Why are people posting about spyware and adware in alt.comp.virus?
Sammi More
very many posts dealing with viruses and worms anymore. Instead, I see
many posts dealing with spyware and adware; neither of which are
viruses. Perhaps, someone could enlighten me as to why the sudden rush
of support required here? Did alt.comp.virus change to
alt.comp.spywareadwarevirus and I didn't know it?
Almost all spyware hunting programs have support forums where you
should be posting this material. This newsgroup was for the discussion
of viruses, whether it be prevention and/or creation. Spyware does not
qualify as a virus! :-(
Would you please kindly, stop posting HiJackthis logs here? Thank
you kindly!
_Vanguard_
wrote in news:1e7b957.04081...@posting.google.com:
Users that suspect spyware is their problem tend to post all over. For
example, http://snipurl.com/8csd is an example of a user posting a
spyware question to hacker and extreme programming groups. You have
them posting in [anti-]virus and [anti-]spam groups, in security groups,
and in e-mail groups. Pick a group related to anything about software,
hardware, or computers and they'll probably post a spyware question to
it.
--
__________________________________________________
*** Post replies to newsgroup. Share with others.
(E-mail: domain = ".com", add "=NEWS=" to Subject)
__________________________________________________
kurt wismer
guess what - whenever something goes wrong on a computer people
immediately suspect the problem is a virus and they come here... it's
therefore advantageous for us to learn to recognize and deal with
certain non-viral problems on top of the purely viral issues we
normally would deal with...
--
"maxwell can tell he's in hell
just wants you to visit him there
same old game that he's playin'
his rules are never fair"
David W. Hodgins
> I've come back from lurk mode to ponder this question. I don't see
> very many posts dealing with viruses and worms anymore. Instead, I see
> many posts dealing with spyware and adware; neither of which are
> viruses. Perhaps, someone could enlighten me as to why the sudden rush
> of support required here? Did alt.comp.virus change to
> alt.comp.spywareadwarevirus and I didn't know it?
As an unmoderated alt.* newsgroup, with no charter, by definition, anything
is on topic, provided it doesn't violate general usenet "rules" (i.e. spam, floods,
etc.). Killfiles work pretty well for anyone whose posts you don't want to read.
This has been discussed here before, although I can't seem to find the thread
in google right now. From what I remember, the general consensus among the
regular posters was that there are two main topics. Newbies looking for help
removing malware, and general chit chat among the regulars, sometimes involving
viruses (or even virii<BEG>). This is how I interpreted it of course, and I'm sure not
everyone here will agree with me<g>.
If we can answer their malware question here, it seems pointless to just redirect
them to another forum, or newsgroup. They do get redirected, usually to the
spyware forums, or to a forum/newsgroup specific to their software, when their
question isn't being answered here.
As to why spyware/adware and other trojan questions are currently more common
than virus/worm questions, that's simply because that's what, the people having
trouble, are coming here with.
Most newbies don't know the difference between a virus, worm, or trojan (including
ad/spy/spamware), and don't care, as long as the problem gets fixed. Once someone
has analyzed their problem enough to determine whether it's a virus, worm, spyware,
adware, spamware, or other trojan/malware, why not just tell the OP how to fix it,
rather then redirect them.
> Almost all spyware hunting programs have support forums where you
> should be posting this material. This newsgroup was for the discussion
> of viruses, whether it be prevention and/or creation. Spyware does not
> qualify as a virus! :-(
The Oct. 94 contol message used to create the group, states it was for the discussion of
viruses, and does not even specify pro or anti. Back then, trojans such as browser hijackers,
remote access tools, adware, spyware, spamware, email worms, chat worms, network
share spreaders, XP, etc., either did not exist, or were quite rare. You'll find very few boot
sector viruses spreading now. Malware has evolved, and the currently common topics of
this newsgroup have evolved with it.
I consider all malware on topic here, especially, as their is no charter/defined topic for the
newsgroup<g>.
> Would you please kindly, stop posting HiJackthis logs here? Thank
> you kindly!
This I do agree with. Not because the logs are off topic, but because they make searching
for info on specific program names, or registry keys, more difficult. Also, while most of
the regulars here can interpret the logs somewhat, the experts seem to stick to the spyware
forums.
Regards, Dave Hodgins
--
Change nomail.afraid.org to rogers.com to reply by email.
(nomail.afraid.org has been set up specfically for
use in usenet. Feel free to use it yourself.)
Don
spyware or whatever it is called, my anti-virus program reported to me that
I had a virus.
Actually, until I came here and started asking questions, I didn't know that
there was a difference between Trojans and Virii (is that the plural?)
"Sammi More" <hhi_...@yahoo.com> wrote in message
news:1e7b957.04081...@posting.google.com...
David H. Lipman
Dave
"Don" <Don1...@supportcharter.net> wrote in message
news:10hiurq...@corp.supernews.com...
David H. Lipman
That is the *best* answer. Based upon Today's incidents, they are the newest form of
malware and for all intents and purposes that's what the News Group is all about.
Dave
"David W. Hodgins" <dhodg...@nomail.afraid.org> wrote in message
news:opscjmuzdsqz8bjc@nntp...
nu...@zilch.com
<dhodg...@nomail.afraid.org> wrote:
>> Would you please kindly, stop posting HiJackthis logs here? Thank
>> you kindly!
>
>This I do agree with. Not because the logs are off topic, but because they make searching
>for info on specific program names, or registry keys, more difficult. Also, while most of
>the regulars here can interpret the logs somewhat, the experts seem to stick to the spyware
>forums.
I've also noticed that some spyware forums do have specialists that
seem to be on the ball. Of course, specific Trojans of various kinds
can also sometimes be identified through the logs. But posting logs
should only be done as a last resort after trying various up to date
scanners. In most cases, the use of the right scanners will have taken
care of their problems. So it's the indiscriminate posting of logs
without saying which scanners have been tried that should be
discouraged here, IMO. And shooing them off to spyware forums when
their problem may not be spyware is obviously not a good thing :)
nu...@zilch.com
<DLipman~nospam~@Verizon.Net> wrote:
>David:
>
>That is the *best* answer. Based upon Today's incidents, they are the newest form of
>malware and for all intents and purposes that's what the News Group is all about.
Not really. There are spyware specialists (elsewhere) and there are
general malware and virus experts (here). People are confused enough
as it is, lumping spyware and malware together when they shouldn't be.
It's been brought on by both the spyware scanner and the antivirus
scanner vendors who are overlapping their detections to some extent.
But the idea of lumping RATs and Backdoors together with spyware is a
mistake, IMO. And people still need to use different types of scanners
to cover all the bases.
_Vanguard_
wrote in news:10hiurq...@corp.supernews.com:
<snip>
> Actually, until I came here and started asking questions, I didn't
> know that there was a difference between Trojans and Virii (is that
> the plural?)
No, the plural of virus is viruses.
"Final us becomes i (second declension) ..." and "in Latin, virus has no
plural form. Viri and virii are both incorrect."
(http://www.fact-index.com/e/en/english_plural.html and
http://internationaleflcafe.com/grammar%20147.htm).
See http://dictionary.reference.com/help/faq/language/v/virus.html (but
its link to perl.com isn't valid anymore).
"in Latin, virii is not the correct plural because the 'ii' ending is
only used to form the plural of words ending in 'ius'.
"(http://www.campusprogram.com/reference/en/wikipedia/v/vi/virus__disamb
iguation_.html.
"the OED gives nothing but viruses for the plural"
(http://the-magi.us/stuff/virus.html).
The plural (in English) of virus is viruses. Those using viri or virii
don't know better or like to use cutsy *jargon*
(http://dictionary.reference.com/search?q=jargon).
Clarence Crow
><snip>
>Did alt.comp.virus change to
>alt.comp.spywareadwarevirus and I didn't know it?
>
> Almost all spyware hunting programs have support forums where you
>should be posting this material. This newsgroup was for the discussion
>of viruses, whether it be prevention and/or creation. Spyware does not
>qualify as a virus! :-(
Obviously, you're well-schooled in the differences AND so am I, but
most PC users believe everything nasty IS a "VIRUS", like a lot of
car-owners think "DUCO" is paint.
I've tried to explain to some of them, face to face in the real world,
and have had the same reply, viz:
"Trojan, Adware, Spyware, whatever! , it's still a "VIRUS"".
So bleat on in frustration:-
-- Please reply to this ng as:
-- my email adress is programmed to deny access to all without passwords.
-- Regards
-- Clarence Crow
Dave Budd
hhi_...@yahoo.com says...
"virus" has, colloquially at least, had its meaning broadened to what we
used to call "malware". Which includes spyware and adware and browser
hijackers and...
I'd like this newsgroup to be a one-stop-shop for _any_ malware issues:
I don't have time to go running all over the interweb every day.
Experts in particular sub-fields can of course recommend other forums
for particular cases.
Mark Thread Read isn't so hard to use.
--
Q. How do I molish a shed?
A. Obtain the constituent parts,
and put them into an acceptable congruence
Dave Budd
says...
Well, yeh, but (a) the typical user doesn't know OR CARE about the
difference, to him/her it's just Something Bad in their machine, and (b)
many of us are in my position - doing av support has meant that I
automatically also end up doing anti-spyware support, broken-floppy
support, etc etc.
clifto
> Viruses is the plural.
I still like the answer that one is virus, two are virii, three are viriii,
four are viriv, etc.
--
Both Kerry and Edwards announced their candidacy near the beginning of September,
2003, so let's only count votes before then. From January, 2003, to August, 2003,
Senator Edwards didn't vote 69 out of 320 opportunities (~22%) and Senator Kerry
didn't vote 182 out of 320 opportunities (~57%). <http://www.mwilliams.info/archives/001349.php>
Sammi More
> Maybe we sould stop talking about Trojans and Worms too?
> "virus" has, colloquially at least, had its meaning broadened to what we
> used to call "malware". Which includes spyware and adware and browser
> hijackers and...
> I'd like this newsgroup to be a one-stop-shop for _any_ malware issues:
> I don't have time to go running all over the interweb every day.
> Experts in particular sub-fields can of course recommend other forums
> for particular cases.
> Mark Thread Read isn't so hard to use.
Dear Dave!
Trojans and worms are not strictly viruses, but they are on topic
here. Removing them is good for the user, and good for the rest of the
internet community. Spyware on the other hand, while somewhat
annoying; is not really a threat to anyone beside the operator of the
machine. Spyware is actually easier to become "infected" with then a
true virus; Due to the many holes in Internet Explorer.
Usually when spyware is removed, the clueless user won't last 2
days without re-obtaining said spyware, due to the fact as many have
stated; they don't know or care what it is, so long as you or someone
else removes it. Well, if you remove it and do not educate the user
how to avoid it in the future, then your wasting your time.
I would not claim myself an expert, but I know individuals who
are in both fields; Some former virus writers tend to be able to
determine spyware removal quiet well; tricks of the virus writing
skills they once used I suppose?
As for marking a thread as already read; If you have viewed my
headers, I post from google; using a web interface; I don't have the
luxury of reading these posts offline. The ISP I have doesn't have a
reliable usenet server, and I have no plans to change it. HiJackthis
logs are simply not appropriate here.
If you assist someone with removing Spyware, you should explain
as calmy as possible (a) how they got it, and (b) how not to get it
again; That starts quiet simply as no further use of Internet
Explorer. Use Mozilla, Firefox, anything besides IE. If the user tells
you IE is all they will use, then you will realize (or should) that
helping this user is for nothing; they WILL become infected again.
Let said user learn by having to take the machine in to a computer
store for repairs, Some people seem to learn better when it costs them
money.
My 2 cents, for what it's worth.
Dave Budd
> headers, I post from google; using a web interface; I don't have the
> luxury of reading these posts offline. The ISP I have doesn't have a
> reliable usenet server, and I have no plans to change it.
The german server is widely used by many. It doesn't care what ISP you
connect through.
news.individual.net
I commend it to you
>
.
>
> Let said user learn by having to take the machine in to a computer
> store for repairs, Some people seem to learn better when it costs them
> money.
Precisely the same argument applies to viruses. I know, I've been doing
this for many years for a community of 20,000 users.
Kimberlee
Thank you for your thoughtful reply.
I posted a spyware/hijack this question just hours after the OP posted,
grumbling about the issue.
In my search, I didn't come across his thread (perhaps my newsreader?).
In my follow-up to my original post, I said I posted the question here
because I *trust* some of the members in this group, and knew that if
someone here couldn't answer the question, they would redirect me to the
appropriate group. Frankly, I didn't know that malware groups existed, but
it makes sense that they do.
OT, just for a smile, my co-worker told me yesterday that she had Win-98,
high-speed internet, *no* firewall, and couldn't understand why she kept
having to take her computer in for repairs. In addition to referring her to
this group, I will now search for malware groups and refer her there!
~Kimberlee
Sammi More
> The german server is widely used by many. It doesn't care what ISP you
> connect through.
> news.individual.net
> I commend it to you
> >
> .
> >
> > Let said user learn by having to take the machine in to a computer
> > store for repairs, Some people seem to learn better when it costs them
> > money.
>
> Precisely the same argument applies to viruses. I know, I've been doing
> this for many years for a community of 20,000 users.
Dave!
I thank you kindly for the usenet server. I will use it. I have not
been dealing with viruses or spyware for years, but I have several
colleagues who have. I maintain that the majority of spyware/adware is
far easier to catch than most of the viruses currently available.
Especially if said user still wants to install kazaa, (not lite), and
surf the internet with Internet Explorer.
I still personally feel that spyware has no place in this forum.
When one groups all forms of "malware" under the same umbrella, it
only leads to more confusion. Spyware is not viral, and viruses are
typically (although not always) not spyware. To "dumb it down" for
individuals seeking to remove it only serves the shortterm; the "dumb"
user will contract it again and again.
Posting HiJackthis logs on alt.comp.virus is rude, speaks of
reading comprehension issues with said poster; as this is
alt.comp.virus, not alt.comp.helpmeremovespyware, and just not very
kind. This newsgroup has enough spam and actual virus related posts,
to make spyware unnecessary. It has gotten to the point where some
individuals feel the need to make announcements now, when NON VIRAL
software has been updated.
Perhaps it's a matter of simple semantics to you, but I lurk here
to read and learn more about virus/antivirus matters; If I wish to
learn more about spyware, I'll read those forums. Spyware has no place
here. This is not alt.comp.allformsofmalware.
Really, If the user is going to surf the web with internet
explorer (and many will, despite much effort to convince them not
too); then you are simply spamming this newsgroup with worthless
drivel. if you feed a man, he'll eat for a day, if you teach him to
fish instead, He'll eat for many days.
Sammi More
> guess what - whenever something goes wrong on a computer people
> immediately suspect the problem is a virus and they come here... it's
> therefore advantageous for us to learn to recognize and deal with
> certain non-viral problems on top of the purely viral issues we
> normally would deal with...
