Solved Twin Issues in Windows Explorer That Occur 'Only' In Safe Mode

My HP Pavilion DV6516TX Notebook has 32 bit Windows Vista Home Premium with Service Pack 2 installed. Lately i have noticed two (i think mutually related) issues in my system with details as mentioned below: These two issues occur only in Safe Mode and surprisingly not at all in normal boot mode. 1. If i right click on 'My Computer' (to open it in 'explore mode') in Safe Mode the system hangs. 2. If however i double click 'My Computer' in Safe Mode, Windows Explorer then opens in 'open' mode. In the Windows Explorer window that opens, if i right click on any folder or file again the system hangs. If however instead of this i left click on a folder or file in the window and then click the 'File' Menu on top, surprisingly the right click Options all become visible. Strange isn't it? I request anyone who possibly can to please come forward and help me resolve these issues. Thanks in advance.

Well, there wasn't anything showing up in your OTL snippet, nor SFC. Hmmmm.

So, what could possibly be the next step in the diagnosis and use of some more investigative tools or altogether some different tack to get at the root of these issues? What galls me is that these issues occur only in safe mode so i am thinking on the lines of what difference does it entail really when the OS boots in safe mode in comparison to that when it boots in normal mode. Only that less drivers and services load up in safe mode in an altogether restricted environment. Somehow i think it probably may have to be an issue in the shell right context menu handlers in safe mode due to which these issues are cropping up. What do you think, Richard? The good thing is that it really affects nothing from a User's point of view because one rarely boots up into Safe mode and even when in that mode i do have a workaround available.

Since no responses from other Posters have been received as yet although around seventy odd have read my thread it seems this is really a rare one and i think the issues seem not so interesting for people to apply their brains to them.

I want to pick up your thoughts on this.

Try a clean boot
How to troubleshoot a problem by performing a clean boot in Windows Vista or in Windows 7

If it does not work properly, put back the programs, one by one, to find the culprit. You will be following the instruction, but in reversed. The clean boot is suppose to help the computer work properly, not improperly.

Is this contiued from other thread since Richard talks about reports which aren't in your posts here? Can you provide a link to that other thread please so we can catch up to where you are?

Thanks!

It just doesn't make sense. Only Windows Defender is booting up additionally in Safe Mode. Shell Context Handlers are not enabled in Safe Mode, and the workarounds would not work. No corruptions have been found. The workarounds do work. It appears to be an issue with explorer.exe sometimes (Safe Mode only) but not a corruption. I don't really know what to say. The entire thing just does not add up/make sense.

Lorien said:

Is this contiued from other thread since Richard talks about reports which aren't in your posts here? Can you provide a link to that other thread please so we can catch up to where you are?

Thanks!

Click to expand...

Here is the Link of the other thread: http://www.vistax64.com/general-dis...ller-service-how-reinstall-2.html#post1294540

You have to go to page 2 of that thread to see all what transpired in the meantime.

richc46 said:

Try a clean boot
How to troubleshoot a problem by performing a clean boot in Windows Vista or in Windows 7

If it does not work properly, put back the programs, one by one, to find the culprit. You will be following the instruction, but in reversed. The clean boot is suppose to help the computer work properly, not improperly.

Click to expand...

Could be worth a try as a repetitive long time-taking investigative method to isolate the guilty program or service but for the specific point mentioned in the 'Note' in the link you posted about all of the system restore points being lost. So, in the light of this aspect do you think it is worth it?

As the other Rich mentioned, unique problem. I do not have an easy solution, only you can decide if the time is worth it. Why not give it a go and see if Clean Boot does create the problem, if it does not all is academic.

niemiro said:

It just doesn't make sense. Only Windows Defender is booting up additionally in Safe Mode. Shell Context Handlers are not enabled in Safe Mode, and the workarounds would not work. No corruptions have been found. The workarounds do work. It appears to be an issue with explorer.exe sometimes (Safe Mode only) but not a corruption. I don't really know what to say. The entire thing just does not add up/make sense.

Click to expand...

Could Malware be capable of doing this to explorer.exe solely in Safe Mode?

