Forgot your password?
typodupeerror
Security

McAfee lists Adware in Top 10 Viruses 272

Posted by CmdrTaco
from the calling-a-spade-a-spade dept.
joelethan writes "In the new sensitive, caring world of Windows security McAfee Virusscan detects adware/malware, just like its competitors. A surprising consequence is that the McAfee's Regional Virus Info now regularly shows adware in its infection top ten. It feels so good to see old favorites like 180Search and DFC listed. "Now for your listening pleasure it's Adware.Gator at number 7 with a bullet..." "
This discussion has been archived. No new comments can be posted.

McAfee lists Adware in Top 10 Viruses

Comments Filter:
  • Tums! (Score:4, Funny)

    by HackHackBoom (198866) * on Friday September 17, 2004 @08:13AM (#10275672) Journal
    ADWare is actually a secret conspiracy from the guys who make tums to capture a whole new generation of geeks..

    Geek: "Helpdesk, how can I help you?"

    Hapless Worker Drone: "I have all these funny ads that keep popping up!"

    Geek: "Did you install that nifty new weather bug, or that 'Gator' thing?"

    Hapless Worker Drone: "I didn't install anything! This is your fault! You guys are supposed to protect us!"

    Geek: "See that socket over there? It's the automatic anti human virus protecter, stick your finger in and call me in an hour"
    • Re:Tums! (Score:2, Insightful)

      by Anonymous Coward
      Apart from the last line, that is precisely what I do all day. It's very painful.
      • Re:Tums! (Score:3, Funny)

        by H8X55 (650339)
        Me too.
        And it's only getting worse.
        The other day a fellow network tech here at my new job mentioned he had to de-spyware his own pc as it was getting absolutely over-run with browser hijackers, spyware, and the ilk.. We've all gotten something we didn't want before, but his laptop is as bad as some of our worst offendrs'.
        I quietly told him not to mention that to anyone else, and gave him the url for mozilla.
    • by Alien54 (180860)
      I can just see these folks who write these things sputtering, "but we are legitimate business men! Just ask any of our friends, like vinny here"

      seriously, I wonder how long it is before they sue mcafee and others, just because of this point they want to make. Not that anyone will believe them.

      I actually came across one that had an unistall utility, complete with a massive EULA for this uninstaller [look2me.com], and a license key for the uninstaller, which is emailed to you, if you decide to actuaslly trust them (descri [kephyr.com]

      • The EULA is scary (but honest I suppose):
        "I understand and agree the software product will modify, remove, and add entries to my computer operating system, network parameters, and other installes files that will change the prior default settings, and/or install software from third parties without user intervention, and/or to install software to display electronic advertisements and third party web pages of every kind and nature and/or monitor my actions and report them to the company and/or undisclosed th
  • Claria... (Score:3, Funny)

    by Staos (700036) on Friday September 17, 2004 @08:14AM (#10275677) Journal
    Uh-oh! They'll get sued by Claria!
    • by JaffaKREE (766802) on Friday September 17, 2004 @08:16AM (#10275694)
      I know not of this "Claria" company, but they sound like a bunch of upstanding folks. Not like those Gator bastards... man I'd like to see them strung up. Hooray for Claria !

      • Re:Claria... (Score:5, Insightful)

        by LostCluster (625375) * on Friday September 17, 2004 @08:29AM (#10275788)
        Companies that change names to a made-up word usually need to be given a closer look... they usually have soiled their first name so badly they can't use it anymore.
        • As is precisely the case with Gator/Claria, but you probably already knew that (other readers mightn't, though).
        • Re:Claria... (Score:5, Interesting)

          by magefile (776388) on Friday September 17, 2004 @09:21AM (#10276216)
          What was it Phillip Morris (Tobacco co.) changed its name to? Altria?

