RE: [evonline2002_webheads] antivirus, etc
- Thank you Webheads for the very well informed and varied answers to my inquiry. Will tell you what I decide on! Have already got the Adaware - anti-spyware, thanks Teresa.
Elderbob, thanks also for the artucle will read when I get a mo'.
All the best,
From: email@example.com on behalf of elderbob
Sent: Thu 30/06/2005 20:48
Subject: Re: [evonline2002_webheads] antivirus, etc
Since much of this thread has had to do with malware, I thought I would
send this on. I copied this from a subscribed newsletter, so I am
probably breaking several copyright laws by copying this article and
printing it here, but I am going to give my source and I left the
copyright notice intact. I think it is a very thoughtful and
informatiive read and one that everyone needs to take a look at.
The article is from www.eweek.com. You are welcome to go there and sign
up for their free newsletter and have it deliverd in print or on the
net. There are also several RSS feeds from the same site. Here is the
*The Many Faces of Spyware*
June 21, 2005
By Paul F. Roberts
They have innocuous-sounding names-ShopAtHomeSelect, CoolWebSearch,
Searchex, IEDriver-and are called many things: spyware, adware, scumware
or the euphemistic PUPs (for "potentially unwanted programs"). But
there's no disputing that, by any label, programs that monitor users'
online behavior, legally or illegally, are a big business and a big
headache for computer users and IT administrators.
Spyware is a $2 billion-a-year industry, according to Webroot Software
Inc., judging from rough estimates of the number of adware installations
and the amount of money generated by each installation. It's an industry
girded by business relationships that tie legitimate advertisers to
online marketing companies, small application vendors, Web site
operators and shadowy online groups with iniquitous ties. The industry
is a Wild West of aggressive marketing, loose oversight and big
profits-all flowing from consumer behavior and the surreptitious
programs that track, mine and shape that behavior.
A drive-by site taps an exploit to infect PCs with malware. _Click here_
to read more.
Cleaning up the spyware economy will be a challenge, experts say.
Enterprises face an explosion of spyware and adware that threatens
compliance efforts and intellectual property. As with anti-spam
legislation, anti-spyware laws working their way through Congress won't
fix the problem by themselves. While regulators and the high-tech
industry seek solutions, organized online crime groups are using spyware
to fuel an epidemic of identity theft and online fraud.
At Family Credit Counseling Service, in Rockford, Ill., spyware became a
big problem in the last 12 months, said Joshua Beard, a technical
support specialist at the nonprofit organization, which provides
financial counseling services to individuals.
"It started with those little search bars that come up, which were an
annoyance more than anything," Beard said. The problem escalated into a
major IT headache in the last six months, as the spyware and adware
infections multiplied and began causing more damage.
eWEEK's Editorial Board claims we need a spyware law. _Click here_ to
read its view.
Technicians for the San Lorenzo Unified School District, in California,
had a similar story, said Art Cipriano, director of IT. "We were
continuously receiving work orders to fix slow computers and getting
panic calls of pop-ups taking over computers," Cipriano said. "Many
times, [the computers] were so severely infected we ended up just
About one-third of application crashes reported to Microsoft Corp., in
Redmond, Wash., are caused by spyware, according to Brendan Foley,
senior product manager of Microsoft's Windows Antispyware group.
How does spyware make its way onto all those networks? IT staff at most
organizations that have had to battle the pernicious programs, including
Family Credit and SLUSD, admit that they don't know.
Spyware is typically distributed with other programs in installation
bundles, such as freeware and computer games. Those bundles might be
downloaded directly from an adware vendor's Web site or from an
affiliate Web site, experts say.
Advertisers recoil from dubious online marketing tactics. _Click here_
to read more.
Direct Revenue LLC, of New York, an online marketing company, has more
than 20 million installations of its three ad programs-Aurora, Ceres and
SolidPeer-mostly through bundling arrangements with P2P (peer-to-peer)
software and "a slew" of other consumer programs, such as instant
messaging smiley-face enhancements, Web browser tool bars, and clock and
weather programs, downloaded from Direct Revenue affiliate sites,
according to J.P. Maheu, Direct Revenue's CEO.
Claria Corp., in Redwood City, Calif., also an online marketer, had
software running on 40 million desktops at the end of last year,
according to Reed Freeman, Claria's chief privacy officer.
Bundling relationships benefit both sides. Application vendors such as
Kazaa P2P maker Sharman Networks Ltd. collect fees from adware vendors
for each installation, and adware vendors, such as Claria, ride the
popularity of the third-party software onto users' PCs.