FAO: niemiro - Reply to your post #6 and after my post #10 above.

So, Richard, considering your non-response could it be that you are thinking in terms of 'this could be another case that i failed to resolve satisfactorily'? And did you in the privacy of your mind award yourself 0/10 marks for this specific case?

If in case you were thinking on these lines i want to 'surprise' you entirely by telling you point blank that you have already 'completely resolved' this case and you are straightaway awarded 10/10 marks.

Richard: Prashant, i don't understand how you can state that because i haven't a clue as to the solution? I already stated in my last reply that ' I don't really know what to say. The entire thing just does not add up/make sense.'

Prashant: But it surely does make sense and it is upto the User in the specific situation to make sense out of the expert's response. Sir, actually when you mentioned in your last reply that 'only Windows Defender is booting up additionally in safe mode' that signaled to me the exact 'cue' to pick up. It is always really upto the 'User' facing a specific issue to ask the right questions to a 'technical expert' is what i believe and based on the response of the expert to use that response in resolving the issue.

So i started thinking that probably due to some reason or the other ( which although i don't still understand exactly which one of these specifically but maybe due to malware, maybe specifically an intelligent and network aware rootkit or virus 'by stealth' attack or 'remote code execution' or just simple plain 'corruption') Windows Defender maybe is not behaving as it should.

So, i searched in Google along these lines with appropriately phrased 'expressions' and 'keywords'. And that led me to 'Microsoft Security Essentials'. Now as you already know when 'Microsoft Security Essentials' is installed on a Win Vista system what it does is to 'disable' the default Windows Defender in Vista and replace it with its own 'version'.

So i did the obvious by first completely uninstalling the 'bloatware' but i feel effective Norton Internet Security' and associated Symantec products, rebooted, then used the Norton Removal Tool for good measure, then again rebooted, and then downloaded and installed Microsoft Security Essentials and again rebooted. After that updated its definitions and scanned the system 'using the full scan' and even later used rkill, rkunhooker, and Prevx, and Sophos Anti-rootkit sequentially one by one purely on 'grounds of suspicion' of a rootkit. I still do not know whether there was a rootkit on my system or not!!!

Thereafter i went into 'Safe Mode' and there i found that on right clicking 'My Computer' i could get the right click Menu options all of them to be displayed and then on clicking the 'explore' option it opened Windows Explorer as it should. I then right clicked on a file in Windows Explorer and that displayed all the required right click options. I clicked on the 'File' Menu option on top and that action displayed all the required drop down options as it should.

So, although i still don't know whether or not the 'default' Windows Defender in my Vista system is behaving as it should (which i can only find out on uninstalling MSSE), but at least now everything is normal and the specific issues 'stand' resolved as far as already described by me above in my original post #1 in this thread. And that is that.

If you can suggest some further course of action if any or just provide me some related advice or precautions to take for the future to preempt such issues, you are most welcome to.

After your response i will tilt the 'scales' in your favor. Thank you so much, Richard Sir. Then this case can be marked as completely resolved and 'closed'.

Congratulations! That was some fantastic work! I was just going to come back today to say that I could not think of anything at all, and no body else seemed to know anything, but then you solved it! Firstly: no +rep for me. I am serious.

It is still very curious. Even after your success, I still cannot make head nor tail of it. It must have been some sort of corruption that has now been overwritten/deleted, but it still makes no sense.

Rootkits are notoriously difficult to catch. Better written rootkits cannot be picked up by ANY piece of anti-rootkit software, and that is not a joke. However, your PC is not really showing any signs of a rootkit, so I think you are good to go, unless you want Jacee (our malware removal specialist) to do a PC checkup.

Well done again, and I am so sorry that I was not of more help,

Richard

FAO: niemiro Reply to your post #12 Okay, but i am disappointed that you do not want to take any credit for leading me up the right path. But really why do you think that you cannot make head or tail of it? The issues are no more there, so? Please do depute your malware expert Jaycee to do a thorough check on my system. I think it is long overdue that i check my system for any security loopholes using an expert's help. Thanks in advance.

pm2397 said:

FAO: niemiro Reply to your post #12 Okay, but i am disappointed that you do not want to take any credit for leading me up the right path. But really why do you think that you cannot make head or tail of it? The issues are no more there, so? Please do depute your malware expert Jaycee to do a thorough check on my system. I think it is long overdue that i check my system for any security loopholes using an expert's help. Thanks in advance.