          This is also a common practice in the adapted (as in, for the disabled) vehicle industry; most (not all) vendors do crappy work, overcharge, then change their names and/or move/disincorporate/reincorporate every few years to avoid bad PR and lawsuits. It's a very disgusting industry. And if you want to be independent, there's no real choice - it's them or nothing.
  • by Anonymous Coward on Friday September 17, 2004 @08:15AM (#10275680)
    1) Switch to better web browser that dosen't have activeX spyware infecting it [spreadfirefox.com]
    2)Destroy spyware [lavasoftusa.com]
    3)Switch to a secure operating system. [mandrake.com]
    4) ???
    5) Profit, by not having to waste time with viruses!
  • Gator is at number 4 (Score:5, Informative)

    by LiquidCoooled (634315) on Friday September 17, 2004 @08:16AM (#10275685) Homepage Journal
    However, Netsky still completely wipes the floor with the adware. Over 10 times as many instances of Netsky were discovered than Gator.
  • It's about time... (Score:5, Interesting)

    by Pig Hogger (10379) <`moc.liamg' `ta' `reggoh.gip'> on Friday September 17, 2004 @08:16AM (#10275688) Journal
    But when will the financial geniuses at Symantec decide to start exacting a "fee" to spyware vendors to remove their malware from the list????
  • USE THESE (Score:5, Informative)

    by RenHoek (101570) on Friday September 17, 2004 @08:17AM (#10275698) Homepage
    Because there are still people who don't know:

    Ad-Aware [lavasoftusa.com]
    Search & Destroy [safer-networking.org]

    To keep your pc running fast and without too many crashes..
    • Unfortunately... (Score:2, Insightful)

      by Kjella (173770)
      ...I think you're preaching to the choir. If we're going to make a difference, it would be "Force a (l)user to use these:"
    • And this... (Score:5, Informative)

      by garcia (6573) * on Friday September 17, 2004 @08:30AM (#10275800) Homepage
      While not exactly *required* as AdAware and SpyBot are it is certainly a nice addition to the list.

      SpywareBlaster [javacoolsoftware.com]

      I would have posted AC to avoid the karmawhoring but Slashdot isn't allowing my subnet to post anonymously anymore. So blame them for the "Continual Karmawhoring".
    • Re:USE THESE (Score:2, Informative)

      by CheechBG (247105) *
      *ahem*

      HijackThis. End of story.

      http://www.downloads.subratam.org/hijackthis.zip
    • And a good hosts file. You catch a joker that does not know better, just slap the pocket blacklist in his system and explain what you did and why, they'll get the point.

      http://www.pelicancoast.net/~nighthawke/hosts.z i p

      There are other hosts files out there, but this one i'm making every effort to keep up to date with the latest addresses of the bad boys.

      Oh and run spybot and ad-aware.

      Not to mention EDUCATION! They won't listen, then they will sit there and suffer because you said "I told you so" and nai
  • by Anonymous Coward on Friday September 17, 2004 @08:18AM (#10275709)
    I have just upgraded to Enterprise 8.0i at work to test it out and I am very impressed with it. Good scanning times as well as some handy features like Buffer Over Flow protection. McAfee may have crappy home user products but the corporate stuff is top stuff!
  • by kawika (87069) on Friday September 17, 2004 @08:21AM (#10275731)
    It's not spyware [slashdot.org], it's a virus! McAfee says so.
  • About time... (Score:5, Interesting)

    by salvorHardin (737162) <adwulf@gmai[ ]om ['l.c' in gap]> on Friday September 17, 2004 @08:27AM (#10275776) Journal
    ..it was recognised for what it is. Here, in the UK, such software falls foul of the Computer Misuse Act (which is due for an update). Personally, I already spend far too much time removing Adware [wikipedia.org], Spyware [wikipedia.org], BHOs, et cetera from Windows machines, especially at one site, where they seem to actually think CoolWebSearch [bbc.co.uk] really is cool.
    • Re:About time... (Score:2, Interesting)

      by joelethan (782993)
      I submitted this story with glee. While Adware, Spyware and BHOs do seem to break the terms of the (UK) Computer Misuse Act I don't see anyone being prosecuted. Would you care to join me in a test case http://slashdot.org/~salvorHardin [slashdot.org]? I'm sooo up for this.

