Why isn't anything easy?

Working on a friend's Compaq Presario (the world ugliest computer). Her
teenage son had done everything possible to screw it up. Many kinds of
spyware, 2 viruses, machine was a mess. So, my friend said "The hell with
it....let's start from scratch". Used the Compaq restore disk to reformat &
reinstall XP Home. Installed ZoneAlarm (free version) next, everything
worked fine. Did all MS updates EXCEPT SP2 (ran out of time & energy on the
first night). Everything worked fine.

Did the SP2 update (using Windows Update from the start menu). No glitches
during install, but now, I cannot access the internet. When I did the SP2
update on two other machines, I did NOT have this problem. Before I start
poking around, can anyone offer a clue, or tell me which fork in the road to
take?

By the way, I tried shutting down ZoneAlarm, even though it did NOT indicate
that it had blocked anything outbound, like IE, but doing this made no
difference. Uninstalled ZA, at which point the Windows firewall kicked in.
Disabled THAT while figuring this out. And, there is no AV software
installed yet. Just a clean machine. Almost.

-Doug

It won't be clean for long! In a article from the Jan. 05 edition of Maximum
PC magazine, about exposing a unprotected computer to the internet. It took
an average of 4 min. for the computer to get infected.

"Doug Kanter" >...

> By the way, I tried shutting down ZoneAlarm, even though it did NOT
> indicate that it had blocked anything outbound, like IE, but doing this
> made no
> difference. Uninstalled ZA, at which point the Windows firewall kicked in.
> Disabled THAT while figuring this out. And, there is no AV software
> installed yet. Just a clean machine. Almost.
>
> -Doug
>
>

I know. Another estimate said 20 minutes. But, everyone I've consulted has
asked about what firewall I was running, and then stuffed cotton in their
ears, as if a firewall was the source of all problems. So, I uninstalled it
so I could be perfectly honest with the dolts who ask that question.

Remember, years ago, when any time you'd call various tech support sources
with problems, they'd say "Delete your OS and start from scratch"? Same
dolts.

"K" > wrote in message
...
> It won't be clean for long! In a article from the Jan. 05 edition of
> Maximum PC magazine, about exposing a unprotected computer to the
> internet. It took an average of 4 min. for the computer to get infected.
>
> "Doug Kanter" >...
>
>> By the way, I tried shutting down ZoneAlarm, even though it did NOT
>> indicate that it had blocked anything outbound, like IE, but doing this
>> made no
>> difference. Uninstalled ZA, at which point the Windows firewall kicked
>> in. Disabled THAT while figuring this out. And, there is no AV software
>> installed yet. Just a clean machine. Almost.
>>
>> -Doug
>>
>>
>
>

In article >, "Doug Kanter"
> wrote:
>Steve:
>Thanks for the info. I'll be trying your suggestions later today. Meanwhile,
>a question about the Windows firewall. When SP2 was first released, the
>computer press claimed that it does little or nothing to control OUTBOUND
>nasties - things on the computer that want to communicate with the outside
>world without asking first. Is this true?

Windows Firewall only blocks undesired incoming traffic. It has no
effect on outgoing traffic. If protection from undesired outgoing
traffic is important to you, use a software firewall like ZoneAlarm,
Sygate, Norton, etc.

As I understand it, Microsoft believes that a computer with undesired
outgoing traffic (from viruses, spyware, Trojan horses, etc) is too
badly compromised for a firewall to make a significant difference.
The nasties have probably already caused other damage that a firewall
can't fix.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

"Steve Winograd [MVP]" > wrote in message
...
> In article >, "Doug Kanter"
> > wrote:
>>Steve:
>>Thanks for the info. I'll be trying your suggestions later today.
>>Meanwhile,
>>a question about the Windows firewall. When SP2 was first released, the
>>computer press claimed that it does little or nothing to control OUTBOUND
>>nasties - things on the computer that want to communicate with the outside
>>world without asking first. Is this true?
>
> Windows Firewall only blocks undesired incoming traffic. It has no
> effect on outgoing traffic. If protection from undesired outgoing
> traffic is important to you, use a software firewall like ZoneAlarm,
> Sygate, Norton, etc.
>
> As I understand it, Microsoft believes that a computer with undesired
> outgoing traffic (from viruses, spyware, Trojan horses, etc) is too
> badly compromised for a firewall to make a significant difference.
> The nasties have probably already caused other damage that a firewall
> can't fix.
> --
> Best Wishes,
> Steve Winograd, MS-MVP (Windows Networking)