Kurt!
Advantagious how? Is it really an advantage to encourage users to post
offtopic material here? Spyware is not viral, has nothing to do with
viruses; So it is offtopic here. Now along with spyware, we have
"updates"; messages about non virus related software being updated.
Next thing you know, we'll have more advertising to non virus, non
spyware issues; Someone might even decide to tell us when the next
version of Photoshop is released.
You do no one a service by holding their hand here, Kurt. This
newsgroup has enough spam to make up for the lack of virus posts. It's
being overrun with clueless individuals who are a danger to
themselves. Spyware has plenty of support, for areas dedicated to
removing it. I see nothing wrong with suggesting those people go there
for help. It could even be including in the forums, FAQ.
When I call GMC for support, I don't expect them to help me with
my wifes Honda; I believe the same token applies here.
Sammi More
> Users that suspect spyware is their problem tend to post all over. For
> example, http://snipurl.com/8csd is an example of a user posting a
> spyware question to hacker and extreme programming groups. You have
> them posting in [anti-]virus and [anti-]spam groups, in security groups,
> and in e-mail groups. Pick a group related to anything about software,
> hardware, or computers and they'll probably post a spyware question to
> it.
And the regulars of those groups, No-one (such as myself) complains
much like I'm doing? If I were a hacker, I would be very interested
perhaps in seeing how bad the spyware issue was if someone posted in a
hacking forum with the IP of the computer. And what of the extreme
programming people? Do they enjoy babystepping someone through the
removal of spyware, that the user will probably get again?
ImhoTech
news:<xAdSc.14351$a65.5...@news20.bellglobal.com>...
>
I believe you should get over yourself and move on.
I agree that 'unsolicited' log files probably should be discouraged. But
trying to limit the MALWARE discussed in an unmoderated group is just
ludicrous. If you can't figured out why on your own, then you can't be
taught either.
Sammi More
> Well, yeh, but (a) the typical user doesn't know OR CARE about the
> difference, to him/her it's just Something Bad in their machine, and (b)
> many of us are in my position - doing av support has meant that I
> automatically also end up doing anti-spyware support, broken-floppy
> support, etc etc.
Dave!
The typical user must learn the differences, or be doomed to repeat
the mistakes which led up to the encounter in the first place. from
what my associates tell me, av support isn't much fun; But so far,
none of them agree with your statements about lumping them all
together; as each requires seperate tools to remove, and you don't
obtain them the same ways.
If you simply remove spyware and do not educate the user about
the said spyware, that user is simply going to get it again; and
again, and post here, again and again. Spyware is not viral; and I
maintain that it has no place here.
Newsgroups and forums are already in place for those dealing
with spyware/adware issues; this is a virus related newsgroup, it
should remain that way. Times might change, but spyware doesn't
translate to virus even tho they have.
Sammi More
> Dave,
>
> Thank you for your thoughtful reply.
> I posted a spyware/hijack this question just hours after the OP posted,
> grumbling about the issue.
Indeed, I was grumbling about it, because your post does not belong
here. It belongs in a spyware/adware help forum.
> In my search, I didn't come across his thread (perhaps my newsreader?).
> In my follow-up to my original post, I said I posted the question here
> because I *trust* some of the members in this group, and knew that if
> someone here couldn't answer the question, they would redirect me to the
> appropriate group. Frankly, I didn't know that malware groups existed, but
> it makes sense that they do.
I have no doubts that you didn't know malware groups existed, Spyware
is spyware, adware is adware btw, none of which are/is necessarily
malware.
It's nice to trust people, but this isn't the forum for spyware/adware
issues; You should have done a more deligent search; by that token if
you had, you probably wouldn't have ever encountered spyware in the
first place.
> OT, just for a smile, my co-worker told me yesterday that she had Win-98,
> high-speed internet, *no* firewall, and couldn't understand why she kept
> having to take her computer in for repairs. In addition to referring her to
> this group, I will now search for malware groups and refer her there!
www.spywareinfo.com Use that wonderful site, instead of clogging
this forum with non virus related issues. All grumbling aside, it
really has no place here.
Sammi More
> David:
>
> That is the *best* answer. Based upon Today's incidents, they are the newest form of
> malware and for all intents and purposes that's what the News Group is all about.
This isn't alt.comp.malware. It's alt.comp.virus, not
alt.comp.spyware.adware
Spyware and adware isn't always malware, either. And this newsgroup
was for the discussion pro/anti of virus and virus methods, Not
spyware and adware.
Times have changed a bit since the groups charter, but that
doesn't mean that somehow spyware and adware=virus. This forum is full
of off topic garbage that has no place whatsoever here. HiJackthis
logs are not appropriate for this forum, and could be considered as
flooding.
I realize you might think your helping someone when you check
the log file, and tell them which files to remove; That's all well and
good, but your not helping them with the root of the problem, insecure
settings with IE, insecure software, etc; Which means you've removed a
symptom, but left the disease intact.
