locked
OneCare Antivirus termination RRS feed

  • Question

  • I was able to terminate Windows Live OneCare 2.0 running as an admin in XP SP3 (latest updates to XP and OneCare)

    Here is how:

    Net Stop “OneCare AntiSpyware andAntivirus”

    Net Stop “OneCare Firewall”

     

    Standard TerminateProcess ends all processes. 


    This should be fixed, OneCare needs better self-protection

    Malware could easily do the same thing and infect the system with OneCare out of the way; it is crucial that it is better protected in the future.

    Please let me know what you think about this
    Monday, June 23, 2008 12:20 AM

Answers

  •  Joe35321531 wrote:


    Regardless of that fact, do you have any idea of the number of people who A) Turned off UAC due to its annoying warnings or B) are still running XP as admins?  A ton of people, millions.  At risk.   

     

    Can't do much about the choices people make. Now, about shutting down antimalware services, with physical access any antimalware or firewall can be shut down. To shut down antimalware programmatically or via an executable, an antimalware program must fail to recognize and mitigate the threat. If that happens it doesn't matter if your antimalware or firewall are turned off, your computer is owned.

    Monday, June 23, 2008 4:58 AM
    Moderator

All replies

  • That's a great argument for not operating your computer from an account with administrator priviilages. 

     

    Monday, June 23, 2008 1:12 AM
    Moderator
  • Yes, but that's just the point; malware is capable of escalating priviledges regardless of how locked down the system is, there are always exploits and ways around it. 

    Regardless of that fact, do you have any idea of the number of people who A) Turned off UAC due to its annoying warnings or B) are still running XP as admins?  A ton of people, millions.  At risk.  This is why it should be taken seriously regardless of whether or not you need local admin (which isnt hard to obtain). 
    Monday, June 23, 2008 3:14 AM
  •  Joe35321531 wrote:


    Regardless of that fact, do you have any idea of the number of people who A) Turned off UAC due to its annoying warnings or B) are still running XP as admins?  A ton of people, millions.  At risk.   

     

    Can't do much about the choices people make. Now, about shutting down antimalware services, with physical access any antimalware or firewall can be shut down. To shut down antimalware programmatically or via an executable, an antimalware program must fail to recognize and mitigate the threat. If that happens it doesn't matter if your antimalware or firewall are turned off, your computer is owned.

    Monday, June 23, 2008 4:58 AM
    Moderator