Slashdot Mirror
McAfee lists Adware in Top 10 Viruses
joelethan writes "In the new sensitive, caring world of Windows security McAfee Virusscan detects adware/malware, just like its competitors. A surprising consequence is that the McAfee's Regional Virus Info now regularly shows adware in its infection top ten. It feels so good to see old favorites like 180Search and DFC listed. "Now for your listening pleasure it's Adware.Gator at number 7 with a bullet..."
"
ADWare is actually a secret conspiracy from the guys who make tums to capture a whole new generation of geeks..
Geek: "Helpdesk, how can I help you?"
Hapless Worker Drone: "I have all these funny ads that keep popping up!"
Geek: "Did you install that nifty new weather bug, or that 'Gator' thing?"
Hapless Worker Drone: "I didn't install anything! This is your fault! You guys are supposed to protect us!"
Geek: "See that socket over there? It's the automatic anti human virus protecter, stick your finger in and call me in an hour"
"It's not stealing if you don't get caught!"
this is the reason why i dont use windows.. one minute after your installation is done, you already got lots of spyware.. heh.. cant stand it..
.. is Adware to be made totally illegal as to design, manufacture and spread it. Like viruses are.
-el
Uh-oh! They'll get sued by Claria!
In Soviet russia, only old Koreans profit from pictures of Natalie Portman stored on Beowulf Clusters.
1) Switch to better web browser that dosen't have activeX spyware infecting it
2)Destroy spyware
3)Switch to a secure operating system.
4) ???
5) Profit, by not having to waste time with viruses!
However, Netsky still completely wipes the floor with the adware. Over 10 times as many instances of Netsky were discovered than Gator.
liqbase
But when will the financial geniuses at Symantec decide to start exacting a "fee" to spyware vendors to remove their malware from the list????
Because there are still people who don't know:
Ad-Aware
Search & Destroy
To keep your pc running fast and without too many crashes..
I have just upgraded to Enterprise 8.0i at work to test it out and I am very impressed with it. Good scanning times as well as some handy features like Buffer Over Flow protection. McAfee may have crappy home user products but the corporate stuff is top stuff!
rather one of my users have a current-day virus than a malware product anyway! Virii don't invite all their little friends to come and play like malware does either or slow the box down to uber crawl speeds!
ADWARE OWNZ JOO!!
..let's stick to some realism. I don't have any spyware on my Windows machine. Unlike viruses, the user has to actually install them (though that may involve just clicking "yes" in IE). Poor judgement can not be solved by technical solutions, OSS or not.
Kjella
Live today, because you never know what tomorrow brings
It's not spyware, it's a virus! McAfee says so.
..it was recognised for what it is. Here, in the UK, such software falls foul of the Computer Misuse Act (which is due for an update). Personally, I already spend far too much time removing Adware, Spyware, BHOs, et cetera from Windows machines, especially at one site, where they seem to actually think CoolWebSearch really is cool.
This is a good move, currently I'm helping my mom's next door neighbor trouble shoot her Dell...1000 miles away! My mom has dial up, but her computer is just chocked by viruii and adware. She's new to the internet, so she thinks if she just does whatever she'll be ok.
Also, the McAfee trial she was using didn't catch much, I suppose she didn't have updated pattens, but with a dial up, is it possible/easy to get updates?
I'm leaning on her to get Broadband, and then let me put Linux on that Dell...
CB_)EW____>>>
free ipod and free gmail!
Are 7000 users an3 exciting; our cause. Gay Comprehensive
...I think you're preaching to the choir. If we're going to make a difference, it would be "Force a (l)user to use these:"
Live today, because you never know what tomorrow brings
While not exactly *required* as AdAware and SpyBot are it is certainly a nice addition to the list.
SpywareBlaster
I would have posted AC to avoid the karmawhoring but Slashdot isn't allowing my subnet to post anonymously anymore. So blame them for the "Continual Karmawhoring".
