[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-virus
Subject: RE: Gator scumware and virus software
From: "lsi" <stuart () cyberdelix ! net>
Date: 2002-08-29 6:38:13
[Download RAW message or body]
Gaby,
You won't be able to accurately measure the extent of "junkware" in your enterprise, \
because there is an infinite amount of variety in the nature of these items. That \
is, even if you get a "complete" list, the next time a new junkware program comes \
out, your list will be out-of-date. And due to the underhanded nature of this \
software, the authors of Gator and the like aren't going to make your life easy.
However, the authors of Ad-Aware are in a good position to keep up, because they get \
sent new samples all the time. Therefore, going with Ad-Aware is likely to count as \
a "reasonable" effort at controlling junkware.
There is another program called Pest Patrol, which does the same thing - although I \
only got it today so I don't know what it's like yet (haven't even installed it!).
You could get a directory listing of each workstation, and a list of their running \
processes, and use scripts to ID various junkwares installed - but it will be very \
time-consuming and not terribly accurate.
If you need to give an estimate to your boss, run Ad-Aware on ten of your machines, \
then extrapolate the results to the rest. Ad-Aware does in fact give you the paths \
and names of the files and processes it finds, so you can build a list (of sorts) if \
you like. Turn on extended logging in Ad-Aware for the full monty.
Cheers for now.
Stuart
On 27 Aug 2002 at 13:56, Dowling, Gabrielle wrote:
From: "Dowling, Gabrielle" <dowlingg@sullcrom.com>
To: "'Thaddeus McNamara'" <tk@kuic.com>,
"'focus-virus@securityfocus.com'" <focus-virus@securityfocus.com>
Subject: RE: Gator scumware and virus software
Date sent: Tue, 27 Aug 2002 13:56:15 -0400
> Thanks to you and others who have suggested this, or Pest Patrol, but at
> this point I'm just trying to do an assessment by logging which users have
> what installed, for which I really need the executable names and paths.
> (Once I get a sense of the extent of the problem in our enterprise, then I
> can start working on implementing a solution!).
>
> Regards,
>
> Gaby
>
> -----Original Message-----
> From: Thaddeus McNamara [mailto:tk@kuic.com]
> Sent: Tuesday, August 27, 2002 1:31 PM
> To: 'Dowling, Gabrielle'; 'bboynton@sbcourts.org';
> 'focus-virus@securityfocus.com'
> Subject: RE: Gator scumware and virus software
>
>
> Have you tried Ad Aware? http:www.lavasoftusa.com It's free and even has
> an definitions update program that accompanies it. Very clean and easy to
> use.
>
> Thaddeus K. McNamara
> Information Technology Director
> Coast Radio Co., Inc.
> 707.452.2316 (direct)
> 707.446.0122 (fax)
> Give Free Food! Visit http://www.thehungersite.com
>
>
> -----Original Message-----
> From: Dowling, Gabrielle [mailto:dowlingg@sullcrom.com]
> Sent: Monday, August 26, 2002 8:37 PM
> To: 'bboynton@sbcourts.org'; 'focus-virus@securityfocus.com'
> Subject: Re: Gator scumware and virus software
>
>
> I can't answer yes or no, unfortunately, but I would like to know if you or
> anyone else has a list of paths and executable names of the most common
> malware spyware so I can do an assessment of how widespread it is in our
> organization. Realize that I could do this by loading them all on a
> workstation and capturing the changes, but my resources are thin at the
> moment and massive searching yielded nothing except for those that don't
> have a proper uninstall mechanism.
>
> Last, regardless of the ridiculous consent policies these beasts employ, to
> what extent has anyone considered and or pursued that end users who are
> working from a corporately oned pc do not have right of consent?
>
> Best
>
> Gaby.
>
> Gaby
>
>
>
> -----Original Message-----
> From: Boynton, Brad <bboynton@sbcourts.org>
> To: 'focus-virus@securityfocus.com' <focus-virus@securityfocus.com>
> Sent: Fri Aug 23 16:57:47 2002
> Subject: Gator scumware and virus software
>
> Has anyone experienced problems with Gator scumware, more specifically the
> CMESys.exe component of the Gator scumware changing folder permissions and
> conflicting with virus protection software on client workstations?
>
> Brad Boynton
> Network Administrator
> Santa Barbara Superior Courts
> bboynton@sbcourts.org
>
>
>
>
>
>
>
>
> **********************************************************************
> This e-mail was sent by a law firm and contains information
> that may be privileged and confidential. If you are not the
> intended recipient, please delete the e-mail and notify us
> immediately.
> **********************************************************************
>
>
> **********************************************************************
> This e-mail is sent by a law firm and contains information
> that may be privileged and confidential. If you are not the
> intended recipient, please delete the e-mail and notify us
> immediately.
> **********************************************************************
--
Stuart Udall
stuart@cyberdelix.net - http://www.cyberdelix.net/
..revolution through evolution
want to make some cash? check out http://cyberdelix.net/affiliates.htm
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic