Loading ...
Sorry, an error occurred while loading the content.

RE: [evonline2002_webheads] antivirus, etc

Expand Messages
  • pgreenleaf
    Thank you Webheads for the very well informed and varied answers to my inquiry. Will tell you what I decide on! Have already got the Adaware - anti-spyware,
    Message 1 of 6 , Jul 1, 2005
    • 0 Attachment
      Thank you Webheads for the very well informed and varied answers to my inquiry. Will tell you what I decide on! Have already got the Adaware - anti-spyware, thanks Teresa.
      Elderbob, thanks also for the artucle will read when I get a mo'.
      All the best,
      Paddy

      ________________________________

      From: evonline2002_webheads@yahoogroups.com on behalf of elderbob
      Sent: Thu 30/06/2005 20:48
      To: evonline2002_webheads@yahoogroups.com
      Subject: Re: [evonline2002_webheads] antivirus, etc



      Since much of this thread has had to do with malware, I thought I would
      send this on. I copied this from a subscribed newsletter, so I am
      probably breaking several copyright laws by copying this article and
      printing it here, but I am going to give my source and I left the
      copyright notice intact. I think it is a very thoughtful and
      informatiive read and one that everyone needs to take a look at.

      The article is from www.eweek.com. You are welcome to go there and sign
      up for their free newsletter and have it deliverd in print or on the
      net. There are also several RSS feeds from the same site. Here is the
      article:
      ---------------------------------------------------------------------------------------------

      *The Many Faces of Spyware*
      June 21, 2005

      By Paul F. Roberts

      They have innocuous-sounding names-ShopAtHomeSelect, CoolWebSearch,
      Searchex, IEDriver-and are called many things: spyware, adware, scumware
      or the euphemistic PUPs (for "potentially unwanted programs"). But
      there's no disputing that, by any label, programs that monitor users'
      online behavior, legally or illegally, are a big business and a big
      headache for computer users and IT administrators.

      Spyware is a $2 billion-a-year industry, according to Webroot Software
      Inc., judging from rough estimates of the number of adware installations
      and the amount of money generated by each installation. It's an industry
      girded by business relationships that tie legitimate advertisers to
      online marketing companies, small application vendors, Web site
      operators and shadowy online groups with iniquitous ties. The industry
      is a Wild West of aggressive marketing, loose oversight and big
      profits-all flowing from consumer behavior and the surreptitious
      programs that track, mine and shape that behavior.

      A drive-by site taps an exploit to infect PCs with malware. _Click here_
      to read more.

      Cleaning up the spyware economy will be a challenge, experts say.
      Enterprises face an explosion of spyware and adware that threatens
      compliance efforts and intellectual property. As with anti-spam
      legislation, anti-spyware laws working their way through Congress won't
      fix the problem by themselves. While regulators and the high-tech
      industry seek solutions, organized online crime groups are using spyware
      to fuel an epidemic of identity theft and online fraud.

      At Family Credit Counseling Service, in Rockford, Ill., spyware became a
      big problem in the last 12 months, said Joshua Beard, a technical
      support specialist at the nonprofit organization, which provides
      financial counseling services to individuals.

      "It started with those little search bars that come up, which were an
      annoyance more than anything," Beard said. The problem escalated into a
      major IT headache in the last six months, as the spyware and adware
      infections multiplied and began causing more damage.

      eWEEK's Editorial Board claims we need a spyware law. _Click here_ to
      read its view.

      Technicians for the San Lorenzo Unified School District, in California,
      had a similar story, said Art Cipriano, director of IT. "We were
      continuously receiving work orders to fix slow computers and getting
      panic calls of pop-ups taking over computers," Cipriano said. "Many
      times, [the computers] were so severely infected we ended up just
      [reformatting] them."

      About one-third of application crashes reported to Microsoft Corp., in
      Redmond, Wash., are caused by spyware, according to Brendan Foley,
      senior product manager of Microsoft's Windows Antispyware group.