MS is correct....unless there are kids in the house. In that case, there may
a problem that exists for a few hours until an adult can deal with it.
Fortunately, my 15 yr old son learned his lesson when he made his PC
inoperable, and I decided to leave it that way for a week. :-)

On Sun, 13 Feb 2005 15:12:35 GMT, "Doug Kanter" <*email_address_deleted*> wrote:

>> As I understand it, Microsoft believes that a computer with undesired
>> outgoing traffic (from viruses, spyware, Trojan horses, etc) is too
>> badly compromised for a firewall to make a significant difference.
>> The nasties have probably already caused other damage that a firewall
>> can't fix.
>> --
>> Best Wishes,
>> Steve Winograd, MS-MVP (Windows Networking)
>
>MS is correct....unless there are kids in the house. In that case, there may
>a problem that exists for a few hours until an adult can deal with it.
>Fortunately, my 15 yr old son learned his lesson when he made his PC
>inoperable, and I decided to leave it that way for a week. :-)

There's something Microsoft and I agree on. If the spyware gets onto your
computer in the first place, you've already lost the battle. Layer your
defenses. Don't let the spyware get as far as attempting to call home.

Careful, Doug. My neighbor tried that with her daughter, and the daughter
learned to fix it herself.

And Doug, posting your email address openly will get you more unwanted email,
than wanted email. Learn to munge your email address properly, to keep yourself
a bit safer when posting to open forums. Protect yourself and the rest of the
internet - read this article.
http://www.mailmsg.com/SPAM_munging.htm

--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net.

"Chuck" > wrote in message
...
> On Sun, 13 Feb 2005 15:12:35 GMT, "Doug Kanter" <*email_address_deleted*>
> wrote:
>
>>> As I understand it, Microsoft believes that a computer with undesired
>>> outgoing traffic (from viruses, spyware, Trojan horses, etc) is too
>>> badly compromised for a firewall to make a significant difference.
>>> The nasties have probably already caused other damage that a firewall
>>> can't fix.
>>> --
>>> Best Wishes,
>>> Steve Winograd, MS-MVP (Windows Networking)
>>
>>MS is correct....unless there are kids in the house. In that case, there
>>may
>>a problem that exists for a few hours until an adult can deal with it.
>>Fortunately, my 15 yr old son learned his lesson when he made his PC
>>inoperable, and I decided to leave it that way for a week. :-)
>
> There's something Microsoft and I agree on. If the spyware gets onto your
> computer in the first place, you've already lost the battle. Layer your
> defenses. Don't let the spyware get as far as attempting to call home.

I agree. On my own machine, it's never happened. One way I've achieved this
is by prohibiting ALL other users on the machine, since it runs my business.
I've seen too many instances of people saying "Something weird's happening
and I SWEAR I didn't open/download/click anything". Yeah. Right. :-)


> Careful, Doug. My neighbor tried that with her daughter, and the daughter
> learned to fix it herself.

That's OK. He's learned how not to catch these diseases by now.


> And Doug, posting your email address openly will get you more unwanted
> email,
> than wanted email. Learn to munge your email address properly, to keep
> yourself
> a bit safer when posting to open forums. Protect yourself and the rest of
> the
> internet - read this article.

The hotmail address is a crap-catcher. I don't care what ends up there. What
amazes me, though, is that the fake MS security emails are still flying
around. That must mean there are people who live in caves and still haven't
heard about that scam.

In article >, "Doug Kanter"
> wrote:
>> There's something Microsoft and I agree on. If the spyware gets onto your
>> computer in the first place, you've already lost the battle. Layer your
>> defenses. Don't let the spyware get as far as attempting to call home.
>
>I agree. On my own machine, it's never happened. One way I've achieved this
>is by prohibiting ALL other users on the machine, since it runs my business.
>I've seen too many instances of people saying "Something weird's happening
>and I SWEAR I didn't open/download/click anything". Yeah. Right. :-)

I agree, Doug. See the topic "Preventing the Kids from Messing Up
Your Computer" in my October 2004 client newsletter:

http://www.bcmaven.com/newsletters/october2004.htm

>> And Doug, posting your email address openly will get you more unwanted
>> email,
>> than wanted email. Learn to munge your email address properly, to keep
>> yourself
>> a bit safer when posting to open forums. Protect yourself and the rest of
>> the
>> internet - read this article.
>
>The hotmail address is a crap-catcher. I don't care what ends up there. What
>amazes me, though, is that the fake MS security emails are still flying
>around. That must mean there are people who live in caves and still haven't
>heard about that scam.