When did you stop beating your mongoloid wife sir?
Your silence only incriminates you further!
The way Gator tries to install is absolutely unacceptable. I really think that it should be stopped, one way or another.
Claria sounds like some sexual desease.
According to the McAffee stats, the worst infection rate is in North America. This must be due to outsourcing all geek jobs to India...
Oh well, what the hell...
Clearly I'm the only one who read this as Ad*A*ware and thought McAfee was listing competition as a virus.
http://slashdot.org/comments.pl?sid=83240&cid=7286 358
is people who can't turn 'virus' into a plural properly.
Viruses, Viruses, VIRUSES!
Magic Lantern, carnivore, omnivore...
So how do you keep the feds from snooping you?
Build your own energy sources from scratch. http://otherpower.com/
... but not there yet. What about microsoft, when it hits number one the virus companies will be done.
...Other than malware/Adware starts with a team of lawyers on staff, where as virus writers don't get a lawyer until after they are busted.
And while most malware may not be self replicating, it does have viral components in that it is predatory non-living creature that lives off its host. And good malware, like a good virus goes undetected. Cheating the system of confidentiality and resources. Sending it's host to places that suit it, and exploit the host.
Does it really matter that they aren't totally self replicating like a worm... early viruses were just malicious macros using MS Office and WP as a vector to be passed around by unsuspecting knobs.
A lot of smart viruses use their host to infect others. HIV, for example isn't very good at replicating itself... it relies on humans to do most of the work. It just sits in the blood stream. Other viruses use multiple species to get passed around where some species are adversly effected and other species in the chain don't even notice it's benign precence.
Similarly, code like Roings or Gator, are a great malware/virus hybrid. They just sit around and wait to be downloaded from from blog sites like Xanga or P2P networks like Kazaa... it uses other users to actually recommend to their friends to get the infection. Now that is using relational marketing!
Why bother writing self replicating code when you can get guillable fools to do the replicating for you.
As far as spyware for linux, I suspect it is out there. My browser (mozilla) has been hijacked a few times, I haven't figured out how. Has anyone else experienced this? I am not trying to start a flame war, I know I probably have something missing or misconfigured, but how... I don't know.
I've been saying for a while now that we just need the anti-virus software publishers to recognize adware and its heathenous kin as being in the same category as Code Red or Klez for the public to start taking it more seriously. It's actually more of a threat now than just plain old "viruses" (in most everyday cases, anyway).
I got hit by ads234 or also called midADDdle ... It is a VIRUS, spybot adaware even hijack had problems removing it. It had 4 copies running and when you deleted one file it reinstalled all 4 changing the names. It even had a few process in the backgound checking to make sure it was all there running. I had to ripe the whole system apart to fix it. I never aproved or wanted it but man removing it was harder than getting rid of the stoned monkey virus.
I'm told you are what you eat, does that mean I can be you by tomorrow with some A1?
Was it only me that misread the article summary that it's adware and not AdAware http://www.lavasoft.de/? Its been some time since I used that product....(MS-free for a year now)
Humans have such a good sense of humor!
Soon, if they're the geniuses you say they are - before anyone realises the list is run by their competitors - McAfee! :)
Corporation, n. An ingenious device for obtaining individual profit without individual responsibility. - Ambrose Bierce
Could companies be prosecuted for exploiting bugs and vulnerabilities to install their garbage on people's machines? I don't know how many reinstalls I've went through, forgot to turn off the fifteen different settings in IE, and ended up with webpages spamming my desktop and taskbar as hard as they could by going to a seemingly harmless website, or mistyping the name of a popular website.
I recently fixed someone's computer that had so much spyware, it was running like a 66MHz machine on Windows 98SE. They were using a 2.5GHz with 512MB of RAM. The start button would take three seconds of griding to hit, and hitting it made three or four spam windows pop up, mostly about gambling, porn, or pills.
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
From what I've heard, some of the Virus scanners out there, like Norton, will detect but not remove AdWare. So, the question here is, will McAffe actually remove it, or does it just detect it. Plain old detection is useless. That's like a virus scanner popping up and saying "HEY STUPID! You have a virus but guess what, I don't feel like doing anything about it. I would just like to inform you of you gross incompetence."
"Don't sweat the petty stuff and don't pet the sweaty stuff." -- by an Unknown Wise man.
I'm just throwing this out here in a weak attempt to avoid RTFM...but is there a top ten list of viruses or spyware for Linux?
I've only been using Gentoo for about 2 months now and have been for the most part naive about looking further into security; firewalls; and virus scanners for Linux; my easy breezy KDE; and Gentoo in specific.
Some aim to please, I aim to tease.
Symantec NAV certainly doesn't detect any Adware/Malware/SPYWARE. That would be their biggest competitor in the anti-virus market, after all.
Gator beats any virus in infestation rate if you look at the more relevant statistics.
Lalala
I really, really, want to open "pamanderson.exe" and "AllWindowsCrackz.exe"
If you click on the link in the top 10, you'll come here. What's up with "Find Joke Programs?" That seems a little too specific to be real.
I wonder how much money McAfee spent in legal advice before doing this... I wonder how long before the spyware vendors sue, saying that their software performs a valuable service, as shown by the fact that users deliberately and knowingly install it...
"How to Do Nothing," kids activities, back in print!
If you want to keep a windows machine clear of adware, don't use the internet. Most all of this stuff installs using holes in internet explorere which allow remote execution. Using firefox in most cases will eliminate this problem.
Got Code?
Joe Six-Pack is finally getting a sense for these things, which is a great step. I recently started working for a net marketing company, and I'm amazed by the volume of flaming emails we get from people across the country saying that they will take us to court when they find the single cookie we put on their machine. There is also a lot of talk of pushing their congressmen to make our 'spyware' actions illegal.
I love this. It would be nice if people were more educated on this (and knew the difference between a viral program and an inert string of text that they have set their browser to allow), but it's a huge start. Detecting these programs as viruses is wonderful - it raises awareness levels. And the first step to legislation is enough people telling their congressmen. Remember, a phone call or letter is worth hundreds of constituient votes.
Four years ago when I first came across Gator, I considered taking apart their offices with a bat and a black ski mask. But I lived on the wrong coast. Now I might finally see them go to jail some day, and their cell mates will do far worse things to some scrawny coders than I ever could. But that will only happen if you contact your congresscritter. So do it.
VirusScan is the worst piece of shit software I've ever been forced (by I.T.) to install. Its scans pin the CPU and make it impossible to work. I've disabled it, on the theory that any virus I get as a result can't be any worse than the McAfee program itself.
seriously, I wonder how long it is before they sue mcafee and others, just because of this point they want to make. Not that anyone will believe them.
I actually came across one that had an unistall utility, complete with a massive EULA for this uninstaller, and a license key for the uninstaller, which is emailed to you, if you decide to actuaslly trust them (description here, with company info) It's blackmail, of course, and probably not enforcable.
Legitiamte businessmen indeed.
"It is a greater offense to steal men's labor, than their clothes"
My interest in submitting the story was the sheer number of geek-hours I've had to spend fixing Ordinary Joe's PC.
/JE
Someone told Joe how good Morpheous was. He installed it. I helped fix it. I put on 40 gray hairs.
Now, Adware like CoolWebSearch (retch! retch!) has become so resistant to removal that I have spent hours disinfecting machines.
Now "as any fule kno" Windows is not the most secure OS, and you really shouldn't install these adware-carriers. However it is as true as ever that the spirit is willing but the flesh is weak.
Trust me - no spyware included in this comment.
Is faster than Spyware removal tech.
An instance on a system I was removing spyware from was so infested that no matter what I did I could not remove it. Adaware/Spybot could not remove it. The user in question happened to frequent weatherbug et. al so had the latest and greatest spyware. Now in my situation our upline is blocking spyware sites as they find them.