      How does spyware make its way onto all those networks? IT staff at most
      organizations that have had to battle the pernicious programs, including
      Family Credit and SLUSD, admit that they don't know.

      Spyware is typically distributed with other programs in installation
      bundles, such as freeware and computer games. Those bundles might be
      downloaded directly from an adware vendor's Web site or from an
      affiliate Web site, experts say.

      Advertisers recoil from dubious online marketing tactics. _Click here_
      to read more.

      Direct Revenue LLC, of New York, an online marketing company, has more
      than 20 million installations of its three ad programs-Aurora, Ceres and
      SolidPeer-mostly through bundling arrangements with P2P (peer-to-peer)
      software and "a slew" of other consumer programs, such as instant
      messaging smiley-face enhancements, Web browser tool bars, and clock and
      weather programs, downloaded from Direct Revenue affiliate sites,
      according to J.P. Maheu, Direct Revenue's CEO.

      Claria Corp., in Redwood City, Calif., also an online marketer, had
      software running on 40 million desktops at the end of last year,
      according to Reed Freeman, Claria's chief privacy officer.

      Bundling relationships benefit both sides. Application vendors such as
      Kazaa P2P maker Sharman Networks Ltd. collect fees from adware vendors
      for each installation, and adware vendors, such as Claria, ride the
      popularity of the third-party software onto users' PCs.

      Adware and spyware bundling deals are often too good to ignore, even for
      companies that might look askance at helping to distribute spyware and
      adware programs, said Ben Edelman, a Harvard University Law School
      student and an expert on spyware. "Kazaa comes with stuff because Gator
      [Claria] pays $1 per install," Edelman said. "If that was [5 cents],
      Kazaa would think of something else."

      The adware money is also enticing to the thousands of small-business
      owners who operate many of the affiliate Web sites, especially if the
      site owner doesn't understand the technical details of how adware works,
      said Anne Fognano of Leesburg, Va., who runs Clevermoms.com,
      Cleverbabies. com and Cleverdads.com.

      "People who are educated about the problem do the right thing, but there
      are people who will run anything if it makes a buck," Fognano said.

      But pay-per-install commissions are also fueling a scourge of sites that
      execute drive-by downloads, depositing wares on users' computers without
      warning or consent, said David Moll, CEO of anti-spyware company Webroot
      Software, in Boulder, Colo. Drive-by-download sites use software
      exploits, often targeting holes in Microsoft's porous Internet Explorer
      browser, to push Java and ActiveX code to vulnerable machines, Moll said.

      Often, those sites install software that is clearly malicious, such as
      Trojan horse back-door programs, viruses and keyloggers. Just as often,
      however, legitimate adware programs are part of the package,
      anti-spyware experts say.

      An analysis in April of one drive-by-download site showed how Java code
      was used to silently install a gaggle of adware from 180Solutions and
      its competitor, Integrated Search Technologies, including such
      ad-delivery wares as 180Search Assistant, ISTbar, PowerScan and
      SideFind, all without displaying end-user licensing agreements,
      according to a post on Spywareguide. com by Jan Hertsens and Wayne Porter.

      With networks of thousands or tens of thousands of affiliates, online
      marketers said it's hard to stay on top of all sites distributing their
      wares. That lack of oversight may already be breeding shadow networks of
      corrupt affiliates, experts warn.

      Roger Thompson, director of malicious-content research at Computer
      Associates International Inc., of Islandia, N.Y., said he has noted the
      appearance, in recent months, of complex networks of shell Web sites
      that he believes are designed to pull in Web surfers from Internet
      search engines and download malicious code.

      The collections of hundreds or even thousands of registered Web domains,
      which Thompson likens to "spiders' nests," all link to one IP address
      that uses exploits, such as the Internet Explorer iFrame exploit, to
      install malicious code, often with different bundles of programs each
      day, he said.

      Thompson said he believes that adware vendors are benefiting from the
      drive-by downloads and that commissions from the adware vendors could be
      channeled to shadowy, possibly criminal, groups that sponsor the Web
      pages. "There are so many people involved, and the sites change so
      often-with new partners every day-it's very hard to tell where it's all
      going," he said.