      It was no idle talk. I have given so much of my precious free time to bail friends (and, yes, myself) out of the Adware trap.

      Oh yes, I'm feeling mighty litigious! /JE

  • good move/about time (Score:5, Interesting)

    by Chuck Bucket (142633) on Friday September 17, 2004 @08:27AM (#10275779) Homepage Journal
    This is a good move, currently I'm helping my mom's next door neighbor trouble shoot her Dell...1000 miles away! My mom has dial up, but her computer is just chocked by viruii and adware. She's new to the internet, so she thinks if she just does whatever she'll be ok.

    Also, the McAfee trial she was using didn't catch much, I suppose she didn't have updated pattens, but with a dial up, is it possible/easy to get updates?

    I'm leaning on her to get Broadband, and then let me put Linux on that Dell...

    CB_)EW____>>>
    • but with a dial up, is it possible/easy to get updates?

      Yes. I did it yesterday over a 33.6k dial-up link, so I don't see what the problem for most people would be - especially with Service Pack 2 to remind them.
  • The way Gator tries to install is absolutely unacceptable. I really think that it should be stopped, one way or another.


    Claria sounds like some sexual desease.

  • by h00manist (800926) on Friday September 17, 2004 @08:39AM (#10275866) Journal
    Magic Lantern, carnivore, omnivore...

    So how do you keep the feds from snooping [theregister.co.uk] you?

  • ...Other than malware/Adware starts with a team of lawyers on staff, where as virus writers don't get a lawyer until after they are busted.

    And while most malware may not be self replicating, it does have viral components in that it is predatory non-living creature that lives off its host. And good malware, like a good virus goes undetected. Cheating the system of confidentiality and resources. Sending it's host to places that suit it, and exploit the host.

    Does it really matter that they aren't totally se
  • Prosecution? (Score:5, Interesting)

    by Renraku (518261) on Friday September 17, 2004 @08:52AM (#10275987) Homepage
    Could companies be prosecuted for exploiting bugs and vulnerabilities to install their garbage on people's machines? I don't know how many reinstalls I've went through, forgot to turn off the fifteen different settings in IE, and ended up with webpages spamming my desktop and taskbar as hard as they could by going to a seemingly harmless website, or mistyping the name of a popular website.

    I recently fixed someone's computer that had so much spyware, it was running like a 66MHz machine on Windows 98SE. They were using a 2.5GHz with 512MB of RAM. The start button would take three seconds of griding to hit, and hitting it made three or four spam windows pop up, mostly about gambling, porn, or pills.
    • About the changing all the IE settings, just install Spybot, update it and click Immunize. This automagically blocks bad activex downloads, so that dumbass users never have the chance to click yes on activex controls.
      • I find that installing The Proxomitron and aggressively filtering works a lot better for me. Since it's insanely customizable and processes everything BEFORE it gets to the browser, you can even prevent exploits while waiting for a patch so long as you know part of the code used to do them.
    • And then people doubt 12% "reboots rate" of WinXP.
  • Symantec NAV certainly doesn't detect any Adware/Malware/SPYWARE. That would be their biggest competitor in the anti-virus market, after all.
  • by dpbsmith (263124) on Friday September 17, 2004 @09:18AM (#10276186) Homepage
    I wonder how much money McAfee spent in legal advice before doing this... I wonder how long before the spyware vendors sue, saying that their software performs a valuable service, as shown by the fact that users deliberately and knowingly install it...
    • I'm sure some spyware vendor has or will try this, but I think they would have an extremely uphill battle. For example, there are products that remove spray paint from surfaces, and I've never heard of them being sued by paint manufacturers. OK, maybe that wasn't the best example, but nobody is under any obligation to allow spyware to be installed on a machine. That would be like trying to sue Microsoft for having access control built into the OS to keep software from doing things it is not authorized to do
    • as shown by the fact that users deliberately and knowingly install it...

