Might be of interest.

[2senile]

Or not. :?

http://www.3dvelocity.com/cgi-bin/i...b11cda4619167a01b4ffb53c347;act=ST;f=3;t=1063

As the thread is originally about free 512MB of Ram & the bit I'm bringing to your attention starts on page 2 I'll "quote" what I posted.

Now you're mocking my letter!

To coninue the theme of my letter tho; when a system doesn't let you install anti-virus software ....

When a system doesn't let you install your software Firewall ....

When a system doesn't let you reinstall Windows XP from your CD & you have to use a Linux CD just to delete the Partition so you can reinstall Windows XP, I think it might be the time to consider the way you use your system, research the dangers of the internet, bloody stop clicking "Yes" on every pop-up, think about what programmes & files you download & think about what sort of sites you are visiting.

Basically, just think about the hazards, use common sense & at least find out how to take simple measures to protect your PC.

I'm posting this from a PC that was dropped off for me to sort out btw.
Rather strange, wouldn't let me install anti-virus software etc.

EDIT: Oh yeah, I'm charging the usual fee. 24cans of Carlsberg. Payment in advance so I've got them already.

Yaaaay, boooooze.

Safe mode didn't work, booting from the XP CD immediately brought up a "cannot proceed" type of error message.

I did power off in case there was something in ram & was thinking maybe the Cmos had been written to but everything seems fine now.

Got rid of a few unknown bits in Windows Proc' & add/remove but they came back after a reboot. search didn't work at all so I couldn't even find where some suspicious sounding files were.

& opening the "services" gave me exactly the same as the search window .... a completely empty window

Quote (CitrusC @ Jan. 19 2005,08:22)
Didn't you regedit them out? or msconfig, of course.

Yep.

Well, sort of. Msconfig worked but regedit didn't.

The system had 3 users, all with Admin' rights, no passwords but when I went to manage User Accounts ....... there was one (unknown) user & it required a password.

I've had this system here before btw. June last year. The users just blindly use it. I expect if a Window came up telling them to disable anti-virus/Firewall etc, because they conflicted with Warez.exe, they would do it.


EDIT: I think it had over 30,000 infected files on it last time.

I think i remember you posting about that.

This system had something in the region of 19,000 spyware/adware/malware items on it last year. The 30,000+ infected files were virus victims.

Another strange thing about this is that I tried to set the HD up as a slave in my 98SE system &, while it was recognised in the Bios & in Windows device manager, it didn't show up in "My Computer". Set lastdrive to Z & it still didn't show up.

Tried it as Master on the IDE channel in my XP system with the Sata drive booting & it didn't show up there as well.

Now, it's not urgent or anything as I'm happily doing Windows updates after formatting but I'm a little bit curious if anybody else has seen this sort of thing.

 

[MfA]

I have fucked up HDs so badly dos/win98 wouldnt even format them anymore long ago (a linux guru zero'd out the first couple of KB on the disk for me with dd, then I could format it again).

BTW you are sure the drive isnt NTFS?

Personally I think the only thing to do with a system like this is to backup the data and whipe the HD.

 

[2senile]

I have fucked up HDs so badly dos/win98 wouldnt even format them anymore long ago (a linux guru zero'd out the first couple of KB on the disk for me with dd, then I could format it again).

BTW you are sure the drive isnt NTFS?

Personally I think the only thing to do with a system like this is to backup the data and whipe the HD.

Ooops, it was NTFS. Still doesn't explain why my XP system didn't show it tho.

As for backing up, it was a bit of aproblem there as well. The owner told me that it was impossible to burn a CD but i eventually managed that & saved their holiday Pics.

Personally I think the only thing to do with a system like this is to backup the data and whipe the HD

Personally, I think the only thing to do with the users of a system like this is to beat them around the head with a 2*4.

 

[_xxx_]

(L)users!

 

[jvd]

if you know this couple give them a decent browser for pop ups like avant browser and use sp 2 for a fire wall (since its free ) and a second pop up blocker .


Teach them how to take care of the system

 

[MasterBaiter]

*meh* I'm gonna go into evil tech mode. I'd be very inclined to just do a burn & purge on the HD. If these vermints don't know "safe computing".... they'll just have to deal with the consequences.

 

[2senile]

@jvd. I've known them for over 20 yrs! Used to fix the 486. I've taught them loads of times how to look after the system but it doesn't seem to sink in.

& SP2 was on. It wouldn't surprise me if they clicked "yes" on a pop-up to bypass its meagre security protection.


I think the real culprits are the two teenage children.

