I can't see the difference.... can you see the difference?

[Ace Fun]

There is a massive difference between self replicating malware (viruses) and programs that a user elects to install such as the Alexa toolbar. I think it would do anti-virus protection a great deal of harm if non-viral threats were thought of as viruses. Would you include as viruses server based programs that search for open ports on your computer and enter that way when they find one.

There are already people that remove anti-virus software because they think it slows down their computer. This sort of attitude helps the spread of viruses.

[baraucs]

Quote:

There are already people that remove anti-virus software because they think it slows down their computer. This sort of attitude helps the spread of viruses.

Were it up to me - I would include in my virus definitions any items installed without permission that were generally accepted as having no benefit to the end user; provided most end users agreed said programs were 'virus-like'. It would seem that appeasing the majority of my customers in that case would make good business sense, no?

I don't see how this relates to Alexa.

Quote:

The key to any case is going to be compiling evidence of (i) actual downloads without permission and (ii) showing that when people do click to "give permission" that Gator has not fully disclosed everything and disclosed in a way that is realistically going to inform the consumer of what is being disclosed. Do that, and you have the potential to take the attack to the criminal level using the anti-virus statutes, fraud statutes, and destruction of property statutes. Then, all you need is a state Attorney General who wants to make a name for himself.

Ok then Ed, you're the law guy - is this really a stretch, or in your opinion are these 'scumware' providers already violating the statutes? I'm guessing there's got to be a bored Attorney General or two.

[Ace Fun]

First off an apology. I've arrived on your boards as a newbie, and already I'm giving forth on one of my pet hates.

My position on this is that I hate all methods of changing computer settings or software without the surfers knowledge. This includes everything from the notorious back orifice (and Microsofts eyedog trapdoor) to javascript that changes a users homepage. I've even set up a few sites to try to alert/help users, but most don't seem to care until their files get deleted by a virus.

The term "virus" refers to malware that is distributed in a particular fashion, and sophisticated AV software doesn't look for specific files but looks for viral behaviour in the computer. This helps to detect viruses that have not been reported yet. It also detects polymorphic viruses which are able to slip past some other detection systems. To give an idea of the symbiotic relationships between viruses, the installation of the infamous Klez virus is first preceeded by the installation of the ElKern virus to disable anti-virus software.

My Alexa reference was to a routine that was left in my computer after I had run the Alexa removal program. It tried to establish an internet connection on power up and was not detected by adaware. It was removed by spybot however.

I think what I am trying to say is that you can't fix a broken leg by using anti-biotics, but you may want to use anti-biotics to prevent an infection setting in.

[techwoman]

Ace,
I understand how you feel

most of my side jobs are removing these viruses and explaining to people how their home pages get changed. My biggest hate is AOL, I always try so hard to get people to get rid of it. Most of the viruses I have removed were from people who had aol. The AV tools can't scan the incomming or out going emails. I have to warn about opening emails with attachments if they are not expecting them. As well as when they say, how come my computer keeps trying to access the internet? And why is my computer running so slowly? Then when I check their system, they have spyware, as well as some usual slow downs, startup progs, defrag files and sometimes only 500mb of disk space left

It truly is hard to educate people who have no tech expertise or savy at all so I hope that Kevin is on to something. I call it a virus too because I have seen it in action myself. My children are very tech savy, I taught them everything. They know what not to download or open and even with that, Gator got onto my computer and my daughter told me there was never even a popup asking for permission. I totaly believe her, she knows her stuff

[LineResearch]

It's not a stretch. It's all in the evidence. Everyone that runs into this stuff needs to document as much as possible even if it is just making a memo to yourself about what happend and what you saw. ID the sucmware if you can, and see if you can figure out when and how it was downloaded. Take screenshots of as much as possible. If enough people do this, patterns emerge and legal cases are made.

[Ace Fun]

Most people seem to think that viruses and trojans just come via email. A lot do still and modern viruses have their own SMTP servers. There are a lot of other transports though. ICQ, Winamp, Kazaa, Flash are just a few ot them.

Have you tried deep deletion of temp files by the way (using deltree). I've freed off massive amounts of space like this - over 600Mb in a couple of cases and this is after windows has deleted all the files. I always wonder why Bill Gates wants to save all that stuff.

[SlyCin56]

Quote:

Originally Posted by LineResearch

It's not a stretch. It's all in the evidence. Everyone that runs into this stuff needs to document as much as possible even if it is just making a memo to yourself about what happend and what you saw. ID the sucmware if you can, and see if you can figure out when and how it was downloaded. Take screenshots of as much as possible. If enough people do this, patterns emerge and legal cases are made.

Thank you, Ed! k:

[Proper]

baraucs: cheers for clearing that up.

Truely if norton/Mcafee was involved, 'gator' would need surgery to remove the boot!

[universal4]

If any anti-virus companies are approached....also please consider F-Prot by Frisk Software.

I'm not sure if they would be interested in any way,, but I can vouch for their product. I run it on some of my machines, and am moving almost all of my servers to it. (They have really attractive licensing- I can license 10 boxes for less than $50- Norton for a Sever is over $800)

[Mary]

I ran across this and thought you guys might find this interesting.

Mary

http://www.acts-consulting.com/spyware.pdf