'RE: Gator scumware and virus software'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-virus
Subject:    RE: Gator scumware and virus software
From:       "lsi" <stuart () cyberdelix ! net>
Date:       2002-08-29 6:38:13
[Download RAW message or body]

Gaby,

You won't be able to accurately measure the extent of "junkware" in your enterprise, \
because there is an  infinite amount of variety in the nature of these items.  That \
is, even if you get a "complete" list, the next  time a new junkware program comes \
out, your list will be out-of-date.  And due to the underhanded nature  of this \
software, the authors of Gator and the like aren't going to make your life easy.

However, the authors of Ad-Aware are in a good position to keep up, because they get \
sent new samples  all the time.  Therefore, going with Ad-Aware is likely to count as \
a "reasonable" effort at controlling  junkware.

There is another program called Pest Patrol, which does the same thing - although I \
only got it today so I  don't know what it's like yet (haven't even installed it!).

You could get a directory listing of each workstation, and a list of their running \
processes, and use scripts  to ID various junkwares installed - but it will be very \
time-consuming and not terribly accurate.  

If you need to give an estimate to your boss, run Ad-Aware on ten of your machines, \
then extrapolate the  results to the rest.  Ad-Aware does in fact give you the paths \
and names of the files and processes it  finds, so you can build a list (of sorts) if \
you like.  Turn on extended logging in Ad-Aware for the full monty.

Cheers for now.
Stuart

On 27 Aug 2002 at 13:56, Dowling, Gabrielle wrote:

From:           	"Dowling, Gabrielle" <dowlingg@sullcrom.com>
To:             	"'Thaddeus McNamara'" <tk@kuic.com>,
  	"'focus-virus@securityfocus.com'" <focus-virus@securityfocus.com>
Subject:        	RE: Gator scumware and virus software
Date sent:      	Tue, 27 Aug 2002 13:56:15 -0400

> Thanks to you and others who have suggested this, or Pest Patrol, but at
> this point I'm just trying to do an assessment by logging which users have
> what installed, for which I really need the executable names and paths.
> (Once I get a sense of the extent of the problem in our enterprise, then I
> can start working on implementing a solution!).
> 
> Regards,
> 
> Gaby
> 
> -----Original Message-----
> From: Thaddeus McNamara [mailto:tk@kuic.com]
> Sent: Tuesday, August 27, 2002 1:31 PM
> To: 'Dowling, Gabrielle'; 'bboynton@sbcourts.org';
> 'focus-virus@securityfocus.com'
> Subject: RE: Gator scumware and virus software
> 
> 
> Have you tried Ad Aware?  http:www.lavasoftusa.com  It's free and even has
> an definitions update program that accompanies it.  Very clean and easy to
> use.
> 
> Thaddeus K. McNamara
> Information Technology Director
> Coast Radio Co., Inc.
> 707.452.2316 (direct)
> 707.446.0122 (fax)
> Give Free Food! Visit http://www.thehungersite.com
> 
> 
> -----Original Message-----
> From: Dowling, Gabrielle [mailto:dowlingg@sullcrom.com]
> Sent: Monday, August 26, 2002 8:37 PM
> To: 'bboynton@sbcourts.org'; 'focus-virus@securityfocus.com'
> Subject: Re: Gator scumware and virus software
> 
> 
> I can't answer yes or no, unfortunately, but I would like to know if you or
> anyone else has a list of paths and executable names of the most common
> malware spyware so I can do an assessment of how widespread it is in our
> organization.  Realize that I could do this by loading them all on a
> workstation and capturing the changes, but my resources are thin at the
> moment and massive searching yielded nothing except for those that don't
> have a proper uninstall mechanism.
> 
> Last, regardless of the ridiculous consent policies these beasts employ, to
> what extent has anyone considered and or pursued that end users who are
> working from a corporately oned pc do not have right of consent?
> 
> Best
> 
> Gaby.
> 
> Gaby
> 
> 
> 
> -----Original Message-----
> From: Boynton, Brad <bboynton@sbcourts.org>
> To: 'focus-virus@securityfocus.com' <focus-virus@securityfocus.com>
> Sent: Fri Aug 23 16:57:47 2002
> Subject: Gator scumware and virus software
> 
> Has anyone experienced problems with Gator scumware, more specifically the
> CMESys.exe component of the Gator scumware changing folder permissions and
> conflicting with virus protection software on client workstations? 
> 
> Brad Boynton
> Network Administrator
> Santa Barbara Superior Courts
> bboynton@sbcourts.org
> 
> 
> 
> 
> 
> 
> 
> 
> **********************************************************************
> This e-mail was sent by a law firm and contains information
> that may be privileged and confidential. If you are not the
> intended recipient, please delete the e-mail and notify us 
> immediately.
> **********************************************************************
> 
> 
> **********************************************************************
> This e-mail is sent by a law firm and contains information
> that may be privileged and confidential.  If you are not the
> intended recipient, please delete the e-mail and notify us 
> immediately.
> **********************************************************************


-- 
Stuart Udall
stuart@cyberdelix.net - http://www.cyberdelix.net/
..revolution through evolution

want to make some cash? check out http://cyberdelix.net/affiliates.htm


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic