From: Gregg N 

Geo wrote:
> "John Beckett" 
wrote in message
> news:345es1lej6riqg3jbjbqf5j3hdfks9i3ob{at}4ax.com...
>
>
>> 2.  If a user visited the website, eEye could run a program as that user.
>> 3.  If an admin visited the website, eEye could own the computer.
>>
>> Note that (2) does NOT mean owning the computer because there are no known
>> privilege escalation techniques on a patched and recent Windows system.
>>
>
> 2 is not required to compromise the machine and use it for a bot network, a
> spambot, or to infect it with adware that causes popups all the time.
>
> 2 is not required to divert you to a website that looks like ebay or paypal.
>
> 2 is not required to make the modem hang up and dial a 900 number.
>
> 2 is not required to access your quicken files.
>
> 2 is not required to send virus infected emails from your machine or to pull
> all the names and email addresses from your address book, or to forward
> copies of all your email.
>
> 2 is not required to edit most parts of your registry used to startup
> programs on boot or to add something to your start folder.
>
> 2 is not required to access your AIM client or to infect all the files in
> your emule incoming directory.
>
> So again I ask, what do you gain? The piece of mind that a remote hacker
> can't possibly add a local printer, install a digital camera, or make a new
> memory stick work for the first time?
>
> Geo.
>
>
>

No, the piece of mind that you can know that certain subdirectories and
registry keys could not possibly have been modified by the thing, and that
you can be sure that the integrity of the operating system itself has not
been compromised, so that you can log in as administrator and restore the
system to the way it was before the infection. If you run as admin, you
never can be quite sure without reformatting and reinstalling everything.

Gregg

--- BBBS/NT v4.01 Flag-5