Adware and spyware bundling deals are often too good to ignore, even for
companies that might look askance at helping to distribute spyware and
adware programs, said Ben Edelman, a Harvard University Law School
student and an expert on spyware. "Kazaa comes with stuff because Gator
[Claria] pays $1 per install," Edelman said. "If that was [5 cents],
Kazaa would think of something else."
The adware money is also enticing to the thousands of small-business
owners who operate many of the affiliate Web sites, especially if the
site owner doesn't understand the technical details of how adware works,
said Anne Fognano of Leesburg, Va., who runs Clevermoms.com,
Cleverbabies. com and Cleverdads.com.
"People who are educated about the problem do the right thing, but there
are people who will run anything if it makes a buck," Fognano said.
But pay-per-install commissions are also fueling a scourge of sites that
execute drive-by downloads, depositing wares on users' computers without
warning or consent, said David Moll, CEO of anti-spyware company Webroot
Software, in Boulder, Colo. Drive-by-download sites use software
exploits, often targeting holes in Microsoft's porous Internet Explorer
browser, to push Java and ActiveX code to vulnerable machines, Moll said.
Often, those sites install software that is clearly malicious, such as
Trojan horse back-door programs, viruses and keyloggers. Just as often,
however, legitimate adware programs are part of the package,
anti-spyware experts say.
An analysis in April of one drive-by-download site showed how Java code
was used to silently install a gaggle of adware from 180Solutions and
its competitor, Integrated Search Technologies, including such
ad-delivery wares as 180Search Assistant, ISTbar, PowerScan and
SideFind, all without displaying end-user licensing agreements,
according to a post on Spywareguide. com by Jan Hertsens and Wayne Porter.
With networks of thousands or tens of thousands of affiliates, online
marketers said it's hard to stay on top of all sites distributing their
wares. That lack of oversight may already be breeding shadow networks of
corrupt affiliates, experts warn.
Roger Thompson, director of malicious-content research at Computer
Associates International Inc., of Islandia, N.Y., said he has noted the
appearance, in recent months, of complex networks of shell Web sites
that he believes are designed to pull in Web surfers from Internet
search engines and download malicious code.
The collections of hundreds or even thousands of registered Web domains,
which Thompson likens to "spiders' nests," all link to one IP address
that uses exploits, such as the Internet Explorer iFrame exploit, to
install malicious code, often with different bundles of programs each
day, he said.
Thompson said he believes that adware vendors are benefiting from the
drive-by downloads and that commissions from the adware vendors could be
channeled to shadowy, possibly criminal, groups that sponsor the Web
pages. "There are so many people involved, and the sites change so
often-with new partners every day-it's very hard to tell where it's all
going," he said.
Widespread distributions of adware and spyware pose a major problem for
companies in such regulated industries as financial services and health
care, said Webroot's Moll. "How can a financial services company be
compliant with [the] Gramm-Leach-Bliley [Act] if they have keyloggers on
their machines?" he asked. "How can a health care institution be
compliant with HIPAA [Health Insurance Portability and Accountability
Act] if they have Trojans?"
Executives at leading online marketing companies said their affiliate
agreements prohibit drive-by downloads or installations that aren't
specifically user-authorized. "I can tell you we have a strict set of
rules [about disclosure], and we're removing distributors who are found
to not be in compliance with our policies," said Direct Revenue's Maheu.
Direct Revenue said it has terminated contracts with six distributor
partners in the last 12 months, but it declined to name the partners,
citing "legal reasons."
180Solutions is policing its network of 7,000 to 10,000 affiliate sites,
according to Dan Todd, 180's president and co-founder, although the
company declined to list specific actions it has taken, aside from a
single July 2004 lawsuit against Aztec Marketing Solutions Ltd., which
accused the affiliate of using drive-by downloads.
But pressure from outside the adware industry is the most likely agent
of change in the spyware business. Two federal anti-spyware bills
covering certain installation, removal and monitoring behaviors, as well
as disclosure requirements, recently passed the U.S. House of
Representatives, and lawmakers are optimistic that some anti-spyware
legislation may be signed into law by year's end, according to Rep. Mary
Bono, R-Calif., who co-authored HR 29, also called the Spy Act.
Other players in the adware and spyware food chain are also taking steps
to cut down on the prevalence of the programs. Commission Junction Inc.,
a 70,000-member Web site affiliate network based in Santa Barbara,
Calif., recently banned 180Solutions affiliates from its network and
told members they could not distribute third-party software without
explicit approval from Commission Junction, according to company officials.