Click to expand...

Because I did a pretty bad job! Anyway, I still cannot understand how one button works, but another doesn't. It just doesn't make sense to me, but maybe that is just me.

I will start off. If we need to, we can call for Jacee.

STEP 1: Clean Temp files:

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

STEP 2: MBAM:

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

STEP 3: Secunia PSI:

Old programs contain vulnerabilities that allow malware onto your system. Best to update them all.

Download it from here: PSI - Consumer - Products

See if you can update everything picked up.

After that, come back here, and we can see about some preventive measures.

Richard

FAO: niemiro - Reply to your post #14.

First of all i realize and acknowledge that i wrote 'Jacee' incorrectly as 'Jaycee' in my last post. Sorry. I was careless.

STEP 1: TFC cleaned out Temp. Internet Files and the Windows Temp Files altogether of 7,234 MB (that is a huge amount of wasted space released. Thanks to you and Good Old Timer!). Had never used any such cleaning program ever on my system. System rebooted automatically.

Step 2: Please find below the log of the full scan for MBAM.

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Database version: 4973

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

10/29/2010 03:45:52
mbam-log-2010-10-29 (03-45-52).txt

Scan type: Full scan (C:\|)
Objects scanned: 442955
Time elapsed: 10 hour(s), 27 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Prashant Mujumdar\AppData\Local\Temp\IXP000.TMP\bot.exe (Worm.P2P) -> Delete on reboot.

That straightaway indicated to me to remove the Utorrent program on my system and i uninstalled that together with the permanent deletion of all the downloaded files through that application and any related installations. So that makes it an important security loophole plugged.

On Reboot Step 3: Secunia PSI scan shows Insecure programs = 0, End-of-life programs = 0, but in Secure Browsing it shows both Mozilla Firefox (latest version 3.16.12) and Internet Explorer (version 8) as vulnerable, but also states that currently there are no solutions. These browsers are insecure it states because of the still vulnerable Adobe Reader (version 9.4), Adobe Flash Player 10.x (latest version from Adobe), and VLC Media Player (latest version 1.1.4). Secunia PSI also shows all other programs on the system as Patched.

So thereafter 'i am back here' for further necessary instructions as may be required.

I have already belatedly used some common sense and changed the 'default' factory set password of my Broadband Router, so that is a network security loophole plugged i think. Wireless security is on WPA2(TKIP + AES) encrypted Security Key and i use a 'strong password' for that. Please also inform what other 'usually missed' security aspects of my system and its network environment can be plugged to the extent practically possible. Plus the usual precautionary measures to undertake to prevent to the extent possible such intrusions in future.

Prashant

Hello again!

First of all i realize and acknowledge that i wrote 'Jacee' incorrectly as 'Jaycee' in my last post. Sorry. I was careless.

Click to expand...

Don't worry about it! It has been a pleasure working with you! Why can't everyone be as attentive to detail and as awesome as you!?

STEP 1: TFC cleaned out Temp. Internet Files and the Windows Temp Files altogether of 7,234 MB (that is a huge amount of wasted space released. Thanks to you and Good Old Timer!). Had never used any such cleaning program ever on my system. System rebooted automatically.

Click to expand...

It builds up more than you realise. I would recommend running TFC once a month. Don't do it any more than this, as then you get people who get obsessed with cleaning - sometimes up to every hour. This does no good, and actually slows the system down - a lot. Once a month is good.

Step 2: Please find below the log of the full scan for MBAM.

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Database version: 4973

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

10/29/2010 03:45:52
mbam-log-2010-10-29 (03-45-52).txt

Scan type: Full scan (C:\|)
Objects scanned: 442955
Time elapsed: 10 hour(s), 27 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Prashant Mujumdar\AppData\Local\Temp\IXP000.TMP\bot.exe (Worm.P2P) -> Delete on reboot.