@MasterBaiter. I did a purge & burn. They sidestep the consequences of negligent computer use by giving it to me to sort out. At least i get my booze out of it.

 

[Albuquerque]

So obviously you need to look into local machine policy.

Set an administrator account with a password they will never know. Create two seperate user accounts, members of the "user" group only. Then use the MMC console, add the Group Policy component, and start stripping it down to the bone. Finally, you need to strip all rights for your little Administrator's user ID to read the C:\Windows\System32\GroupPolicy folder... This way all the evil lockdown policy you just applied will not be read by your Administrator ID when logged in.

We've got a ton of machines locked down beyond all recognition at our office, to the point where you cannot access any local drives, nor manipulate your desktop, nor make any system changes, you can't even so much as shut the system down.

Using only the built-in Windows XP firewall from the original install (no service pack) and leveraging absolutely zero windows updates along with Symantec Client Security package, those machines have uptimes in the 100+ days and have given us exactly ZERO issues over two years.

Group policy > stupid users

 

[2senile]

Problem is, it is "their computer". I have no right to restrict what they can do on "their computer".

& if they didn't screw it up they wouldn't send it around to me to sort out & I wouldn't get a case of Lager.

Seriously tho, I've spent decades sorting out simple problems on computers belonging to friends & others & this was the worst I've had to deal with. In the past just hunting down a few naughty executables was enough.

Do you reckon the symtoms I posted about are the result of simple user "screw-up" or are the "leet hackers" getting clever?

 

[T2k]

We've got a ton of machines locked down beyond all recognition at our office, to the point where you cannot access any local drives, nor manipulate your desktop, nor make any system changes, you can't even so much as shut the system down.

I can't imagine how anything like can happen... IT staff should be replaced.

Using only the built-in Windows XP firewall from the original install (no service pack) and

Windows Firewall is completely unnecessary in corporate environment, moreover it's actually rather bad than good, generates more problem and useless, unnecessary when you're already behind a pro-grade firewall, not to mention it's utterly silly.

leveraging absolutely zero windows updates along with Symantec Client Security package,

Not having ANY Windows Updates installed is probably the worst idea I ever heard... no wonder you "got a ton of machines locked down beyond all recognition" problem.

those machines have uptimes in the 100+ days and have given us exactly ZERO issues over two years.

Yeah, I can imagine - the IT staff apparently doesn't even know what's going on on their machines...


I have way over 100+ machines here, all up to date, no WF on any of them and yet I never had to deal with these problems.

Domain policies and such tools are not for replacing OS patches - whoever is in charge for this garbage setup you described here, should be fired immediately.

Group policy > stupid users

Clueless IT staff > Group policy > stupid users

Your IT team should be fired, believe me.

 

[karlotta]

can you say Firefox? can you say syspartion, Datapartion.? Can you say slipstream with recenthotfixes? Can you say YOU are the only ADMIN. Hide hide hide all that is sys adminny. I just took IE out of a rig (new Nlite) left the core tho, so they cant screw up there install.

 

[karlotta]

We've got a ton of machines locked down beyond all recognition at our office, to the point where you cannot access any local drives, nor manipulate your desktop, nor make any system changes, you can't even so much as shut the system down.

I can't imagine how anything like can happen... IT staff should be replaced.

Using only the built-in Windows XP firewall from the original install (no service pack) and

Windows Firewall is completely unnecessary in corporate environment, moreover it's actually rather bad than good, generates more problem and useless, unnecessary when you're already behind a pro-grade firewall, not to mention it's utterly silly.

leveraging absolutely zero windows updates along with Symantec Client Security package,

Not having ANY Windows Updates installed is probably the worst idea I ever heard... no wonder you "got a ton of machines locked down beyond all recognition" problem.

those machines have uptimes in the 100+ days and have given us exactly ZERO issues over two years.

Yeah, I can imagine - the IT staff apparently doesn't even know what's going on on their machines...


I have way over 100+ machines here, all up to date, no WF on any of them and yet I never had to deal with these problems.

Domain policies and such tools are not for replacing OS patches - whoever is in charge for this garbage setup you described here, should be fired immediately.

Group policy > stupid users

Clueless IT staff > Group policy > stupid users

Your IT team should be fired, believe me.

you didnt understand him. But there ya go... Lock down means not locked up, they are locked down to be very very simple rigs on a network. Ya IT staff should be fired... whatever, maybe its the owners who dont want the new SPs and updates....

 

[Albuquerque]

I can't imagine how anything like can happen... IT staff should be replaced.

