT, Broooz wrote:
>
>> Is there any easy way of removing spyware from all your windows
>> accounts at once or do you need to log on into each session and run
>> the spyware programmes in each session?
>>
>> If you can't do this, is there any spyware that is capable of hiding
>> in a windows account that can affect what you are doing in another
>> account? So, for example, if you are using a computer for banking,
>> do you need to check all the accounts are clean before logging into
>> your bank account?
>>
>> Thanks
>
> Once compromised it is best to format and start clean, depending on
> the nature of the spyware.

You're right and I've taken this way out lots of times.
However way too often it's not feasible.
I'd say at least half my customers don't have a clue where their restore
CD is. or half the software they have installed. Or in the case of XP
maybe it has a restore partition. And that takes it back to pre Service
Pack 1. By the time you get it upgraded to SP2 with all the upgrades,
reinstalled an antivirus application and all the applications you can
find, you've wrecked a couple of days. If you charge what you should for
your time, the customer might as well have bought a new computer.
And most people wouldn't understand how to do it themselves.
My usual procedure is to clone the customer's hard drive first. Then I
try to clean it up. If I can get it cleaned up without crippling it too
badly, then fine. If I can't, then I wipe it out and start over. Then
I'll burn all the data off the cloned drive to a DVD or CDs and use them
to retrieve what data I can. *Sometimes* I'll just slave the cloned drive
to retrieve the data, but that can be dangerous if the cloned drive is
infected.
It's amazing how fast some people can screw up a computer. I'd be willing
to bet that 90% of the regulars in here *never* have any spyware
problems.
I don't, and I'm no angel when it comes to browsing. I think we've
probably all developed a sixth sense for what not to click on... :-)
All I run real time is NAV 2005 and Zone Alarm, plus I'm behind a router.
Even Zone Alarm is overkill since there's never anything in the logfile.
I don't do full scans with NAV. It's just there to nail anything that
might try to get in.
I've got AdAware, Spybot Search & Destroy, SpywareBlaster, and
SuperAntiSpyware all installed. Once in a while on a whim I'll run those
but all they ever find are a few cookies.
OK, so I got carried away... hell it's a slow Sunday... :-)

--
--- A dyslexic man walks into a bra ---

[Lil' Abner]

"Lil' Abner" <blvstk@dogpatch.com> wrote in
news:Xns98557784AA608butter@wefb973cbe498:

> OK, so I got carried away... hell it's a slow Sunday... :-)

Duh... make that Saturday... :-(

--
--- A dyslexic man walks into a bra ---

[David H. Lipman]

From: "Lil' Abner" <blvstk@dogpatch.com>

| "Lil' Abner" <blvstk@dogpatch.com> wrote in
| news:Xns98557784AA608butter@wefb973cbe498:
|
>> OK, so I got carried away... hell it's a slow Sunday... :-)
|
| Duh... make that Saturday... :-(
|

:-)

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

[Garrot]

On Sat, 07 Oct 2006 11:44:55 -0500, Lil' Abner wrote:

> Garrot <invalid@invalid.invalid> wrote in
> news:vd7om511rzx3$.ifujswl6x180.dlg@40tude.net:
>
>> On Sat, 07 Oct 2006 10:23:01 GMT, Broooz wrote:
>>
>>> Is there any easy way of removing spyware from all your windows
>>> accounts at once or do you need to log on into each session and run
>>> the spyware programmes in each session?
>>>
>>> If you can't do this, is there any spyware that is capable of hiding
>>> in a windows account that can affect what you are doing in another
>>> account? So, for example, if you are using a computer for banking,
>>> do you need to check all the accounts are clean before logging into
>>> your bank account?
>>>
>>> Thanks
>>
>> Once compromised it is best to format and start clean, depending on
>> the nature of the spyware.
>
> You're right and I've taken this way out lots of times.
> However way too often it's not feasible.
> I'd say at least half my customers don't have a clue where their restore
> CD is.

Yea, I have a friend who can't go a week without messing up his PC. I use
Norton Ghost so I can restore my PC to a clean state in less than half an
hour if need be.