What ended up happening is, our busy spyware installer guy put found a site that wasn't blocked and installed the latest and greatest. Soon thereafter his browser stopped taking him anywhere. Our upline was blocking all requests his browser made because they were all being superceded by the spyware address.
I download all of the newest updates, nada. I speculate that it may be a newer spyware/adware infecting his system and offer him a reimaging of his station, or waiting a day to see if there is a fix. One day goes by, no fix. I spare his system out and give him a replacement while I image his old one. Well the system sits for a while, and eventually I get back to it (4 days after the initial problem.) I figure, hell I'll run Adaware again. Update...scan... remove... reboot... scan...remove... and finally the spyware is removed.
The moral of this story is use Firefox.
I figured you guys would love this...
The firm i worked at up until recently decided to do some "sponsored marketing" thru Claria/Gator. I tried to preach their evils to the marketing department, but my protesting fell on deaf ears. A few weeks later, one of the marketing folks called me into his office because he was having terrible troubles with I.E. Turns out, as expected his lappie was riddled with spyware, w/ Gator/Claria products being the chief offender. When he asked what the major problem was, and I showed him the ad-aware, hijack this, and spybot entries w/ gator/claria all over them - i think he finally realized. The initial short term advertising contract wasn't renewed, or so i hear.
If more comapnies knew how bad these apps are, and what problems they created, maybe they wouldn't want their services and products advertised in this manner.
the "no shit" category. Considering 90% of all my repairs are viruses/adware. This has been a problem for longer than what mcafee says. And I hate to say it, Gator isn't that far up the list WinTools is the worst I've seen considering it's been on 9 out of 10 machines that have come in my shop in the past 6 months.
I might also add, McAfee is crap. From failing to tell the user the subscription has expired, to not being able to make their own software packages work together (I've seen the anti-spam and anti-virus butt head so badly that it won't allow you to download mail, and don't get me started on their firewall), all the way to their software causing a system to no longer boot after an update.
suggestion: If you value your sanity, don't use McAfee and don't recommend it to users that ask you what you recommend. It will damage your rep, and add to your workload when you have to explain.....alot. This is coming from someone who was a loyal McAfee user for 8 years until 3 years ago.
there is a simple solution to all the worlds software problems... use linux... nuff said...
Adware is the name of a company in Louisville Kentucky who does a good job providing accounting services to the advertising and public relations industry
Can we use "scum-ware" instead? I've worked with the guys at Adware the company and they're nice people.
the major advances in civilization are processes which all but wreck the societies in which they occur - A.N. White
Look at the bright side-- now Gator doesn't have to do marketing or polling research to see how installed/popular their product is!
Not All Who Wander Are Lost
But does McAfee do anything effective with them? How about McAfee Corporate (good) vs. the home user version (ukkkk!)?
The latest Norton (2004) detectes malware, but doesn't seem to do anything effective about it.
The best prevention is good surfing habits, and giving most Windows users no rights at all to install stuff.
Usually if someone has new.net, or anotehr TCP/IP stack dropin, and you remove it using spybot, adaware, etc, instead of Add/Remove programs, you have to completely rebuild the TCP stack.
Possibly newer versions of ad aware do this for you?
Jay | http://oldos.org
/.
Two products we have fully implemented that have helpded (no Mandrake/Firefox comments please heh)
1. Trend Micro Office Scan 6.5 (new version) It caught all the Trojans and malware, left most of the adware
2. Spysweeper Enterprise - This put the -smack- down on every little piece of adware and malware...very impressive.
If you are stuck with M$ this will help alot - both products are centrally managed and controlled...I dont work for either, but you can get on top of the virus/malware pain. We had some users w/ 1000+ malware just from add sites, they werent even hitting the porn/hacking stuff.