Perhaps you don't understand the situation? Ever consider that possibility?

Windows Firewall is completely unnecessary in corporate environment, moreover it's actually rather bad than good, generates more problem and useless, unnecessary when you're already behind a pro-grade firewall, not to mention it's utterly silly.

Did I say this was a corporate environment? Did I say it was behind a pro-grade firewall? Are you just going to continue assuming everything?

Not having ANY Windows Updates installed is probably the worst idea I ever heard... no wonder you "got a ton of machines locked down beyond all recognition" problem.

Uh, yeah, you really don't understand anything I just said. Firewall keeps things from sneaking in while sitting on the high speed connection. Symantec Client Security assists greatly in keeping not only viruses off, but also any other remaining forms of spyware that we cannot somehow innoculate against by way of locking down the registry and drive availabilities.

The lockdown we're talking about is total USER lockdown, ie they have no rights to all the things I was describing. No registry rights. No local drive rights. No desktop rights. No control panel rights. No IE security settings rights. No ability to manipulate system services. User ID required to start the machine. No ability to manipulate event logs. No ability to install or remove or change programs. No ability to even so much as change the screen saver, background art, desktop resolution, hell they can't even change the time on their taskbar clock.

Understand a little better now?

Yeah, I can imagine - the IT staff apparently doesn't even know what's going on on their machines...

Very much the opposite.

I have way over 100+ machines here, all up to date, no WF on any of them and yet I never had to deal with these problems.

The corporate PC's that I manage at my day job exceed 18,000, no windows firewall on any of them, and I too don't deal with these problems. Can you guess why? I bet you could assume if nothing else!

Domain policies and such tools are not for replacing OS patches - whoever is in charge for this garbage setup you described here, should be fired immediately.

Perhaps they're not on a domain? Perhaps even purposely? There's a slight possibility that you don't have the first clue what's going on with these machines. Perhaps?

Me > assumptions

 

[T2k]

I can't imagine how anything like can happen... IT staff should be replaced.

Perhaps you don't understand the situation? Ever consider that possibility?

Perhaps. Convince me.

Windows Firewall is completely unnecessary in corporate environment, moreover it's actually rather bad than good, generates more problem and useless, unnecessary when you're already behind a pro-grade firewall, not to mention it's utterly silly.

Did I say this was a corporate environment? Did I say it was behind a pro-grade firewall? Are you just going to continue assuming everything?

You said in office. Based on the other thread, you have some general problem what words mean...

Not having ANY Windows Updates installed is probably the worst idea I ever heard... no wonder you "got a ton of machines locked down beyond all recognition" problem.

Uh, yeah, you really don't understand anything I just said. Firewall keeps things from sneaking in while sitting on the high speed connection. Symantec Client Security assists greatly in keeping not only viruses off, but also any other remaining forms of spyware that we cannot somehow innoculate against by way of locking down the registry and drive availabilities.

The lockdown we're talking about is total USER lockdown, ie they have no rights to all the things I was describing. No registry rights. No local drive rights. No desktop rights. No control panel rights. No IE security settings rights. No ability to manipulate system services. User ID required to start the machine. No ability to manipulate event logs. No ability to install or remove or change programs. No ability to even so much as change the screen saver, background art, desktop resolution, hell they can't even change the time on their taskbar clock.

Understand a little better now?

Still can't imagine how ANYBODY, who knows how to set up a domain properly, can be inthis situation.

This is ignorance at its best.

Not to mention the fact I still didn't get any answer why no WU patches have been installed - that's the lamest crap I ever heard.

Yeah, I can imagine - the IT staff apparently doesn't even know what's going on on their machines...

Very much the opposite.

Suure. No updates on the OS, the sign of the real expertise, right?

I have way over 100+ machines here, all up to date, no WF on any of them and yet I never had to deal with these problems.

The corporate PC's that I manage at my day job exceed 18,000, no windows firewall on any of them, and I too don't deal with these problems. Can you guess why? I bet you could assume if nothing else!

How about their OS patches, fella? Should I assume... ?

Domain policies and such tools are not for replacing OS patches - whoever is in charge for this garbage setup you described here, should be fired immediately.

Perhaps they're not on a domain? Perhaps even purposely? There's a slight possibility that you don't have the first clue what's going on with these machines. Perhaps?

Perhaps what's good to NOT to have a domain on computers working ijn the same office, same LAN but rather keep them as separated machines, running crappy Windows Firewall but not installing ANY updates?

Perhaps this doesn't make any sense? Perhaps it's the most clueless setup anybody can imagine?