      Just like they did with their anti-virus software, and they also told it to go ahead and delete the crap.
  • by drc500free (472728) on Friday September 17, 2004 @09:20AM (#10276202)
    Joe Six-Pack is finally getting a sense for these things, which is a great step. I recently started working for a net marketing company, and I'm amazed by the volume of flaming emails we get from people across the country saying that they will take us to court when they find the single cookie we put on their machine. There is also a lot of talk of pushing their congressmen to make our 'spyware' actions illegal.

    I love this. It would be nice if people were more educated on this (and knew the difference between a viral program and an inert string of text that they have set their browser to allow), but it's a huge start. Detecting these programs as viruses is wonderful - it raises awareness levels. And the first step to legislation is enough people telling their congressmen. Remember, a phone call or letter is worth hundreds of constituient votes.

    Four years ago when I first came across Gator, I considered taking apart their offices with a bat and a black ski mask. But I lived on the wrong coast. Now I might finally see them go to jail some day, and their cell mates will do far worse things to some scrawny coders than I ever could. But that will only happen if you contact your congresscritter. So do it.
  • Spyware tech. (Score:3, Interesting)

    by Oriumpor (446718) on Friday September 17, 2004 @09:41AM (#10276385) Homepage Journal
    Is faster than Spyware removal tech.

    An instance on a system I was removing spyware from was so infested that no matter what I did I could not remove it. Adaware/Spybot could not remove it. The user in question happened to frequent weatherbug et. al so had the latest and greatest spyware. Now in my situation our upline is blocking spyware sites as they find them.

    What ended up happening is, our busy spyware installer guy put found a site that wasn't blocked and installed the latest and greatest. Soon thereafter his browser stopped taking him anywhere. Our upline was blocking all requests his browser made because they were all being superceded by the spyware address.

    I download all of the newest updates, nada. I speculate that it may be a newer spyware/adware infecting his system and offer him a reimaging of his station, or waiting a day to see if there is a fix. One day goes by, no fix. I spare his system out and give him a replacement while I image his old one. Well the system sits for a while, and eventually I get back to it (4 days after the initial problem.) I figure, hell I'll run Adaware again. Update...scan... remove... reboot... scan...remove... and finally the spyware is removed.

    The moral of this story is use Firefox.
    • Usually if someone has new.net, or anotehr TCP/IP stack dropin, and you remove it using spybot, adaware, etc, instead of Add/Remove programs, you have to completely rebuild the TCP stack.

      Possibly newer versions of ad aware do this for you?
  • by H8X55 (650339) <jason...r...thomas@@@gmail...com> on Friday September 17, 2004 @09:42AM (#10276397) Homepage Journal
    I figured you guys would love this...

    The firm i worked at up until recently decided to do some "sponsored marketing" thru Claria/Gator. I tried to preach their evils to the marketing department, but my protesting fell on deaf ears. A few weeks later, one of the marketing folks called me into his office because he was having terrible troubles with I.E. Turns out, as expected his lappie was riddled with spyware, w/ Gator/Claria products being the chief offender. When he asked what the major problem was, and I showed him the ad-aware, hijack this, and spybot entries w/ gator/claria all over them - i think he finally realized. The initial short term advertising contract wasn't renewed, or so i hear.

    If more comapnies knew how bad these apps are, and what problems they created, maybe they wouldn't want their services and products advertised in this manner.
  • Adware is the name of a company in Louisville Kentucky who does a good job providing accounting services to the advertising and public relations industry

    Can we use "scum-ware" instead? I've worked with the guys at Adware the company and they're nice people.
  • about ing time (Score:2, Interesting)

    by lee n. field (750817)

    But does McAfee do anything effective with them? How about McAfee Corporate (good) vs. the home user version (ukkkk!)?

    The latest Norton (2004) detectes malware, but doesn't seem to do anything effective about it.

    The best prevention is good surfing habits, and giving most Windows users no rights at all to install stuff.

  • /.