Sammi More
> When I was first alerted to the fact that I had received a downloader or
> spyware or whatever it is called, my anti-virus program reported to me that
> I had a virus.
>
> Actually, until I came here and started asking questions, I didn't know that
> there was a difference between Trojans and Virii (is that the plural?)
Not to cast doubt, Don; But are you certain you know the differences
now, realize how the spyware came to be on your machine, and how not
to get it again? Or did someone just tell you which files this time,
to remove?
Sammi More
> As an unmoderated alt.* newsgroup, with no charter, by definition, anything
> is on topic, provided it doesn't violate general usenet "rules" (i.e. spam, floods,
> etc.). Killfiles work pretty well for anyone whose posts you don't want to read.
This newsgroup has an unofficial FAQ tho, and if you don't follow the
so called posting rules in it, many have a tendency to contact your
ISP; As this newsgroup does have an unofficial FAQ, Many ISPS consider
it the rules if you will, of this forum. Spyware is not viral, so
could very well be considered off topic here.
The FAQ also forbids posting of malicious source code, which
should be okay by your reasoning; but is not tolerated here. Spyware
and adware really has no place here, it's amounting to wasted posts,
spamming, and posting of completely offtopic, Hijackthis log files.
Posts are supposed to be relevant to the group, HiJackthis is NOT a
virus scanner.
Nicky
Sorry CBA to snip but here is my 2 pennies worth:
Yes you are right this IS a virus NG but as others have pointed out: these
days there is so much malware and spyware out there that the average user
only knows that " something is wrong" rather than what actually is wrong.
Do we have to be so pissy that we turn people away because even though we
CAN help them? Do we have to be such pedants that the title of this NG means
we can't? Get a life .. if people here who know how to help, choose to
help, why are you whining? If it is felt that another NG could help them
better then that is suggested. there is no need to be rude or cliquey.
Nicky
_Vanguard_
wrote in news:1e7b957.04081...@posting.google.com:
If you looked at the link provided (which is a Google Groups copy of
their post and the replies to it), you would've seen one poster from the
extreme programming group inform the OP that their post was
inappropriate and what that newsgroups was really about. The response
from the OP was (and their exact words), "I was just presuming i would
get some help from a groop with such a cool name." Yeah, like that
exhibits logic - to a child!
--
_________________________________________________________________
*** Post replies to newsgroup. Share with others.
*** Email: lh_811newsATyahooDOTcom and append "=NEWS=" to Subject.
_________________________________________________________________
_Vanguard_
wrote in news:10hktip...@corp.supernews.com:
I figure that they should just be told what newsgroup or forum to visit
which is more appropriate so they know this one is not appropriate - and
so they do NOT get reinforced to come back here to submit more
inappropriate posts. If you do provide help (because it would be quick
and easy), still tell them where it would be more appropriate for their
future posts regarding similar problems.
Rather than them wondering why their post is getting ignored, at least
tell them where they can find a more focused audience regarding their
query. I visit the microsoft.public.outlook.general group and there are
TONS of posts regarding Outlook Express (it was very unfortunate
Microsoft renamed Internet Mail & News to Outlook Express due to the
misconception that a product with a word included in its name and from
the same maker must be related). Often they get a canned reply telling
the OP that the newsgroup was inappropriate but it usually tells the OP
which newsgroups are appropriate. Push them over. You can provide help
but still push them over.
kurt wismer
[snip]
> Trojans and worms are not strictly viruses, but they are on topic
> here.
then why are you so bent out of shape? spyware and adware are generally
subclasses (or payloads) of trojans...
keylogging trojans, remote access trojans, etc... all qualify as
spyware (they all allow 3rd parties to collect data about you)...
a significant proportion of adware qualifies as a trojan because you'd
never have installed it if you knew what it *really* did (foist
unwanted ads on you)...
> As for marking a thread as already read; If you have viewed my
> headers, I post from google; using a web interface; I don't have the
> luxury of reading these posts offline. The ISP I have doesn't have a
> reliable usenet server, and I have no plans to change it.
don't change your isp then... just use a different new server... i
suggest http://www.individual.net (i had good experiences with them
years ago back before they switched their name)...
--
"maxwell can tell he's in hell
just wants you to visit him there
same old game that he's playin'
his rules are never fair"
kurt wismer
> kurt wismer <ku...@sympatico.ca> wrote in message news:<xAdSc.14351$a65.5...@news20.bellglobal.com>...
>
>>guess what - whenever something goes wrong on a computer people
>>immediately suspect the problem is a virus and they come here... it's
>>therefore advantageous for us to learn to recognize and deal with
>>certain non-viral problems on top of the purely viral issues we
>>normally would deal with...
>
> Kurt!
>
> Advantagious how?
advantageous in the sense of not getting left behind and becoming
totally irrelevant to the way the world works now...
> Is it really an advantage to encourage users to post
> offtopic material here? Spyware is not viral, has nothing to do with
> viruses; So it is offtopic here.
all malware should be considered *on*topic here as malware itself tends
more and more to blur the lines that distinguish it's subclasses...