I've posted news group messages using the same real E-mail address for
several years. Pobox.com has topnotch spam filters and blacklists
that stop the spam, let the real messages through, and almost never
make a mistake.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

"Steve Winograd [MVP]" > wrote in message
...
> In article >, "Doug Kanter"
> > wrote:
>>> There's something Microsoft and I agree on. If the spyware gets onto
>>> your
>>> computer in the first place, you've already lost the battle. Layer your
>>> defenses. Don't let the spyware get as far as attempting to call home.
>>
>>I agree. On my own machine, it's never happened. One way I've achieved
>>this
>>is by prohibiting ALL other users on the machine, since it runs my
>>business.
>>I've seen too many instances of people saying "Something weird's happening
>>and I SWEAR I didn't open/download/click anything". Yeah. Right. :-)
>
> I agree, Doug. See the topic "Preventing the Kids from Messing Up
> Your Computer" in my October 2004 client newsletter:
>
> http://www.bcmaven.com/newsletters/october2004.htm
>
>>> And Doug, posting your email address openly will get you more unwanted
>>> email,
>>> than wanted email. Learn to munge your email address properly, to keep
>>> yourself
>>> a bit safer when posting to open forums. Protect yourself and the rest
>>> of
>>> the
>>> internet - read this article.
>>
>>The hotmail address is a crap-catcher. I don't care what ends up there.
>>What
>>amazes me, though, is that the fake MS security emails are still flying
>>around. That must mean there are people who live in caves and still
>>haven't
>>heard about that scam.
>
> I've posted news group messages using the same real E-mail address for
> several years. Pobox.com has topnotch spam filters and blacklists
> that stop the spam, let the real messages through, and almost never
> make a mistake.
> --
> Best Wishes,
> Steve Winograd, MS-MVP (Windows Networking)

I guess I could go check it out, but it's easier to ask you: Does pobox.com
allow for access using OE, or is it just web-based?

On Sun, 13 Feb 2005 13:23:56 -0700, "Steve Winograd [MVP]"
<*email_address_deleted*> wrote:

>>The hotmail address is a crap-catcher. I don't care what ends up there. What
>>amazes me, though, is that the fake MS security emails are still flying
>>around. That must mean there are people who live in caves and still haven't
>>heard about that scam.
>
>I've posted news group messages using the same real E-mail address for
>several years. Pobox.com has topnotch spam filters and blacklists
>that stop the spam, let the real messages through, and almost never
>make a mistake.

The problem is not you or me, the problem is the naive ones who see your post as
an example, without realising what precautions you take to make it safe.

The naive ones are the ones who then post with their actual email address, get
more malicious spam in their Inbox, and don't know to not open it or to not
click on the link inside. They get infected with the latest worm, and provide
yet another bot delivering still more spam to your email box, further
overloading your email server and bringing the spam load closer to the predicted
90% level.

Please don't be a bad example to the naive users.

--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net.

"Chuck" > wrote in message
...
> On Sun, 13 Feb 2005 13:23:56 -0700, "Steve Winograd [MVP]"
> <*email_address_deleted*> wrote:
>
>>>The hotmail address is a crap-catcher. I don't care what ends up there.
>>>What
>>>amazes me, though, is that the fake MS security emails are still flying
>>>around. That must mean there are people who live in caves and still
>>>haven't
>>>heard about that scam.
>>
>>I've posted news group messages using the same real E-mail address for
>>several years. Pobox.com has topnotch spam filters and blacklists
>>that stop the spam, let the real messages through, and almost never
>>make a mistake.
>
> The problem is not you or me, the problem is the naive ones who see your
> post as
> an example, without realising what precautions you take to make it safe.
>
> The naive ones are the ones who then post with their actual email address,
> get
> more malicious spam in their Inbox, and don't know to not open it or to
> not
> click on the link inside. They get infected with the latest worm, and
> provide
> yet another bot delivering still more spam to your email box, further
> overloading your email server and bringing the spam load closer to the
> predicted
> 90% level.
>
> Please don't be a bad example to the naive users.

There's a setting on OE which says (and I have embellished a bit) "Any time
you reply, put the recipient in your address book. This way, when YOU get a
virus that spreads via the address book, you can infect not just the 4
people in your life, but the 183 you've responded to just once, each, over
the past 3 years, and then forgotten about".