Enjoy
When is somebody going to step up to the plate and sue these companies for defacing personal property? They get away with it every day and there are laws against it. Plain and simple they are destroying people's property without their permission, at least not any signatures that would hold up in court. All it will take is for one company to sue these companies, and others will follow...at least our company will!
If carrots got you drunk, rabbits would be fucked up. - Comedian Mitch Hedberg R.I.P. 03/30/68-2/24/05
Does any one knowthe url to get the trial version of mcafee?
i tried thru their site,but they dont seem to hav that for dload.
Tx for mod ing me offtopic.
Why does yahoo do this
The exploit hits are not from unpatched machines, but rather from people visiting infected websites. If you visit an infected website, the antivirus in your machines detects it, and sends a hit to the McAfee counter.
The problem with Adware/Spyware/whatever isn't so much the invasion of privacy part. After all, in most cases, you did click accept at some point. That's what happens when you need your pr0nzor or bikini calendar so much that you don't care where it comes from, you deserve it. The problem is the lousy implimentation of the invasion of privacy.
I helped a friend diagnose his constantly crashing computer remotely one time and found that he had over 18,000 individual copies of some type of CoolWeb in his Windows\System folder.
The real problem isn't with New.net hijacking and sending people to other domains; the real problem is when their software breaks and you can't use any TCP/IP related applications until you find someone with some technical know-how to fix it.
These bastards should be liable for this sort of thing. Actually, they probably are.
I keep forgetting my place. Jesus is for losers. Why do I still play to the crowd?
I assume Mcafee most likely added this feature because of Norton. It looks like antivirus software attempting to detect much more than viruses. Maybe they could clean out those evil cookies from this website. ;)
Mcafee is starting to mark adware/spyware as viruses.
Great!
Now make an AV app that effectively removes them when it's detected.
Right now, not one virus scanner cleans adware/spyware effectively. You always need to use either spybot or adaware to get rid of it for good. The reason for this is simply because every antivirus firm uses scanning techniques dated from the DOS era to scan and remove this stuff.
If you work for symantec, or mcafee, or any other AV firm for that matter, pleast drill it in your AV scanning division that the Windows Registry Must be scanned for viruses/adware/spyware entries First then all the files on the system. Then once it's found, remove all traces of it including folders, leftover installer files and temp files. I've seen spyware and adware that is just about impossible to remove unless you scour the entire registry for any possible method of entry, then scour the drive for installers that will reinstall it if it's removed. That is why adaware and spybot are so effective at removing this stuff. it removes it from executing and gets it all on the next restart.
Lavasoft Ad-aware is better at removing even some common viruses than most virus scanners today. It's almost second nature that you have to get a "Virus Cleaner" to remove viruses for some AV scanners that adaware removes on the first try.
Until AV firms understand that the registry is just as important to scan as the files, they will never be effective in removing these threats. Dont think that Virus writers aren't looking at these techniques these spyware groups are using to get around you guys and aren't implementing these techniques in their next virus.
In Soviet Russia, Trojan exploits YOU!
Though, i'll admit that something got on my XP machine the other week and replaced my winsock.dll causing my network access to not work except bringing in popups - Totally disabling my machine.. Nothing out there found it..I had to get a WinsockXP reinstaller from Microsoft that seemed to fix it for now.
When will everyone just admit the problem is with Microsoft's swiss cheese OS and monopoly developer policies!
I think that its only a matter of time before a big Forute 500 gets slammed by a nasty trojan or driveby install and they let loose the wrath of their legal team on Microsoft.
If Microsoft continues to give away, developer, developer, developer packages to virtually anyone then every Windows users can continue to expect this kind of activity.
Its wrong, it sucks but hey... ain't that America!?
Maybe someone should implement a useful color coded warning system that citizens can use as a simple guide to the level of threats they can expect on their computers... oh wait thats already been proven to be a HUGE waste of time! Damn it all anyway!
The abusive, obtuse, and broad EULA's that people click on without reading make it extremely difficult to deal with these companies. Here is one great way we should consider.