> Now along with spyware, we have
> "updates"; messages about non virus related software being updated.
are they unrelated to malware in general or just unrelated to viruses
specifically?
if the former, see above...
> Next thing you know, we'll have more advertising to non virus, non
> spyware issues; Someone might even decide to tell us when the next
> version of Photoshop is released.
that's stretching things a bit...
> You do no one a service by holding their hand here, Kurt.
you do no one a service by drawing giant lines in the sand, and you
will ultimately fail to achieve your goal if you continue using only
these means...
far better to step in in instances where you feel someone has stepped
over the line, than to stand up on a soap box and declare new general
rules of conduct... you are one person fighting against many differing
ideas of what should go on here - that puts you at a clear material
disadvantage, so you need a stratagem more suited to your circumstances...
kurt wismer
[snip]
> all malware should be considered *on*topic here as malware itself tends
> more and more to blur the lines that distinguish it's subclasses...
>
>> Now along with spyware, we have
>> "updates"; messages about non virus related software being updated.
>
>
> are they unrelated to malware in general or just unrelated to viruses
> specifically?
>
> if the former, see above...
arg... that should be "if the latter, see above"..
Heather
"Nicky" <fecki...@hotmail.com> wrote in message
news:yMxSc.126733$a8.7...@fe2.news.blueyonder.co.uk...
>
> "Sammi More" <hhi_...@yahoo.com> wrote in message
> news:1e7b957.04081...@posting.google.com...
> >
> > offtopic material here? Spyware is not viral, has nothing to do with
> > viruses; So it is offtopic here. Now along with spyware, we have
> > "updates"; messages about non virus related software being updated.
As the one who advised on what you consider an off-topic update, I beg to
differ with you. There is a very fine line between spyware and malware in
general......and it won't be long before it is crossed.
I agree with Nicky. And as you are merely a *self-described lurker*, I
really don't think you have any right to dictate to the people who actually
try to help others on this news group.
And might I remind you of some of your off-topic posts not so long
ago.....rambling on about Raid and how wonderfully misunderstood he is, that
you have thousands of mp3's......chatting up Dalt/Pax about Raid and so on.
I believe Pax told you to stop running off at the mouth.
So kindly go back to lurking......or try to help people here instead of
*trying* to set rules for the ones that do. Blunt? Yes. But you have no
right to bitch, IMHO.
Heather
Dave Budd
> I thank you kindly for the usenet server. I will use it.
Go and find the associated webpage - you have to register and it takes
few days forr them to issue you a username and pw.
> I still personally feel that spyware has no place in this forum.
Well, in the end I think we can't really stop people posting what they
want to. An awful lot of posts asking for help are from people who've
not been here before so don't know the local customs.
Dave Budd
> the mistakes which led up to the encounter in the first place.
This isn't going to happen.
My users are all academics, theoretically intelligent people, but try
asking them which version of Windows they're running: about 40% of them
will say "97". (This example from a few years ago, most of our campus is
on Word2002 now)
The computer is a box they use to do things. They don't want to, and see
no reason why they should have to, know anything at all about _how_ it
does what it does, they just want their results.
mzlin...@aol.comx
<5g0jh0patl0mkqmrm...@4ax.com>:
>There are spyware specialists (elsewhere) and there are
>general malware and virus experts (here).
If intentional difficulty of removal is enough for an unwanted program
to be considered malicious - and a few professionals agree that it is
enough - then much of the recent spyware qualifies as malware.
I can tell you that I regularly help people remove unknown trojans and
worms manually, and CoolWebSearch, even with a clue to what it's
doing, is several orders of maginitude harder to remove than all of
them - except perhaps (what turned out to be) BleBla.
Carol
nu...@zilch.com
>On Wed, 11 Aug 2004 02:46:14 GMT, nu...@zilch.com wrote in
><5g0jh0patl0mkqmrm...@4ax.com>:
>
>>There are spyware specialists (elsewhere) and there are
>>general malware and virus experts (here).
>
>If intentional difficulty of removal is enough for an unwanted program
>to be considered malicious - and a few professionals agree that it is
>enough - then much of the recent spyware qualifies as malware.
No doubt! Now, if we could just get the world to quit calling every
damn thing a virus!!!
Beauregard T. Shagnasty
> No doubt! Now, if we could just get the world to quit calling every
> damn thing a virus!!!
Or this, which I see in some local groups frequently:
"I GOT THIS DAMN *SPAM* WITH A VIRUS!!!!!"
Trying to convince them of the difference between spam and mail
generated by infected users is futile.
--
-bts
-This space intentionally left blank.
nu...@zilch.com
wrote:
>In article <5g0jh0patl0mkqmrm...@4ax.com>, nu...@zilch.com
>says...
>> On Wed, 11 Aug 2004 01:56:00 GMT, "David H. Lipman"
>> <DLipman~nospam~@Verizon.Net> wrote:
>>
>> >David:
>> >
>> >That is the *best* answer. Based upon Today's incidents, they are the newest form of
>> >malware and for all intents and purposes that's what the News Group is all about.
