FACT: Ad/spyware are not classified as viruses. (research)

[KevinGPO]

I am researching in the technical differences between viruses &
ad/spyware. I have googled for an explaination only to find many
"naive" articles claiming that viruses and ad/spyware are basically the
same. Articles "naively" state that both viruses and ad/spyware are
malicious, hide in your PC, etc.

But am wanting to know deeper technical differences between viruses and
ad/spyware. Where did ad/spyware originate? Why are ad/spyware not
detected by many major anti-virus scanners? I have heard that
ad/spyware is not technically a virus, and so is not classified as a
virus.

If you have any opinions/suggestions please respond. If you know a full
deep technical articles on the differences between viruses & ad/spyware
then please enlighten me. And finally please confirm with me that
ad/spyware is not classified as virus.

 

[kurt wismer]

I am researching in the technical differences between viruses &
ad/spyware. I have googled for an explaination only to find many
"naive" articles claiming that viruses and ad/spyware are basically the
same. Articles "naively" state that both viruses and ad/spyware are
malicious, hide in your PC, etc.

adware displays ads, spyware spies on you, viruses self-replicate and
(according to most) infect programs... and it's entirely possible for
one thing to fall under multiple classifications...

But am wanting to know deeper technical differences between viruses and
ad/spyware. Where did ad/spyware originate?

it originated with a programmer... adware in particular has probably
always been commercial...

Why are ad/spyware not
detected by many major anti-virus scanners?

because anti-virus companies are slow to move into new markets and the
demand for adware/spyware detection is still pretty new...

also, classifying and deciding whether or not to add detection for
spyware and adware is a lot different than it is for viruses... with
viruses, if it self-replicates then that's pretty much all they need to
know, however for adware and spyware it's generally not worth adding
detection unless they are fairly clearly some kind of trojan...

I have heard that
ad/spyware is not technically a virus, and so is not classified as a
virus.

in general this is correct, however particular instances can have
overlapping classifications (ie. it's possible for something to be both
adware and a virus, or spyware and a virus, or spyware and adware, or
all 3)...

If you have any opinions/suggestions please respond. If you know a full
deep technical articles on the differences between viruses & ad/spyware
then please enlighten me. And finally please confirm with me that
ad/spyware is not classified as virus.

that is correct - in general adware and spyware are more closely related
to trojan horse programs than to viruses...

http://anti-virus-rants.blogspot.com/2006/01/what-is-virus.html
http://anti-virus-rants.blogspot.com/2006/03/what-is-adware.html
http://anti-virus-rants.blogspot.com/2006/03/what-is-spyware.html

 

[Art]

Why are ad/spyware not
detected by many major anti-virus scanners?

Kurt answered your questions, and I'll add something in response to
this question. Actually, it seems that many av products now do
detect ad/spyware, and some far more than others. However,
the word from those who do PC cleanup/disinfection work is that
no av product is sufficient in this regard, and they use some
specialised ad/spyware scanners as well. This is partially due to
the fact that certain specialised scanners are reported do a better
cleanup job, but also, I think, they get better raw detection coverage
as well.

So the way I'd summarize it is to say that it's important for users to
use both kinds of scanners, and not rely on av products right now
to help them out much with ad/spyware. While av products seem
to be aiming at becoming general malware detection/removers,
they apparently still have quite a way to go.

Art
http://home.epix.net/~artnpeg

 

[I.dont.read.email]

Kurt answered your questions, and I'll add something in response to
this question. Actually, it seems that many av products now do
detect ad/spyware, and some far more than others. However,
the word from those who do PC cleanup/disinfection work is that
no av product is sufficient in this regard, and they use some
specialised ad/spyware scanners as well. This is partially due to
the fact that certain specialised scanners are reported do a better
cleanup job, but also, I think, they get better raw detection coverage
as well.

So the way I'd summarize it is to say that it's important for users to
use both kinds of scanners, and not rely on av products right now
to help them out much with ad/spyware. While av products seem
to be aiming at becoming general malware detection/removers,
they apparently still have quite a way to go.

Art
http://home.epix.net/~artnpeg

I hate to say this and will probably be flamed for doing so, but I
really think that many of the viruses are created by the companies
that sell the anti-virus software. I dont think they put out the
stuff that damages computers or software, but I dont doubt they put
out the stuff that duplicates like wildfire but does little damage
other than leaving the user with an irritation. After all, what
better way to push their products. I'd even go so far as to name the
companies that I suspect, but I'll let you decide who they are,
especially the two whose names begin with "M" and "N".

 

[Art]

On Fri, 03 Mar 2006 00:45:41 -0600,

I hate to say this and will probably be flamed for doing so, but I
really think that many of the viruses are created by the companies
that sell the anti-virus software. I dont think they put out the
stuff that damages computers or software, but I dont doubt they put
out the stuff that duplicates like wildfire but does little damage
other than leaving the user with an irritation. After all, what
better way to push their products. I'd even go so far as to name the
companies that I suspect, but I'll let you decide who they are,
especially the two whose names begin with "M" and "N".

Doesn't make sense that there would be any kind of officially
sanctioned malware authorship + release operations going on
in M, N or any other av company. Anything like that would blow
up in their face very quickly. Think disgruntled employee.

The closest thing to "spreading" they do is the sharing of samples
that goes on between av vendors. There are enough screwballs
writing/releasing this junk to keep their businesses growing without
having to create any junk themselves.