1)Make a copy of their agreement, and replace "The cool thing we say we do" with "Free pizza for the office"
2)Replace "We get to infest your machine with junk" with "We get to tar and feather you and put pictures on the internet"
3)Get together a bunch of cheese pizzas and head to their office. Get them to sign the modified agreement for delivery.
4) Proceed to tar and feather the person that signed for the pizza, and share the fantastic photos on the internet.
Remember, it's not assault, it's marketing they agreed to in the license. The beauty of it is that if they fight it, they fight their own agreement, and we can use anything they do to get them to be responsible for the *hundreds of millions of dollars* of damage they have caused to innocent people's computers.
-Z
The users have to specifically want the scanners to remove this stuff.
"Now for your listening pleasure it's Adware.Gator at number 7 with a bullet..." yay for High Fidelity!
Forecast for tomorrow: A few sprinklings of genius with a chance of DOOM!
... to the eyes at least!
1 23219
http://shit.slashdot.org/article.pl?sid=04/09/17/
I'm betting one week before the first restraint of trade lawsuit from a spyware vendor. Gator/Claria has already made threats of lawsuits in the past just for calling it spyware, and I believe that spammers have slapped various blackhole lists with such lawsuits in the past. It's only a matter of time.
to convince the marketing folks. I tell them once and leave with, "Hear me now, believe me later." After a while, their hearing improves.
When we the litigation start? Not soon enough for me.
I remember when Borland changed its name to Inprise and at that time I thought - 'Gees, what did they do to a good company with respectable products?'
Then they came back to their sences.
You can't handle the truth.
I read earlier this week that norton has removed scuzware from the virus signatures. bad move. the crap doesn't belong on MY computer, and I am hiring these outfits to get it out of there. looks like the snortin' futilities folks are getting on the wrong side of the fence.
if I didn't install it in full knowledge of causes and effects, it's scuzware. it must be removed. I will take my dollars to the outfit that does remove scuzware.
"enhancements" that render my computer inoperable for the primary purpose are theft of services, and should be prosecuted. no counter-arguments need apply. if they do, they can talk to my friend, Mr. Chainsaw.
if this is supposed to be a new economy, how come they still want my old fashioned money?
Really, shouldn't the bullet go to the people who write these things?
insert blank cd./ x86/2004.2/livecd/install-x86-universal-2004.2.iso ;w instructions.
wget ftp://ftp.gtlib.cc.gatech.edu/pub/gentoo/releases
cdrecord install-x86-universal-2004.2.iso;
reboot.
follo
I have had a lot of luck with IPcop (ipcop.org). You can do a firewall yourself with any linux distro using iptables or the older ipchains, but ipcop is nice and easy and specifically designed for firewalls. It has a nice gui interface and works better than many commercial firewalls for the cost of a cheap box and two three nics something most offices (even non-profits) have lying around.
With something like this, you can radically improve the reliabilities of a windows network. I have often used it to reduce trauma calls by up to %80.
I like to use it plugged into the net on oneside and a NAT router on the other... double NAT is very hard to breach.
IPCOP also offers a proxy server and can be triplehomed to offer a dmz for servers you want open to the net. Quite a nice piece of software.
Not all spyware is evil, come on look at the bright side, you get to charge customers for reoving all the spyware. If there was no spyware then not as many people would call me to have their computers fixed. It's easy money, specially when you tell them that it's so infected that the only solution is to frormat and do a fresh install.
"It is better to die on your feet than to live on your knees!" - Emiliano Zapata
I remove spyware from 10-20 customer PCs per week at work ($60 each). In safe mode after clearing out the restore folder, and making sure i have access to all the files on the drive AdAware will catch ~15 programs in 1000-2000 traces. Then run Spybot and get another 10 in 200-300 traces. After that i reboot and go directly back into safe mode and run Webroot Spysweeper and ill still catch another 2000+ traces that the first two missed completely. Also, the people that created vx2 need to be hurt badly.