>>
>> Not really. There are spyware specialists (elsewhere) and there are
>> general malware and virus experts (here). People are confused enough
>> as it is, lumping spyware and malware together when they shouldn't be.
>> It's been brought on by both the spyware scanner and the antivirus
>> scanner vendors who are overlapping their detections to some extent.
>> But the idea of lumping RATs and Backdoors together with spyware is a
>> mistake, IMO. And people still need to use different types of scanners
>> to cover all the bases.
>
>Well, yeh, but (a) the typical user doesn't know OR CARE about the
>difference, to him/her it's just Something Bad in their machine, and (b)
>many of us are in my position - doing av support has meant that I
>automatically also end up doing anti-spyware support, broken-floppy
>support, etc etc.
Here's an example of what this world is coming to. I just cut and
pasted the following from a post on alt.comp.anti-virus:
****************************************************************
>>Tuesday I uninstalled AdAware 6 (181) and replaced it with version 1.01
>>Wednesday I uninstalled 1.01 and replaced it with 1.02.
>>Thursday I received mail with the usual attachment containing a worm virus.
>>Didn't open it but moved it into a desktop folder in order to test the new
>>AdAware program.
>>Did Smart system scan. Found nothing.
>>Did Full system scan. Found nothing
>>Did Custom scan. Found nothing.
>>Then scanned with AVG free version and was immediately informed that there
>>was a worm in my desktop folder.
>>Something wrong somewhere.
****************************************************************
AAAARRRRRGGGGHHHH!!!!
User education is required for their own damn good :) Many don't even
have a clue as to which type of scanner can be expected to deal with
the various kinds of malware.
nu...@zilch.com
wrote:
>In Message-ID:<630nh0ttsrtepmgke...@4ax.com> posted on
>Thu, 12 Aug 2004 14:38:26 GMT, nu...@zilch.com wrote: Begin
>
>>Now, if we could just get the world to quit calling every
>>damn thing a virus!!!
>
>That's what biochemists said, when Fred Cohen used Len Adleman's
>suggestion and applied one of their taxonomic classifications to a cyber
>application. ;-)
It wouldn't have mattered if they had called them "spreaders" or
"creepers" or whatever. Every computer problem would be called
whatever name they had chosen. Too bad they didn't have the foresight
to call them "malware". I wonder if antivirus products will ever be
called antimalware products.
BTW, I went into super shock a couple of weeks back when I did some
unscientific detection testing of various scanner products. I had a
category of Trojans ... about 1,000 of them ... all classified as
Trojans by antivirus vendors (and not by me). The Cleaner did not
alert on a single one!!! As usual, the other anti-Trojan products I
looked at fared far worse than the better av products such as McAfee
and KAV. I dunno if there's an anti-Trojan product worthy of the name.
If there is, I haven't yet found it.
James Egan
<Kimberlee_vande...@hotmail.com> wrote:
>OT, just for a smile, my co-worker told me yesterday that she had Win-98,
>high-speed internet, *no* firewall, and couldn't understand why she kept
>having to take her computer in for repairs.
What kept going wrong with it that a firewall would have sorted out?
Jim.
Gabriele Neukam
> This isn't alt.comp.malware. It's alt.comp.virus, not
> alt.comp.spyware.adware
And there are none of these yet in the usenet hierarchy.
If you are so anal about boundaries, why don't you start a RFC for
subdivisions of acv, like
alt.comp.virus.misc
alt.comp.virus.trojan
alt.comp.virus.spyware
alt.comp.virus.backdoor
alt.comp.virus.hijacker
alt.comp.virus.avprogram
alt.comp.virus.worm
alt.comp.virus.relevantgroup
after all?
Gabriele Neukam
PS: Does anybody know where to place a question re Gaobot, if these
groups would exist?
--
Ah, Information. A good, too valuable these days, to give it away, just
so, at no cost.
mzlin...@aol.comx
<630nh0ttsrtepmgke...@4ax.com>:
>Now, if we could just get the world to quit calling every
>damn thing a virus!!!
That genie isn't going back in the bottle as long as the AV companies
continue to call all malware viruses, IMO. McAfee is the worst, but
even Kaspersky and Symantec, who otherwise don't use the term "virus"
unless it's really a file infector, have their "Virus Encyclopedias"
where these things are listed.
Some blame the media, but I think the media got it from the AV
companies. They're the experts, right?
Right??? :)
Brian J Goggin
wrote:
>Therein lies the rub;
>Seems an expanding base of users in today's climate of ubiquitous
>computational presence just want to enter data, have the damn thing
>process it, and get back to whatever they had going without having to
>invest the time and brain power to learn the intricacies of it.
See, that was what it said on the box.
bjg
Criminal Element
"Sammi More" <hhi_...@yahoo.com> wrote in message news:1e7b957.04081...@posting.google.com...
> Spyware is not viral; and I maintain that it has no place here.