LinkShare Corp., another affiliate marketing network, is also asking
affiliates to reapply so that their sites can be vetted, said Shawn
Collins of Summit, N.J., an authority on affiliate networking. Still, IT
administrators are skeptical that new laws and pressure from advertisers
will make much of a difference when it comes to ending the spyware and
adware problem. "As with spam, a lot of this stuff comes from overseas,"
said Family Credit's Beard. "You can't really legislate what's going on."
Administrators are looking to other means, such as anti-spyware software
and switching from such vulnerable platforms as Windows and IE. At the
University of Toledo, in Ohio, for example, administrators are
encouraging use of browsers other than IE and are evaluating Apple
Computer Inc.'s new Apple Mini for no other reason than to end spyware
infections, said Joe Sawasky, interim CIO at the university.
Beard said he is exploring the use of the Firefox browser at his
organization. "I don't really know if there's a big fix. As long as
people keep writing software to get around what's out there trying to
block it, there will always be new problems," he said.
Copyright (c) 2005 Ziff Davis Media Inc. All Rights Reserved.
* Do Google Ads help fund Spyware -
* We Need a Spyware Law =
* A drive by site taps an exploit to infect PC's with malware -
* Advertisers Leery of Marketers Methods -
* Larry Seltzer's Security Weblog - http://blog.ziffdavis.com/seltzer
PS. Vance, I had similar problems but found that it was just a virus
that had shut off the Norton and passed by the Zone Alarm. There are
several viruses out there that operate in that manner. The first time
your virus program fails to update, it is time to do a scan to see if
something has invaded your machine. Remember, just because you have
contracted a virus, does not mean that it has actually executed it's
"run" files yet. Being observant about your machine may keep you from
being further infected and allow you to get rid of the virus before it
can do more damage. The same is somewhat true of malware, in that if you
notice a slowing down of programs, it is a good time to run a full scan
of your system. In my opinion, there are some malware or spywares, that
are more difficult to get rid of than viruses. And further, according to
the article above, there are folks out there that are being paid to
sabotage your machine...so be careful of where you go, what you read and
for sure, what you download.
I will probably regret saying this but, if a software is not listed at
the opensource website, and it is free, then there is a very good chance
that it is carrying a malware. If you choose to still download, be sure
your anti virus and anti-malware programs are in place and are running.
Some that is free and looks that good , is probably not free at all.
> You can have a look at this pageFor more information:
> But I haven't really checked into the free stuff since a couple of
> years ago.
> I use Norton Internet Security firewall and antivirus now.
> Worth the money I think.
> I lost a hdd recently to a combination Zone Alarm and McAfee.
> Something got in and switched ZA off. Whatever it was also prevented
> us from updating our spyware. Not sure which program was on duty at
> the time but I've dismissed them both.
> ----- Original Message -----
> From: pgreenleaf <op112698d@...>
> Date: Thursday, June 30, 2005 10:45 am
> Subject: [evonline2002_webheads] antivirus, etc
> > Hurray! Success with the email to the group!
> > I had been trying to ask or an opinion about antivirus. I'm trying
> > to decide between Panda and Norton, and have one or two others to
> > look at. any advice? I run XP home edition and often don't come
> > online for a week (from home) so have to remind myself to the
> > antivirus updates... I don't suppose there is any worthwhile
> > antivirus for free is there.
> > Paddy
> > [Non-text portions of this message have been removed]
> > For more information:
> > When replying to postings, please delete this footer and any other
> > extraneous text from the reply - Thanks!!plying to postings,
> > please delete this footer and any other extraneous text from the
> > reply - Thanks!!
> > Yahoo! Groups Links
> For more information:
> When replying to postings, please delete this footer and any other
> extraneous text from the reply - Thanks!!plying to postings, please
> delete this footer and any other extraneous text from the reply -
> YAHOO! GROUPS LINKS
> * Visit your group "evonline2002_webheads
> <http://groups.yahoo.com/group/evonline2002_webheads>" on the web.
> * To unsubscribe from this group, send an email to:
> * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
> Service <http://docs.yahoo.com/info/terms/>.
When replying to postings, please delete this footer and any other extraneous text from the reply - Thanks!!plying to postings, please delete this footer and any other extraneous text from the reply - Thanks!!
Yahoo! Groups Links
[Non-text portions of this message have been removed]