Not Malicious Just Annoying 1

[rosieb]

I recently received this....

"Sophos provides protection against software (viruses, Trojan horses, and worms) which behaves maliciously.

There is a category of application known as "adware" which although sometimes annoying cannot be described as malicious. The programs are normally up front about what they plan to do, ask the user's permission at installation, and include uninstallers.

Understandably, the vendors of these adware applications are unhappy to be classified as malicious by an anti-virus application and may resort to legal action against anti-virus vendors who detect them inappropriately.

Their view is that they have been upfront about what their application does, and have sought the user's permission to be installed.

Users who wish to detect adware applications may like to consider some of the commercial adware-detection applications available.

If you have seen an application which you believe to be malicious (for instance if it collects keypresses without the user's knowledge or replicates) then please send it to support@sophos.com so the experts in Sophos's virus labs can analyse it."


So there you have it, nothing to worry about, just an "annoyance". (Personally I'm a bit more than annoyed...)


Rosie
"Never express yourself more clearly than you think" (Niels Bohr)

 

[diogenes10]

The programs are normally up front about what they plan to do, ask the user's permission at installation, and include uninstallers.

While some companies may do this, you have only to spend some time with hijackthis logs to see that this is not always the case. Comparison pairs that come to mind are things like
smss and slmss
explore and expl0re
mprexe and msrexe

My favorites are ones (I think they are related to something called lop) that go something like
C:\program_files\You Are Stupid\Bad Wine.dll


-------------------------------------
It's 10 O'Clock ( somewhere! ).
Are your registry and data backed up?

 

[shrubble]

And how is malicious defined? If you're attempting to do your job, and some program is popping up in your face every ten seconds trying to tell you you've won a free XBox or something, that's not malicious? True- many of these apps don't destroy your OS. But they do spy on you, suck up your resources, and bug the heck out of you... sounds malicious to me.

What kills me is this: "Well you signed up for this!" Anyone who looks at the final product of these cruddy programs knows that NO ONE IN THEIR RIGHT MIND would willingly sign up for THAT. These idiots bank on the fact that maybe one person in fifty actually reads the 6pt font EULA that comes with this garbage. What about the fact that nobody ever seems to remember where this stuff comes from, or when it was installed? That's because the install always occurs on the down-low when they catch you slipping, and they use names for their programs like the ones pointed out in the previous post. Do you think you're ever gonna see the author of a piece of spyware/adware getting interviewed for tips and techniques by Dr. Dobbs Journal or PC Magazine?
Nope. Because in our guts (as well as theirs) we all know that what they're doing is wrong.

The people that push this stuff are dishonest and deceitful, and are simply contorting the law in an attempt to hide that painfully obvious fact. They need to get a life...

SELECT user
FROM users
WHERE common_sense IS EQUAL TO NULL;

-Shrubble

http://www.ishrubble.com

 

[onrdbandit]

Howdy,

I think I'll throw in a dissenting opinion here:

True- many of these apps don't destroy your OS

I have seen many (more often than not really) wreak havok on the Windows OS and the registry. If you manage to get the "non OS destructing" applications off of the machine (inspite of startup exploits and self-restoration that these things often employ), you still may, and probably do, have security holes opened by innumberable and essentially untracable registry manipulations. If you are lucky, the garbage doesnt destroy your Winsock stacks.

A great deal of general users (namely those most affected by such wares) use their machines primarily for email, web browsing, and other nominal tasks. Granted that spyware can prevent the completion of two of those tasks, I would say that for many people it does destroy the machine. If the machine does not do what you need it for, it may as well be a paperweight.

And just as a side note, I saw a machine with 43 BHO's today, and the thing would not even boot normally...

Having said that, I would have to respectfully disagree with the statment that spywares dont destroy the OS.

NO ONE IN THEIR RIGHT MIND would willingly sign up for THAT

Sadly, that isn't entirely true either. I have seen more than a few people absolutely angry when their beloved WeatherBug is deleted, etc. AND everyday, people download and install Kazaa and "the Gator". Basically, there are people, misguided they may be, who are willing to put up with the problems associated with spywares for the limited functionality they seemingly provide.

My rant is over...

No! Try not. Do, or do not. There is no try. - Yoda

 

[diogenes10]

Sadly, that isn't entirely true either. I have seen more than a few people absolutely angry when their beloved WeatherBug is deleted, etc"


That's one of the things the bootcamp moderator at spywareinfo tries to address in a thread about optional fixes and it's one of the things I have a ways to go on yet-to understand what's been foisted on them and what they really want to keep.

-------------------------------------
It's 10 O'Clock ( somewhere! ).
Are your registry and data backed up?

 

[shrubble]

ornd,

the key word here is MANY. Many of them them don't destroy your OS, many of them do. We've all had occasions where we've been approached by someone about their PC, which, after booting, promptly locks up cold. Upon further investigation (usually after an elaborate voodoo ritual just to get the thing to boot), there is spyware/adware/malware running rampant all over the thing. THIS is the part that no one in their right mind would sign up for, the part that is buried deep in the EULA.

I too fight every day with users about Weatherbug, Gator, Comet Cursors, p2p's, etc... and other shiny-flashy objects that seem to attract users like a moth to a flame. I also agree with you, and think we're both arguing the same points.

SELECT user
FROM users
WHERE common_sense IS EQUAL TO NULL;

-Shrubble

http://www.ishrubble.com

 

[rosieb]

Does legitimate software hide itself? Prevent you from uninstalling it?

I think that the behaviour of these programmes is indicative of their intentions.

Rosie
"Never express yourself more clearly than you think" (Niels Bohr)

 

[diogenes10]

Well, there are some large companies that have website instructions for how to finish uninstalling their stuff manually after the add/remove programs uninstall fails to do the job.

-------------------------------------
It's 10 O'Clock ( somewhere! ).
Are your registry and data backed up?

 

[TekTippy4U]

Does legitimate software hide itself? Prevent you from uninstalling it?

try uninstalling or deleting the content.ie5 folder, and the usual 4 hidden randomly named subfolders.
I hope you get my point.

TT4U

Notification:
These are just my thoughts....and should be carefully measured against other opinions.
Backup All Important Data/Docs