    Two products we have fully implemented that have helpded (no Mandrake/Firefox comments please heh)

    1. Trend Micro Office Scan 6.5 (new version) It caught all the Trojans and malware, left most of the adware

    2. Spysweeper Enterprise - This put the -smack- down on every little piece of adware and malware...very impressive.

    If you are stuck with M$ this will help alot - both products are centrally managed and controlled...I dont work for either, but you can get on top of the virus/malware pain. We had som
  • by NIN1385 (760712) on Friday September 17, 2004 @10:12AM (#10276642)
    When is somebody going to step up to the plate and sue these companies for defacing personal property? They get away with it every day and there are laws against it. Plain and simple they are destroying people's property without their permission, at least not any signatures that would hold up in court. All it will take is for one company to sue these companies, and others will follow...at least our company will!
  • Adware/Malware (Score:5, Interesting)

    by bannerman (60282) <bannerman@rocketmail.com> on Friday September 17, 2004 @10:24AM (#10276739)
    The problem with Adware/Spyware/whatever isn't so much the invasion of privacy part. After all, in most cases, you did click accept at some point. That's what happens when you need your pr0nzor or bikini calendar so much that you don't care where it comes from, you deserve it. The problem is the lousy implimentation of the invasion of privacy.

    I helped a friend diagnose his constantly crashing computer remotely one time and found that he had over 18,000 individual copies of some type of CoolWeb in his Windows\System folder.

    The real problem isn't with New.net hijacking and sending people to other domains; the real problem is when their software breaks and you can't use any TCP/IP related applications until you find someone with some technical know-how to fix it.

    These bastards should be liable for this sort of thing. Actually, they probably are.
  • by Deathlizard (115856) on Friday September 17, 2004 @10:58AM (#10277135) Homepage Journal
    Mcafee is starting to mark adware/spyware as viruses.

    Great!

    Now make an AV app that effectively removes them when it's detected.

    Right now, not one virus scanner cleans adware/spyware effectively. You always need to use either spybot or adaware to get rid of it for good. The reason for this is simply because every antivirus firm uses scanning techniques dated from the DOS era to scan and remove this stuff.

    If you work for symantec, or mcafee, or any other AV firm for that matter, pleast drill it in your AV scanning division that the Windows Registry Must be scanned for viruses/adware/spyware entries First then all the files on the system. Then once it's found, remove all traces of it including folders, leftover installer files and temp files. I've seen spyware and adware that is just about impossible to remove unless you scour the entire registry for any possible method of entry, then scour the drive for installers that will reinstall it if it's removed. That is why adaware and spybot are so effective at removing this stuff. it removes it from executing and gets it all on the next restart.

    Lavasoft Ad-aware is better at removing even some common viruses than most virus scanners today. It's almost second nature that you have to get a "Virus Cleaner" to remove viruses for some AV scanners that adaware removes on the first try.

    Until AV firms understand that the registry is just as important to scan as the files, they will never be effective in removing these threats. Dont think that Virus writers aren't looking at these techniques these spyware groups are using to get around you guys and aren't implementing these techniques in their next virus.
  • by Zaphod-AVA (471116) on Friday September 17, 2004 @11:05AM (#10277215)
    The abusive, obtuse, and broad EULA's that people click on without reading make it extremely difficult to deal with these companies. Here is one great way we should consider.

    1)Make a copy of their agreement, and replace "The cool thing we say we do" with "Free pizza for the office"

    2)Replace "We get to infest your machine with junk" with "We get to tar and feather you and put pictures on the internet"

    3)Get together a bunch of cheese pizzas and head to their office. Get them to sign the modified agreement for delivery.

    4) Proceed to tar and feather the person that signed for the pizza, and share the fantastic photos on the internet.

    Remember, it's not assault, it's marketing they agreed to in the license. The beauty of it is that if they fight it, they fight their own agreement, and we can use anything they do to get them to be responsible for the *hundreds of millions of dollars* of damage they have caused to innocent people's computers.

    -Z

You don't have to know how the computer works, just how to work the computer.

Working...