      Widespread distributions of adware and spyware pose a major problem for
      companies in such regulated industries as financial services and health
      care, said Webroot's Moll. "How can a financial services company be
      compliant with [the] Gramm-Leach-Bliley [Act] if they have keyloggers on
      their machines?" he asked. "How can a health care institution be
      compliant with HIPAA [Health Insurance Portability and Accountability
      Act] if they have Trojans?"

      Executives at leading online marketing companies said their affiliate
      agreements prohibit drive-by downloads or installations that aren't
      specifically user-authorized. "I can tell you we have a strict set of
      rules [about disclosure], and we're removing distributors who are found
      to not be in compliance with our policies," said Direct Revenue's Maheu.
      Direct Revenue said it has terminated contracts with six distributor
      partners in the last 12 months, but it declined to name the partners,
      citing "legal reasons."

      180Solutions is policing its network of 7,000 to 10,000 affiliate sites,
      according to Dan Todd, 180's president and co-founder, although the
      company declined to list specific actions it has taken, aside from a
      single July 2004 lawsuit against Aztec Marketing Solutions Ltd., which
      accused the affiliate of using drive-by downloads.

      But pressure from outside the adware industry is the most likely agent
      of change in the spyware business. Two federal anti-spyware bills
      covering certain installation, removal and monitoring behaviors, as well
      as disclosure requirements, recently passed the U.S. House of
      Representatives, and lawmakers are optimistic that some anti-spyware
      legislation may be signed into law by year's end, according to Rep. Mary
      Bono, R-Calif., who co-authored HR 29, also called the Spy Act.

      Other players in the adware and spyware food chain are also taking steps
      to cut down on the prevalence of the programs. Commission Junction Inc.,
      a 70,000-member Web site affiliate network based in Santa Barbara,
      Calif., recently banned 180Solutions affiliates from its network and
      told members they could not distribute third-party software without
      explicit approval from Commission Junction, according to company officials.

      LinkShare Corp., another affiliate marketing network, is also asking
      affiliates to reapply so that their sites can be vetted, said Shawn
      Collins of Summit, N.J., an authority on affiliate networking. Still, IT
      administrators are skeptical that new laws and pressure from advertisers
      will make much of a difference when it comes to ending the spyware and
      adware problem. "As with spam, a lot of this stuff comes from overseas,"
      said Family Credit's Beard. "You can't really legislate what's going on."

      Administrators are looking to other means, such as anti-spyware software
      and switching from such vulnerable platforms as Windows and IE. At the
      University of Toledo, in Ohio, for example, administrators are
      encouraging use of browsers other than IE and are evaluating Apple
      Computer Inc.'s new Apple Mini for no other reason than to end spyware
      infections, said Joe Sawasky, interim CIO at the university.

      Beard said he is exploring the use of the Firefox browser at his
      organization. "I don't really know if there's a big fix. As long as
      people keep writing software to get around what's out there trying to
      block it, there will always be new problems," he said.

      Copyright (c) 2005 Ziff Davis Media Inc. All Rights Reserved.

      Additional reads:

      * Do Google Ads help fund Spyware -
      http://www.eweek.com/article2/0,1759,1825983,00.asp
      * We Need a Spyware Law =
      http://www.eweek.com/article2/0,1759,1827950,00.asp
      * A drive by site taps an exploit to infect PC's with malware -
      http://www.eweek.com/article2/0,1759,1829174,00.asp
      * Advertisers Leery of Marketers Methods -
      http://www.eweek.com/article2/0,1759,1829175,00.asp
      * Larry Seltzer's Security Weblog - http://blog.ziffdavis.com/seltzer

      ------------------------------------------------------------------------------------
      elderbob