Click to expand...

That infection I think is gone, but is not a very nice infection. Therefore, I have now called in Jacee to give you a quick checkover, just to make sure, as that is a Backdoor Trojan. Jacee will give you more information, but basically they can give a hacker direct access to a system. Therefore, you have got to watch out for credit card details etc. Don't panic. Just wait for Jacee to confirm that it actually is gone - we don't want this left on the system by accident!

That straightaway indicated to me to remove the Utorrent program on my system and i uninstalled that together with the permanent deletion of all the downloaded files through that application and any related installations. So that makes it an important security loophole plugged.

Click to expand...

Excellent! I would strongly recommend removing all P2P programs, and so would Jacee, but no more lecture required what with your excellent common sense!

On Reboot Step 3: Secunia PSI scan shows Insecure programs = 0, End-of-life programs = 0, but in Secure Browsing it shows both Mozilla Firefox (latest version 3.16.12) and Internet Explorer (version 8) as vulnerable, but also states that currently there are no solutions. These browsers are insecure it states because of the still vulnerable Adobe Reader (version 9.4), Adobe Flash Player 10.x (latest version from Adobe), and VLC Media Player (latest version 1.1.4). Secunia PSI also shows all other programs on the system as Patched.

Click to expand...

Don't worry about them. Just keep a vague eye. As long as they are up to date, there basically is no issue. The most exploited issues are big issues fixed months/years ago. These issues are maybe better to exploit than others, and with people not doing Windows Security updates, hackers have enough of a target. Keep Windows, Java, antivirus, and Adobe up to date (+Office, browser etc.) up to date and you are already far less of a target.

So thereafter 'i am back here' for further necessary instructions as may be required.

I have already belatedly used some common sense and changed the 'default' factory set password of my Broadband Router, so that is a network security loophole plugged i think. Wireless security is on WPA2(TKIP + AES) encrypted Security Key and i use a 'strong password' for that. Please also inform what other 'usually missed' security aspects of my system and its network environment can be plugged to the extent practically possible. Plus the usual precautionary measures to undertake to prevent to the extent possible such intrusions in future.

Click to expand...

It sounds like you implement many good practices already. Maybe we can point a few things out, but you are not the dire situations we sometimes see. What anti-virus software, and firewall do you run.

We will wait for Jacee now, and then we can have a better talk at the end once you are clean, and she can talk to you as well about what she sees day to day.

Richard

FAO: niemiro - Reply to your post #16.

Okay i will use TFC to clean my system once a month.

I don't have any other P2P clients installed on my system. I don't have or use a credit card so the remote potential advantage taker has no financial profit from me. The other good thing that i do is to use the mouse to click in my 'unusually strong password' through a 'key location changing' onscreen keyboard (provided on the specific secure web page by my bank) for my bank account access over the Internet, so no keylogger can take advantage of that. The third thing is that i don't use at all any local POP3 e-mail program to send and receive my e-mail, plus i don't have any address book contacts stored on my machine in MS Outlook etc. So that makes it 'very difficult' for a bot to use my system to infect other systems of my contacts via e-mail. I strictly use only web-mail.

As already mentioned earlier by me i hitherto used Norton Internet Security (2007 version with a long subscription). That provided me protection from almost everything except perhaps from the malware that was detected. It included Norton Anti-virus plus its own firewall and i used these. It also had built-in spyware protection and Phishing and browser hijack protection.

But to install MSSE i had to uninstall that 'bloatware' and so currently only MSSE acts as protector from viruses, and partially from spyware, and malware. The firewall currently is only the default one provided by Windows Vista. Plus i have Emsisoft Anti-Malware, Malwarebytes' Anti-Malware, SuperAntiSpyware, Spywareblaster, and also Spybot Search and Destroy installed on my system.

I have to ask you (or alternatively maybe if it was required to ask Jacee) specifically whether it will be better for me to shift to the latest available free edition of AVG whose anti-virus engine would be built to tackle today's viruses and other threats in a much more effective way as compared to the 2007 version of Norton Internet Security (which uses maybe an obsolete engine i don't know) that i used till now and which if need be i can again reinstall and use. Please advise.