Worms are not viral. HJT logs do nothing to help with the real viral stuff. I came here to
learn about virii and see only anti-virus program problems being discussed (and HJT logs)
the pro-virus group has not much goings on either. Oh well - - a dying art. :(
optikl
http://www.trendmicro.com/en/security/general/glossary/overview.htm#Worm
nu...@zilch.com
>http://www.trendmicro.com/en/security/general/glossary/overview.htm#Worm
Map doesn't show using Moz with Proxomitron and JS enabled. Tried IE6
and it put up a message saying activex required. Another case of an av
vendor requring unsafe hex to use their stuff :(
Kimberlee
stinky stuff by having a high speed internet connection, no firewall, no
adaware, no spybot, and an outdated antivirus. She is an outstanding
therapist but not so hot on the techie stuff. Guess she's only human.
~Kimberlee
nu...@zilch.com
>nu...@zilch.com wrote in
>news:md9ph0932lrfvopuf...@4ax.com:
>Art,
>
>Which map? FX with Proxo and JS off shows "Virus Map" OK.
>However, Proxo traps on their pages a 1x1 "image" with
>interesting source:
>src="blahblah.gif?blahblah=/nojavascript&blahblah"
I dunno :) I thought I'd see the world map displaying the promised
information graphically and in multicolors. All I saw was a blank gray
world map. Too busy right now to fool with it. Maybe later.
Ron 'Smitty' Roberts
>
> In Message-ID:<806nh0lipt4mpfjal...@4ax.com> posted on
> Thu, 12 Aug 2004 16:22:48 GMT, nu...@zilch.com wrote: Begin
>
> >User education is required for their own damn good :) Many don't even
> >have a clue as to which type of scanner can be expected to deal with
> >the various kinds of malware.
>
> Seems an expanding base of users in today's climate of ubiquitous
> computational presence just want to enter data, have the damn thing
> process it, and get back to whatever they had going without having to
> invest the time and brain power to learn the intricacies of it.
Those are called Mac users.
--
Produced by Alan Smithee
Criminal Element
"optikl" <opt...@invalid.net> wrote in message news:ouUSc.294473$Oq2.109679@attbi_s52...
They are wrong to call worms viral. Stand alone programs are not program infections or they
would not be called stand alone. This "glossary" is misleading. To be viral a program must hide
within another program and HJT will be useless against it cause it doesn't look for infections
only for installations. They say that worm is type of virus and I disagree even if they are experts.
kurt wismer
[snip]
> They are wrong to call worms viral. Stand alone programs are not program infections or they
> would not be called stand alone. This "glossary" is misleading. To be viral a program must hide
> within another program and HJT will be useless against it cause it doesn't look for infections
> only for installations. They say that worm is type of virus and I disagree even if they are experts.
your understanding of what constitutes "viral" is suspect and/or
incomplete... under certain (entirely legitimate) definitions all worms
are viruses...
--
"maxwell can tell he's in hell
just wants you to visit him there
same old game that he's playin'
his rules are never fair"
Criminal Element
"kurt wismer" <ku...@sympatico.ca> wrote in message news:VRbTc.26026$a65.1...@news20.bellglobal.com...
> Criminal Element wrote:
> [snip]
> > They are wrong to call worms viral. Stand alone programs are not program infections or they
> > would not be called stand alone. This "glossary" is misleading. To be viral a program must hide
> > within another program and HJT will be useless against it cause it doesn't look for infections
> > only for installations. They say that worm is type of virus and I disagree even if they are experts.
>
> your understanding of what constitutes "viral" is suspect and/or
> incomplete... under certain (entirely legitimate) definitions all worms
> are viruses...
Probably. I understood that viruses can be cleaned from infected programs sometines but
worms arenot (no need to quarantine a worm) cause worm programs make stand alone
or self-contained programs not trojanized programs. Viruese replicate by trojanically (?)
modifying preexisting programs with there virality and usually let the "host" still work if
they are parasitic viruses. All worms are viruses if the def is "virus = self-replicator" but
isn't there more then that to it?
kurt wismer
it depends on the context... if you're writing logical proofs about
viruses then for the most part no, there isn't any more to it than
that... and there definitely are those in the industry who take just
that kind of hard-line scientific approach (using the mathematical
definition instead of the more ambiguous natural language definition)
to the virus definition issue...
clifto
> Or this, which I see in some local groups frequently:
>
> "I GOT THIS DAMN *SPAM* WITH A VIRUS!!!!!"
>
> Trying to convince them of the difference between spam and mail
> generated by infected users is futile.
Actually, this has been discussed elsewhere. A fair case can be made for
calling it spam; the original disseminator intended it to be blasted to
a large number of unwilling recipients. The distinctions grow more and
more fuzzy in a day when people receive unsolicited bulk e-mail containing
programs which turn their computers into spam relays or outright spam
servers.
--
Both Kerry and Edwards announced their candidacy near the beginning of September,
2003, so let's only count votes before then. From January, 2003, to August, 2003,
Senator Edwards didn't vote 69 out of 320 opportunities (~22%) and Senator Kerry
didn't vote 182 out of 320 opportunities (~57%). <http://www.mwilliams.info/archives/001349.php>