      PS. Vance, I had similar problems but found that it was just a virus
      that had shut off the Norton and passed by the Zone Alarm. There are
      several viruses out there that operate in that manner. The first time
      your virus program fails to update, it is time to do a scan to see if
      something has invaded your machine. Remember, just because you have
      contracted a virus, does not mean that it has actually executed it's
      "run" files yet. Being observant about your machine may keep you from
      being further infected and allow you to get rid of the virus before it
      can do more damage. The same is somewhat true of malware, in that if you
      notice a slowing down of programs, it is a good time to run a full scan
      of your system. In my opinion, there are some malware or spywares, that
      are more difficult to get rid of than viruses. And further, according to
      the article above, there are folks out there that are being paid to
      sabotage your machine...so be careful of where you go, what you read and
      for sure, what you download.

      I will probably regret saying this but, if a software is not listed at
      the opensource website, and it is free, then there is a very good chance
      that it is carrying a malware. If you choose to still download, be sure
      your anti virus and anti-malware programs are in place and are running.
      Some that is free and looks that good , is probably not free at all.

      vstevens@... wrote:

      > You can have a look at this page
      > http://www.vancestevens.com/weirdos.htm
      >
      > But I haven't really checked into the free stuff since a couple of
      > years ago.
      >
      > I use Norton Internet Security firewall and antivirus now.
      > Worth the money I think.
      >
      > I lost a hdd recently to a combination Zone Alarm and McAfee.
      > Something got in and switched ZA off. Whatever it was also prevented
      > us from updating our spyware. Not sure which program was on duty at
      > the time but I've dismissed them both.
      >
      > Vance
      >
      >
      > ----- Original Message -----
      > From: pgreenleaf <op112698d@...>
      > Date: Thursday, June 30, 2005 10:45 am
      > Subject: [evonline2002_webheads] antivirus, etc
      >
      > > Hurray! Success with the email to the group!
      > > I had been trying to ask or an opinion about antivirus. I'm trying
      > > to decide between Panda and Norton, and have one or two others to
      > > look at. any advice? I run XP home edition and often don't come
      > > online for a week (from home) so have to remind myself to the
      > > antivirus updates... I don't suppose there is any worthwhile
      > > antivirus for free is there.
      > > Paddy
      > >
      > >
      > >
      > > [Non-text portions of this message have been removed]
      > >
      > >
      > >
      > > For more information:
      > >
      > http://www.geocities.com/vance_stevens/papers/evonline2002/webheads.htm
      > >
      > > When replying to postings, please delete this footer and any other
      > > extraneous text from the reply - Thanks!!plying to postings,
      > > please delete this footer and any other extraneous text from the
      > > reply - Thanks!!
      > > Yahoo! Groups Links
      > >
      > >
      > >
      > >
      > >
      > >
      > >
      >
      >
      > For more information:
      > http://www.geocities.com/vance_stevens/papers/evonline2002/webheads.htm
      >
      > When replying to postings, please delete this footer and any other
      > extraneous text from the reply - Thanks!!plying to postings, please
      > delete this footer and any other extraneous text from the reply -
      > Thanks!!
      >
      >
      > ------------------------------------------------------------------------
      > YAHOO! GROUPS LINKS
      >
      > * Visit your group "evonline2002_webheads
      > <http://groups.yahoo.com/group/evonline2002_webheads>" on the web.
      > * To unsubscribe from this group, send an email to:
      > evonline2002_webheads-unsubscribe@yahoogroups.com
      > <mailto:evonline2002_webheads-unsubscribe@yahoogroups.com?subject=Unsubscribe>
      > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
      > Service <http://docs.yahoo.com/info/terms/>.
      >
      >
      > ------------------------------------------------------------------------
      >



      For more information:
      http://www.geocities.com/vance_stevens/papers/evonline2002/webheads.htm

      When replying to postings, please delete this footer and any other extraneous text from the reply - Thanks!!plying to postings, please delete this footer and any other extraneous text from the reply - Thanks!!
      Yahoo! Groups Links










      [Non-text portions of this message have been removed]
    Your message has been successfully submitted and would be delivered to recipients shortly.