I have found a very annoying feature in the NIS that i used. It took every two three minutes a Quarantine Backup and stored it under the ProgramData\Symantec Directory. If you consider that i have been using the system since October 2007, the Symantec Qbackup files with extension .qbi and .qbd must have surely used a huge amount of space till now.

The source of the infection reported by MBAM perhaps was the Norton Ghost.rar installation package on my system downloaded using a .torrent file. Now the installation source files have been already deleted by me. Much earlier i had installed Norton Ghost from those source files but having actually not used that application at all had uninstalled it long back. But there is a remote possibility that the earlier stored restore points may still have the infection lurking hidden somewhere. So this aspect may have to be kept in mind and steps taken accordingly.

Two or three weeks back i used JavaRa and removed all the old jre installations on my system plus uninstalled all the old jdk installations. Both jdk and jre on my system are the latest versions available from Sun Java as on date.

I have provided the above info especially so that it can help you and Jacee to be aware of the steps that i have already taken and so that it will then help any of you in plugging any remaining security loopholes on my system much better.

Prashant

I don't have any other P2P clients installed on my system. I don't have or use a credit card so the remote potential advantage taker has no financial profit from me. The other good thing that i do is to use the mouse to click in my 'unusually strong password' through a 'key location changing' onscreen keyboard (provided on the specific secure web page by my bank) for my bank account access over the Internet, so no keylogger can take advantage of that. The third thing is that i don't use at all any local POP3 e-mail program to send and receive my e-mail, plus i don't have any address book contacts stored on my machine in MS Outlook etc. So that makes it 'very difficult' for a bot to use my system to infect other systems of my contacts via e-mail. I strictly use only web-mail.

Click to expand...

No matter what, we still want it off It sounds like you have very good security practices.

As already mentioned earlier by me i hitherto used Norton Internet Security (2007 version with a long subscription). That provided me protection from almost everything except perhaps from the malware that was detected. It included Norton Anti-virus plus its own firewall and i used these. It also had built-in spyware protection and Phishing and browser hijack protection.

But to install MSSE i had to uninstall that 'bloatware' and so currently only MSSE acts as protector from viruses, and partially from spyware, and malware. The firewall currently is only the default one provided by Windows Vista. Plus i have Emsisoft Anti-Malware, Malwarebytes' Anti-Malware, SuperAntiSpyware, Spywareblaster, and also Spybot Search and Destroy installed on my system.

I have to ask you (or alternatively maybe if it was required to ask Jacee) specifically whether it will be better for me to shift to the latest available free edition of AVG whose anti-virus engine would be built to tackle today's viruses and other threats in a much more effective way as compared to the 2007 version of Norton Internet Security (which uses maybe an obsolete engine i don't know) that i used till now and which if need be i can again reinstall and use. Please advise.

Click to expand...

If NIS still provides definition updates, I think you should be fine, but wait for clarification from Jacee on that please

Two or three weeks back i used JavaRa and removed all the old jre installations on my system plus uninstalled all the old jdk installations. Both jdk and jre on my system are the latest versions available from Sun Java as on date.

Click to expand...

Excellent!

I have provided the above info especially so that it can help you and Jacee to be aware of the steps that i have already taken and so that it will then help any of you in plugging any remaining security loopholes on my system much better.

Click to expand...

It sounds like you don't have many loopholes to plug, but thanks very much for the info, as we would have been suggesting much of this!

I have called Jacee; hopefully she will come!

Richard

Although no securiy expert like Jacee or Richard, but quite familiar with what is available out there and having tried many or possibly even most, I would recommend the free Microsoft Security Essentials http://www.microsoft.com/security_essentials/ as opposed to any version of AVG (and most certainly instead of any Norton product) as your primary AV/AM/AS real-time software. That along with periodic scans from the other products you mentioned (and be sure to update them before scanning to make sure they have the most recent definitions - if you get MSE then Windows update should do that for you if you set it up to do so) should provide good protection and is very commonly recommended here and elsewhere (and is what I use myself for the most part).