Me > clueless, self-indulged presumptive people

You got it wrong, fella: you = clueless, self-indulged presumptive people.

It'sm classic wishywashy now. First it was an office, now it's not a corporate something. Machines are working together in an office, on the same network obviously but, no, no domain because it's much better running Windowses WITHOUT ANY PATCH but with WFirewal enabled on all of them - riiiiight...

 

[Albuquerque]

You assume way too much.

You assume this office is part of a bigger corporation. It is not.

You assume this office has the money to put in a full Active Directory domain system. It does not.

You assume the version of XP being used is capable of being ON a domain. It is not.

You assume this office has a full time IT staff that can coordinate security, patch management and user management. It does not.

You assume this office network is somehow physically secured so that other (ie NON MANAGED) PC's cannot connect. It is not.

It is YOU that has a hard time understanding the words being shown on your screen, AS EVIDENCED by your continuous fighting and namecalling on things that YOU convey or interpret incorrectly. I know that this is partially due to the problem that english is not your first language. That's fine, I accept that.

However, you need to immediately stop blaming your communicative shortcomings on everyone else. If you don't understand, you need to ask for clarification rather than assuming everything and talking as if you're in some position of authority.

You are not.

 

[Albuquerque]

Hehehe, oddly enough, that seemed to have shut him up; across two threads even! I'll have to remember this for the next time he starts to spew nonsense like a broken lawn prinkler...

 

[ANova]

Hehehe, oddly enough, that seemed to have shut him up; across two threads even! I'll have to remember this for the next time he starts to spew nonsense like a broken lawn prinkler...

Congradulations, you succeeded where I failed.

 

[{Sniping}Waste]

The newer adware hijacks store a hidden DLL in the system32 folder. One of the worst one is About Blank and is a real pain to remove because it respawns its self if you don't remove the hidden DLL.

 

[T2k]

You assume way too much.

You assume this office is part of a bigger corporation. It is not.

Who said it's a bigger corporation.

You assume this office has the money to put in a full Active Directory domain system. It does not.

Wow, serious money, huh?

I'm having hard time to imagine such company with several workstations where no budget for a $500-worth server OS...

You assume the version of XP being used is capable of being ON a domain. It is not.

As I thought: whoever organized this, that was a lamer.

You assume this office has a full time IT staff that can coordinate security, patch management and user management. It does not.

Wow. I should play lottery - exactly as I have said, fella. Some lamer.

I wonder if you have anything to do with this garbage setup...

You assume this office network is somehow physically secured so that other (ie NON MANAGED) PC's cannot connect. It is not.

Another niuce evidence about your utter lack of knowledge: in this case a separate domain is mandatory (imperative mode!).

It is YOU that has a hard time understanding the words being shown on your screen, AS EVIDENCED by your continuous fighting and namecalling on things that YOU convey or interpret incorrectly. I know that this is partially due to the problem that english is not your first language. That's fine, I accept that.

Magically nobody else had any problem before you, moreover I have meetings on daily basis about deep technical things, contexts etc.

So perhaps it's not an exaggeration when I say it's YOU who has a little bit "slow" mind, namely incapable to follow a pretty simple logical line without external help.
Too bad you apparently did not get any professional in time, under the age of 10...

However, you need to immediately stop blaming your communicative shortcomings on everyone else.

It's only you and your alter ego, ANova.

What a magical accident that you guys appeared at the same time and you guys have the magically same "slow mind" and always on the same spots...

If you don't understand, you need to ask for clarification rather than assuming everything and talking as if you're in some position of authority.

So let's count what I said: I said WF is unncessary in a corporate environment - I was right, I said not having ANY Windows Updates installed is probably the most ruidiculous, lamer idea I ever heard - I was right, I said your IT staff/person is completely clueless, useless, lamer, don't worth a cent, should be fired - I was right.

You are not.

Yes, I was right on ALL my point, fella. And you are clueless, it's clear now. Even more clueless than you were on R9200/Mac subject...

 

[DudeMiester]

@T2k

I don NOT mean this as an insult, but generally speaking it's easier to get your point across if you don't resort to verbal abuse. Also, presenting detailed counter arguements and explainations as to why the points you are arguing are wrong is a very good method of furthering your argument. Simply stating your opinion with nothing to back it up is a very bad idea. Keeping these guidelines will make you much more successful in discussions.

Now as for my evidence to support what I say:

Well, please don't be offended, but this is my 7th post on these forums, I've never seen you before, but you already look like an idiot. By form alone I would never believe you.