From: "Glenn Meadows" 

Agreed, you'll know it's going out to look/connect, but with Teatime,
you'll know it's trying to be installed.

--

Glenn M.
"Geo."  wrote in message
news:421a3f7a$1{at}w3.nls.net...
>I use sygate firewall, you can't bypass it this easily.
>
> Geo.
>
> "Glenn Meadows"  wrote in message
> news:421a3ec7$1{at}w3.nls.net...
>> Consider running SpyBot S&D "Teatimer" resident registry track
> program...it
>> will popup anytime anything attempts to make a registry entry, and allow
> you
>> to accept the registry change or not.  It can also log the change for
>> you,
>> so you know exactly what keys were added or changed by the changing
> program.
>>
>> --
>>
>> Glenn M.
>> "Geo."  wrote in message
news:421a36cd$1{at}w3.nls.net...
>> >I found this interesting because it appears to be something spyware is
>> > currently doing.
>> >
>> > Geo.
>> >
>> > http://habaneronetworks.com/viewArticle.php?ID=144
>> >
>> > I was just poking around with the Windows Firewall on my system. When I
>> > went
>> > to look at the exceptions, I was confronted with an entry that I
> couldn't
>> > recognize, rk.exe. Rk.exe was allowed full access to and from my
> computer.
>> > I
>> > did a quick search for rk.exe on the internet and came across
>> > ProcessLibrary's website which stated the following about rk.exe:
>> >
>> > rk.exe is a process that belongs to a software from RelevantKnowledge.
> The
>> > software monitors how you use the Internet as well as displays various
>> > surveys in popup windows. This process should be removed to protect
>> > your
>> > personal privacy. For more information visit their privacy policy
>> > agreement
>> > at http://www.relevantknowledge.com/Agreement.htm
>> >
>> > Let's see, RelevantKnowledge, um, never heard of them, I know what
>> > software
>> > I have installed, and none is from this company. Anyway, what else does
> it
>> > say? Um, 'The software monitors how you use the Internet', well, this
>> > can't
>> > be too good, ok then, how about 'displays various surveys in popup
>> > windows'.
>> > so let's add it up:
>> >
>> > Never heard of the company        Bad
>> > Monitors My Internet Activity     Bad
>> > Displays Popups                         Bad
>> >
>> >
>> > Well, to me, this does look like spyware and adware. It is spyware
> because
>> > it is monitoring and probably recording information about where I am
> going
>> > and what I am doing on the Internet. It is also adware because of the
> nice
>> > popups it will provide me.
>> >
>> > Well, I actually have never seen any activity from rk.exe on my system,
>> > and
>> > infact, the file doesn't even exist. I must have cleaned it out with a
>> > spyware remover like, AdAware or Webroot's Spysweeper. The point of the
>> > matter is that this entry has found it's way into my Windows Internet
>> > Connection Firewall Exceptions list without my knowledge. And as it
> turns
>> > out, isn't that hard to do.
>> >
>> > As long as the person currently logged into the computer has
>> > Administrative
>> > privileges, an application can easily add an entry into the
>> >
> HKEY_LOCAL_MACHINE/SYSTEM/Services/.../FirewallPolicy/StandardProfile/Author
>> > izedApplications/List/ key that will allow any application full rights
> to
>> > and from the computer without the user's interaction or knowledge.
>> >
>> >
>> > Just because you think that Microsoft and their supposedly secure
> Windows
>> > Firewall is running doesn't mean that your safe. You must check the
>> > settings
>> > of the firewall regularily. Always scan your system at the minimum once
> a
>> > week with the anti-spyware tools and ensure that you run SpywareBlaster
>> > everytime you use your computer.
>> >
>> > For more information about SpywareBlaster please visit here, for more
>> > information about anti-spyware and anti-adware products, please read a
>> > full
>> > review of the top 5 ad / spyware fighters at:
>> > http://habaneronetworks.com/viewArticle.php?ID=95.
>> >
>> >
>> > If you are currently using Window's own firewall to protect you, either
>> > ensure that there are no unknown exceptions or find a better firewall.
>> >
>> >
>>
>>
>
>

--- BBBS/NT v4.01 Flag-5