Windows Firewall is quite good and more than adequate if configured properly to remove open ports you rarely if ever use (or never have or plan on using) to make it just a bit more secure. 3rd party firewalls don't offer much if any better protection though they may have more bells and whistles (and debatable claims of superiority). And as with antivirus products (as opposed to AM or AS products used for periodic scans), you should only use one Firewall at a time in any event.

Of course, Jacee and Richard will probably provide their own recommendations and, if different, they should take priority over mine. They will probably have other suggestions as well - listen to them as you will rarely have access to people with more expertise.

I hope this helps.

Good luck!

Lorien said:

Although no securiy expert like Jacee or Richard, but quite familiar with what is available out there and having tried many or possibly even most, I would recommend the free Microsoft Security Essentials http://www.microsoft.com/security_essentials/ as opposed to any version of AVG (and most certainly instead of any Norton product) as your primary AV/AM/AS real-time software. That along with periodic scans from the other products you mentioned (and be sure to update them before scanning to make sure they have the most recent definitions - if you get MSE then Windows update should do that for you if you set it up to do so) should provide good protection and is very commonly recommended here and elsewhere (and is what I use myself for the most part).

Windows Firewall is quite good and more than adequate if configured properly to remove open ports you rarely if ever use (or never have or plan on using) to make it just a bit more secure. 3rd party firewalls don't offer much if any better protection though they may have more bells and whistles (and debatable claims of superiority). And as with antivirus products (as opposed to AM or AS products used for periodic scans), you should only use one Firewall at a time in any event.

Of course, Jacee and Richard will probably provide their own recommendations and, if different, they should take priority over mine. They will probably have other suggestions as well - listen to them as you will rarely have access to people with more expertise.

I hope this helps.

Good luck!

Click to expand...

Thanks Lorien for your inputs. I will certainly bear all of this in mind.

Now i have a question in the form of a suggestion for you, niemiro, Jacee, and also for richc46 (other experts on this forum as well as user members are also free to respond!), who represent in my belief the senior technical experts on this Forum. This question has been in my mind for a long time now. Only i did not broach this subject earlier to anyone.

Don't all of you realize and also want that it is high time Microsoft in its 'next Windows version' which is in the development phase, 'tightly integrates' 'a complete Internet Security Suite' right within the OS itself as a 'Complete Security Layer' that contains per se an 'excellent Firewall', a really 'effective Anti-virus Engine' built to tackle the numerous spawning threats that a user today faces while surfing the Internet, an Anti-Malware and Anti-Spyware engine, anti-phishing, and also 'a diagnostic tools suite' to investigate and 'sandbox' the 'threats that still slip thru'.

I feel by hiring the best Security experts as their staff, Microsoft can surely do this and render yeoman's service to all users who surf the Internet. The other thing is that then Microsoft can jack up the price of their OS accordingly. Further the Security Suite definitions and program updates would then get automatically updated via Windows Update!!!. And users wouldn't have to seek anywhere else for anything on Security. I think that if Microsoft really goes 'hammers and tongs' on this aspect, it will stop the 'competition' on such products in its tracks. Third Party security software developers have primarily come up and thrived because Microsoft has traditionally been lax in security aspects is what i feel.

The immense benefit to 'layman' Users would be that they do not get at all a 'choice' of not installing 'a Security Suite' and endangering their own system as well as that of their contacts. Users do not have to spend money to install a third party security suite and to go through the process of evaluating one versus the others.

A 'Complete and Comprehensive Security Layer that encompasses all of the above components' had better be a 'mandatory' part of an OS rather than be a 'choice' for 'Users' and to be bought or not even bought by ignoramus layman Users who do not realize the import of their actions or in-actions.

And the Internet surfing world then would be a much better place to live in.

Please do not only respond but also exhort Microsoft as one voice of the whole community to do this.

I already know this is not a specific part of this thread but see one thing just led to the logical next and so i cannot stop now because of its wide ranging and tremendous implications.

Prashant