From: Ellen K. 

Yikes.

On Mon, 21 Feb 2005 14:31:22 -0500, "Geo."
 wrote in message :

>I found this interesting because it appears to be something spyware is
>currently doing.
>
>Geo.
>
>http://habaneronetworks.com/viewArticle.php?ID=144
>
>I was just poking around with the Windows Firewall on my system. When I went
>to look at the exceptions, I was confronted with an entry that I couldn't
>recognize, rk.exe. Rk.exe was allowed full access to and from my computer. I
>did a quick search for rk.exe on the internet and came across
>ProcessLibrary's website which stated the following about rk.exe:
>
>rk.exe is a process that belongs to a software from RelevantKnowledge. The
>software monitors how you use the Internet as well as displays various
>surveys in popup windows. This process should be removed to protect your
>personal privacy. For more information visit their privacy policy agreement
>at http://www.relevantknowledge.com/Agreement.htm
>
>Let's see, RelevantKnowledge, um, never heard of them, I know what software
>I have installed, and none is from this company. Anyway, what else does it
>say? Um, 'The software monitors how you use the Internet', well, this can't
>be too good, ok then, how about 'displays various surveys in popup windows'.
>so let's add it up:
>
>Never heard of the company        Bad
>Monitors My Internet Activity     Bad
>Displays Popups                         Bad
>
>
>Well, to me, this does look like spyware and adware. It is spyware because
>it is monitoring and probably recording information about where I am going
>and what I am doing on the Internet. It is also adware because of the nice
>popups it will provide me.
>
>Well, I actually have never seen any activity from rk.exe on my system, and
>infact, the file doesn't even exist. I must have cleaned it out with a
>spyware remover like, AdAware or Webroot's Spysweeper. The point of the
>matter is that this entry has found it's way into my Windows Internet
>Connection Firewall Exceptions list without my knowledge. And as it turns
>out, isn't that hard to do.
>
>As long as the person currently logged into the computer has Administrative
>privileges, an application can easily add an entry into the
>HKEY_LOCAL_MACHINE/SYSTEM/Services/.../FirewallPolicy/StandardProfile/Author
>izedApplications/List/ key that will allow any application full rights to
>and from the computer without the user's interaction or knowledge.
>
>
>Just because you think that Microsoft and their supposedly secure Windows
>Firewall is running doesn't mean that your safe. You must check the settings
>of the firewall regularily. Always scan your system at the minimum once a
>week with the anti-spyware tools and ensure that you run SpywareBlaster
>everytime you use your computer.
>
>For more information about SpywareBlaster please visit here, for more
>information about anti-spyware and anti-adware products, please read a full
>review of the top 5 ad / spyware fighters at:
>http://habaneronetworks.com/viewArticle.php?ID=95.
>
>
>If you are currently using Window's own firewall to protect you, either
>ensure that there are no unknown exceptions or find a better firewall.
>

--- BBBS/NT v4.01 Flag-5