RE: Spyware becomes increasingly malicious
William Warren wrote: coolwebsearch has become more and more sneaky..so bad that development of cws shredder has been abandoned by its developer....
The smart computer does not exist (if it did, we would not have a job, would we? ;-)
Either serious lock down you ie (which with CWS is not going to help) or use something other than ie.
No argument here.
Gregh wrote: Are you honestly serious? I came up against it for the first time only about 3 days ago and I got rid of it in 10 minutes! I can see how it would be a problem for a newbie but it shouldn't be anything more than 10 minutes work for anyone here with Windows experience.
There are dozen of variants, obviously you've seen only one. Michel.
somebody, probably sean, mentioned scaling earlier in this thread.
coolwebsearch has become more and more sneaky.. so bad that development of cws shredder has been abandoned by its developer.. ... the first time only about 3 days ago and I got rid of it in 10 minutes! I can see how it would be a problem for a newbie but it shouldn't be anything more than 10 minutes work for anyone here with Windows experience. ... There are dozen of variants, obviously you've seen only one.
so, this bit of spyware (which was resistant to ad-aware as of last week, though ad-aware seems to publish a new definition file every day now) relies on a web site, and that web site relies on the spyware for its traffic and eyeballs, and the spyware and website are owned/operated/"published" by the same company. the website does not move around, it's at a fixed location. the scaling issue, please: "why does that company still have an internet connection?" or, to put it less mildly: "why does that company's provider still have an upstream?" or, to put it in terms you can all understand: "why does that provider's upstream still have bgp peers?" if you give people the means to hurt you, and they do it, and you take no action except to continue giving them the means to hurt you, and they take no action except to keep hurting you, then one of the ways you can describe the situation is "it isn't scaling well." -- Paul Vixie
On Mon, Jul 12, 2004 at 04:18:34PM +0000, Paul Vixie wrote:
somebody, probably sean, mentioned scaling earlier in this thread.
coolwebsearch has become more and more sneaky.. so bad that development of cws shredder has been abandoned by its developer.. ... the first time only about 3 days ago and I got rid of it in 10 minutes! I can see how it would be a problem for a newbie but it shouldn't be anything more than 10 minutes work for anyone here with Windows experience. ... There are dozen of variants, obviously you've seen only one.
so, this bit of spyware (which was resistant to ad-aware as of last week, though ad-aware seems to publish a new definition file every day now) relies on a web site, and that web site relies on the spyware for its traffic and eyeballs, and the spyware and website are owned/operated/"published" by the same company. the website does not move around, it's at a fixed location.
the scaling issue, please:
"why does that company still have an internet connection?"
or, to put it less mildly:
"why does that company's provider still have an upstream?"
or, to put it in terms you can all understand:
"why does that provider's upstream still have bgp peers?"
if you give people the means to hurt you, and they do it, and you take no action except to continue giving them the means to hurt you, and they take no action except to keep hurting you, then one of the ways you can describe the situation is "it isn't scaling well."
http://www.webhelper4u.com/CWS/cwsoriginial.html These folks? Looks like it's all Cogent. Surely someone has contacted Cogent about this? network:ID:NET-42FA4A8019 network:Network-Name:NET-42FA4A8019 network:IP-Network:66.250.74.128/25 network:Org-Name:HyperSpace Communications network:Street-Address: 74 West Street network:City:Waltham network:State:MA network:Postal-Code:02451 network:Country-Code:US network:Tech-Contact:ZC108-ARIN -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
----- Original Message ----- From: "Michel Py" <michel@arneill-py.sacramento.ca.us> To: "Gregh" <chows@ozemail.com.au>; <nanog@merit.edu> Sent: Tuesday, July 13, 2004 12:41 AM Subject: RE: Spyware becomes increasingly malicious
Gregh wrote: Are you honestly serious? I came up against it for the first time only about 3 days ago and I got rid of it in 10 minutes! I can see how it would be a problem for a newbie but it shouldn't be anything more than 10 minutes work for anyone here with Windows experience.
There are dozen of variants, obviously you've seen only one.
Obviously. If I can get rid of it easily *I* am the one who is wrong! All I did was the job. How about you read what I wrote. It really IS that easy. Greg.
not all the variants are that easy..how about doing a google on coolwebsearch..scumware.com has a good writeup as well as spywareinfo.com...the newer variants are not that easy.... Gregh wrote:
----- Original Message ----- From: "Michel Py" <michel@arneill-py.sacramento.ca.us> To: "Gregh" <chows@ozemail.com.au>; <nanog@merit.edu> Sent: Tuesday, July 13, 2004 12:41 AM Subject: RE: Spyware becomes increasingly malicious
Gregh wrote: Are you honestly serious? I came up against it for the first time only about 3 days ago and I got rid of it in 10 minutes! I can see how it would be a problem for a newbie but it shouldn't be anything more than 10 minutes work for anyone here with Windows experience.
There are dozen of variants, obviously you've seen only one.
Obviously. If I can get rid of it easily *I* am the one who is wrong!
All I did was the job. How about you read what I wrote. It really IS that easy.
Greg.
-- My "Foundation" verse: Isa 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou shalt condemn. This is the heritage of the servants of the LORD, and their righteousness is of me, saith the LORD. -- carpe ductum -- "Grab the tape"
participants (5)
-
Gregh
-
Michel Py
-
Paul Vixie
-
Richard A Steenbergen
-
William Warren