I 'computed' for 10 years without issue...half the time on unpatched, very old Win 98 installs. This has been a nightmare...killing me financially. My first 'hack' was some pop up out of nowhere from Installshield. I was using a machine my father had retired, with a bunch of technical stuff like Borland compiler, etc. Used it for 6 weeks...when this notice appeared out of the blue...and Installshield was on the screen. I noticed a day or so later, it had delivered about 60 'Native Image' files...and half had titles that were obvious remote management type. The firewall soon was disabled...Antivirus next...no ability to update...could not UNINSTALL the security related products, be it FW, AV, MBAM..anything. After 3 machines, 8 fresh installs, 2 different XP disks, one re-purchased new from Dell...and now Win 7...i am having the same issue. FORMULADIC ! FW, AV, UPDATES, FIND GROUP POLICY installed..YES, from the outside.( I am using Win 7 Home Premium..which does NOT have GP ) yet it loads on boot.) Admin rights are taken away...no sound...and even after using Revo...some programs remain. That's because once I DO get them out, I see links to umpteen MS Office...which is disabled for me,,,but some parts are still installed. They use these, IMO. Ive seen it with many programs from photo editors, I will NOT use Adobe --Anything--again...the list is long. THIS IS NOT A VIRUS ISSUE. Ive used EVERYTHING...(not 2 at a tme) and the only time I could get AVG in any machine....lasted 3 days...it found 5 SxS files /Native Images ..as Viruses or Trojans. Avast just found one a few days ago...same type file. 1, I need to understand and prevent this in the future,,,or I will be on the street, 2. I was given an update from MS last week and they put in 3 MSMXL Parsers...and I was flooded with SxS files again. The original same files DISAPPEARED from the install. 3. Visual C++ updates...are they also ' SxS heavy' ? In other words...next time..CAN I AVOID SOME OF THESE? JUST NOT ACCEPT THE UPDATE? 4. i KNOW i need some form of Net Framework....I believe that part of the OS wants these files 5. NOW HERE is something interesting,,,,,has anyone looked at ADMINISTRATIVE TOOLS/COMPONENT SERVICES? There ALSO lies a HUGE security hole...as the default is to have ...I assume...it was set this way when I poked around,,,but there are 50-60 items in there...ALL SET AS 'MANAGE REMOTELY' .. I unchecked a few boxes of the obvious ones (they read lke windows services ) so I unchecked Remote Registry, etc...in maybe 10of the 50-60.Com +(I believe) little brown balls that show in that area, Since I did that, this is the longest I have gone without issues...but I am afraid to be messing with areas I know nothing about. This is long....and I thank you for reading, But I need to get to the bottom of this...quick. OTL has given a report a real expert could understand, DDS and ADW Cleaner have worked..ADW, better than ComboFix. Spybot is greatly enhanced since using it 6 yrs ago...there seems to be info buried in there. THERE ARE NO ROOTKITS, MBAM might find one item before that quits working,,, so it's something to do with remote access....using the above mentioned items. I've revived this machine from cardiac arrest by 'Tweaking.com's Windows Repair,,,which does Chkdsk, SFC, sets permissions(uses the everyone option ..not secure) and reregisters files. Can I ask one of your guys who really understands the OS....to run me through some tests? I have all the tools...I have all the reports,,,I just dont know the techincal background of what they are saying. But this COMPONENTS section...WOW. The permissons were set on 'Self, Administrator, and System' ....but I'm afraid to touch anything more. Just did an ESET scan,,,,put some Sysinternal files I never use in jail...tats it. Did an AVAST boot and full scan after that...nothing. I would be eternally grateful for your help. MS.***.(my moniker) .is ,,well, I used that name on another forum...dont need Microsoft after me,,,I might spill the beans ...just read the INFs in XP...especially . defltwk.inf. The OS Installs permissions ...and you can buck this file easily...for all those accounts...from God Mode to Guest and the 15 or so in between. Thats one reason these guys can take over the ADMIN...but they wont fix it, .(The other forum ,,,well, just a 'run this, run that' place. Didn't get a real tech guy. Hopefully I will gain some answers here..and sing your praises Thanks a Million ! . so going anon on this site