Art
http://home.epix.net/~artnpeg

 

[* * Chas]

On Fri, 03 Mar 2006 00:45:41 -0600,


Doesn't make sense that there would be any kind of officially
sanctioned malware authorship + release operations going on
in M, N or any other av company. Anything like that would blow
up in their face very quickly. Think disgruntled employee.

The closest thing to "spreading" they do is the sharing of samples
that goes on between av vendors. There are enough screwballs
writing/releasing this junk to keep their businesses growing without
having to create any junk themselves.

Art
http://home.epix.net/~artnpeg

There is no need for AV companies to generate malware. There are
hundreds people around the world contributing to the pool daily! For
example, back in the 1990s places like Bulgaria and other East Block
countries had thousands of people trained in CIS with no hope of finding
work in their field. Quite a few of these folks turned to virus writing
for whatever reason.

Chas.

 

[David H. Lipman]

From: <[email protected]>

|
| I hate to say this and will probably be flamed for doing so, but I
| really think that many of the viruses are created by the companies
| that sell the anti-virus software. I dont think they put out the
| stuff that damages computers or software, but I dont doubt they put
| out the stuff that duplicates like wildfire but does little damage
| other than leaving the user with an irritation. After all, what
| better way to push their products. I'd even go so far as to name the
| companies that I suspect, but I'll let you decide who they are,
| especially the two whose names begin with "M" and "N".

Ridiculous statement !

Try Organized Crime syndicates like the Russian Mob.

 

[Ant]

From: <[email protected]>
| I hate to say this and will probably be flamed for doing so, but I
| really think that many of the viruses are created by the companies
| that sell the anti-virus software. [...]

Ridiculous statement !

My lighter has a bigger flame than that

Try Organized Crime syndicates like the Russian Mob.

Right on.

 

[David H. Lipman]

|
| My lighter has a bigger flame than that


I leave that for those with a sharper wit and the mightier pen.


||
| Right on.
|


Recently I looked at some registration addresses of some malicious web sites hosting
malware. The Brighton Beach, Brooklyn NY, addresses were quite apparent.

 

[Carol]

Why are ad/spyware not
detected by many major anti-virus scanners?

One of the issues not mentioned yet is user permission. Because much
adware/spyware is installed along with free programs, the installation
of which normally includes approval of the user agreement allowing
installation of the spyware, then these programs are deemed installed
at the permission of the user. Aside from possibly removing something
wanted by the user, it can put anyone who declares such programs as
malicious in some legal difficulties. Some solve it by adding
detection of "nuisance" or "possibly unwanted" programs, but even then
the coverage is not great, I think because they're trying to strike a
balance between almost automatic removal and avoiding removal of
wanted programs. This may be why we're seeing more "suites" of
programs including AV, firewall, and now spyware scanners, all of
which run separately.

Carol

 

[Jake Dodd]

On Fri, 03 Mar 2006 00:45:41 -0600,


Doesn't make sense that there would be any kind of officially
sanctioned malware authorship + release operations going on
in M, N or any other av company. Anything like that would blow
up in their face very quickly. Think disgruntled employee.

The closest thing to "spreading" they do is the sharing of samples
that goes on between av vendors. There are enough screwballs
writing/releasing this junk to keep their businesses growing without
having to create any junk themselves.

I agree, but I do think they add to the FUD to bolster sales.

 

[kurt wismer]

I hate to say this and will probably be flamed for doing so, but I
really think that many of the viruses are created by the companies
that sell the anti-virus software. I dont think they put out the
stuff that damages computers or software, but I dont doubt they put
out the stuff that duplicates like wildfire but does little damage
other than leaving the user with an irritation.

not this dead horse again...

a) there are plenty of people *outside* of the av industry creating
viruses and other malware - there's no reason for the av industry to get
it's hands dirty...
b) the av industry is highly competitive and if one company did that
then others would *out* them and capitalize on that fact... if all
companies did it then one would stop and out the rest and capitalize on
that fact...

After all, what
better way to push their products.

what better way to commit public relations suicide, you mean...

I'd even go so far as to name the
companies that I suspect, but I'll let you decide who they are,
especially the two whose names begin with "M" and "N".

i'd go so far as to suggest a nice hat made out of tinfoil...

 

[Ed]

On Fri, 03 Mar 2006 00:45:41 -0600,


Doesn't make sense that there would be any kind of officially
sanctioned malware authorship + release operations going on
in M, N or any other av company. Anything like that would blow
up in their face very quickly. Think disgruntled employee.

don't be so sure... Think classified operation known only to a select few.

 

[Art]

don't be so sure... Think classified operation known only to a select few.

They're still employees and disgruntled employees blow whistles.

Art
http://home.epix.net/~artnpeg

 

[None]

There is no need for AV companies to generate malware. There are
hundreds people around the world contributing to the pool daily! For

Thats what they want you to believe

~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified.

 

[kurt wismer]

don't be so sure... Think classified operation known only to a select few.

500/1,000 viruses a month seems like the work of more than a select few...

ergo, there are many people involved...

ergo, av companies couldn't keep a lid on it if they were part of it...

this is really stupid though... we know *for a fact* that there are
ordinary virus writers already writing these things... some of them used
to participate in alt.comp.virus, some hang around in a particular irc
chat room called #virus... some of them publish 'zines... with all these
people that we know about already writing viruses, *why* would
anti-virus companies even bother? there's no shortage of new viruses
with the already known virus writers around...