Is that on by default with a fresh installation? If yes, someone at MS needs
to be taken out behind a dumpster for a little kneecap redesign.

In article >, "Doug Kanter"
> wrote:
>> I've posted news group messages using the same real E-mail address for
>> several years. Pobox.com has topnotch spam filters and blacklists
>> that stop the spam, let the real messages through, and almost never
>> make a mistake.
>
>I guess I could go check it out, but it's easier to ask you: Does pobox.com
>allow for access using OE, or is it just web-based?

Pobox.com is a forwarding service that forwards messages to one or
more E-mail addresses that you specify. So you can use it with
web-based accounts (Yahoo, Gmail, Hotmail) and with OE, Outlook,
Mozilla Thunderbird, Eudora, etc.

I forward my messages to both a web-based account and a POP3 account.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

In article >, Chuck
> wrote:
>On Sun, 13 Feb 2005 13:23:56 -0700, "Steve Winograd [MVP]"
><*email_address_deleted*> wrote:
>
>>>The hotmail address is a crap-catcher. I don't care what ends up there. What
>>>amazes me, though, is that the fake MS security emails are still flying
>>>around. That must mean there are people who live in caves and still haven't
>>>heard about that scam.
>>
>>I've posted news group messages using the same real E-mail address for
>>several years. Pobox.com has topnotch spam filters and blacklists
>>that stop the spam, let the real messages through, and almost never
>>make a mistake.
>
>The problem is not you or me, the problem is the naive ones who see your post as
>an example, without realising what precautions you take to make it safe.
>
>The naive ones are the ones who then post with their actual email address, get
>more malicious spam in their Inbox, and don't know to not open it or to not
>click on the link inside. They get infected with the latest worm, and provide
>yet another bot delivering still more spam to your email box, further
>overloading your email server and bringing the spam load closer to the predicted
>90% level.
>
>Please don't be a bad example to the naive users.

If you're saying that I'm a bad example to naive users, Chuck, I
disagree.

I agree that spam sent to addresses in news group messages is a real
problem. I described my solution: using a real E-mail address that
has topnotch spam filtering and blacklists. Some people might want to
use your solution of disguising their address. Some people might have
a different solution. There's no single solution that's right for
everyone.

You don't need to delete my address from your reply. As I said, I've
been using it in news groups for years. Pobox's blacklists reject
about 90% of the spam that I receive, and its spam filters trap the
rest. I only spend about one minute a day looking through my
messages.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com

On Sun, 13 Feb 2005 22:32:50 GMT, "Doug Kanter" <*email_address_deleted*> wrote:

>
>"Chuck" > wrote in message
...
>> On Sun, 13 Feb 2005 13:23:56 -0700, "Steve Winograd [MVP]"
>> <*email_address_deleted*> wrote:
>>
>>>>The hotmail address is a crap-catcher. I don't care what ends up there.
>>>>What
>>>>amazes me, though, is that the fake MS security emails are still flying
>>>>around. That must mean there are people who live in caves and still
>>>>haven't
>>>>heard about that scam.
>>>
>>>I've posted news group messages using the same real E-mail address for
>>>several years. Pobox.com has topnotch spam filters and blacklists
>>>that stop the spam, let the real messages through, and almost never
>>>make a mistake.
>>
>> The problem is not you or me, the problem is the naive ones who see your
>> post as
>> an example, without realising what precautions you take to make it safe.
>>
>> The naive ones are the ones who then post with their actual email address,
>> get
>> more malicious spam in their Inbox, and don't know to not open it or to
>> not
>> click on the link inside. They get infected with the latest worm, and
>> provide
>> yet another bot delivering still more spam to your email box, further
>> overloading your email server and bringing the spam load closer to the
>> predicted
>> 90% level.
>>
>> Please don't be a bad example to the naive users.
>
>There's a setting on OE which says (and I have embellished a bit) "Any time
>you reply, put the recipient in your address book. This way, when YOU get a
>virus that spreads via the address book, you can infect not just the 4
>people in your life, but the 183 you've responded to just once, each, over
>the past 3 years, and then forgotten about".
>
>Is that on by default with a fresh installation? If yes, someone at MS needs
>to be taken out behind a dumpster for a little kneecap redesign.

That, along with "Hide extensions for known file types".

A lot of folks were really naive when the internet was designed. Microsoft
followed in their footsteps. Who knew then what evil lurked in the minds?

I don't use Lookout Distress, or even regular LookOut. I know those who do
though. %(

--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net.