RE: spyware included in windows security updates
THE REASON THAT THIS HAPPENS IS BECAUSE THE MICROSOFT OUTLOOK EXPRESS
WINDOWS COLLABORATION TEAM HAS BEEN WORKING ON AN ALPH-PRELEASE WINFX
PLATFORM IN CONJUNCTION WITH AN OPEN SOURCE MOZzILLA PROJECT FOR YEARS!!!!!!
REMEMBER THE 1033 OFFICE WORM, IT NEVER LEFT. THE PC SAFETY GUYS ARE
UNDER THE IMPRESSION THAT THE NT_AUTHORITY IS A LEGIT FILE ....WORM 2002ish.
one reason the operating system is flawed ....none teaches these kids
anything these days!!!!!!!!!!
This practice started with the internet explorer ie sp1 patch and now
continues!!!(remember the office 1033 worm it gets worse with office 12)
THE FIX: Show your hidden FAKE soft devices they are under hidden devices
....there should NEVER BE SOFT DEVICES And then make sure you disable or
remove that device. THEN run your virus scanner ...presto it finds the
root kit. If this doesnt work, that means it is signed ...digitally ...you
must find the correlating signature so that the security catalog will find
the offending files!!!!!!!! AND FOR GOD's Sake make sure that your
Microsoft Security Catalog has not been affected ....LIKE MINE IS!!!!!!
....the device manager was designed for HARDWARE ....PORTS and Functions
from the hardware of the computer, the Mother Board resources, and for
System necessary devices. ANY soft device is a HACK or an attempt to alter
a real file. Not sure how to fix this completely yet ...need some help on
Also your BIOS ...the microsoft managed bios was an attempt at updating
through the ssl ....socket protocol, But the updates tend to forget to close
off the udp and tcp ports it leaves open and leaves your LSP vulnerable.
The LMHOST and HOST files SHOULD NOT HaVE any mention of RHINO in them.
THIS IS A MaJOR misconception. RHINO is a fake licensing code that needs to
NOTE: The Intel and AMD chips each have software on them too, and pray they
haven been breach ...again, (LIKE MINE HaVE)!!!!!!! (THE developing
community needed a new place for their trojans and worms to reside without
the scanners picking them up. (
The hkcmd will write the illegally signed file into your registry and into
the "Drive Store" system file, that will then correlate a new or existing
legitimate process to "look" for it ...and presto ...NO SCANNER finds it!!!!!
Back to the fix ....try to find the fake signature of the file, manually
search for it. CLEAN IT OUT of the files manually and make sure that no
Browser Add-ons are correlating to it. Make sure that the root certs in IE
are REMOVED too, because they all cross tie back to the Fraudulent ones.
FYI ....The Certs are for authenticating WEB sites, NOT running or
protecting your machine!!!!!! Word from the VERI-SIGN ssl group ...I
called and bitched when I thought they were responsible ...borrow their
NETWORK tool look up and trace the wins resolution of the fake cert back to
the server. (it will trace) Note ...the wins resolution sig is a very long
number with dots in between. the reason I am not writing it explicitly is
so that this answer will reach you and not be blocked because of someone
thinking I am coding this answer!!!!!!!!!!!! Or go to Veri-sign's web
site and read.
I hope this helped!!!!!
NEED JOB ...any takers??????
> can someone please explain to me why, after downloading and express
> installing windows security updates on my clean windows xp system, i have to
> immediately run my freedom antispyware program and remove at least a half
> dozen spyware programs from my system? midaddle seems to be the most popular
> included spyware program. what's up with that? who am i protecting my
> system from -- hackers or microsoft?? thanks!