I don't think you need anti-virus with Vista

  • Thread starter Thread starter Steve Thackery
  • Start date Start date
DarkSentinel wrote:
> "bomb#20" <darkstar@home> wrote in message
> news:5Z6dnUgCL6cAwMfanZ2dnUVZ8h-dnZ2d@giganews.com...
>> TheBosst127 wrote:
>>> What antivirus software do you reccommend for Vista Home Premium. I
>>> was running McAfee and ran into multiple problems so I uninstalled.
>>> I installed CA which was free through my ISP, and that was no
>>> better. I am currently running with nothing.
>>>
>>> "Andre Da Costa[ActiveWin]" wrote:
>>>
>>>> Trust me, you need Antivirus for Windows Vista, I am running Vista
>>>> x64 and I was surprised when I did a scan with Norton AV Corporate
>>>> Edition 10.2 it fold several Trojan horses and viruses under
>>>> C:/Windows which successfully cleaned and deleted.
>>
>> I woudn't hold your breath waiting for an answer from Mr. Andre Da
>> Costa. I am still waiting to hear about the viruses he says Norton
>> found in his Windows directory.
>> If Norton had found something that Vista didn't block then I'm sure
>> they would
>> have told the world about it.
>> So, I wouldn't trust any advice from Mr. Da Costa.
>
> Well here is from MY scan logs from Norton...
>
> 12/10/2007 7:15:52 AM,Auto-Protect,CasinoOnNet,Removal not
> attempted,File,2007.12.09.006,10.1.0.26,SYSTEM,KANG,"Source:
> C:\Windows\Install.exe,Risk category: Security risk,Overall Risk
> Impact: Low,Action taken: Removal not attempted"
> 12/10/2007 7:15:52 AM,Auto-Protect,CasinoOnNet,Removal not
> attempted,File,2007.12.09.006,10.1.0.26,SYSTEM,KANG,"Source:
> C:\Windows\Install.$$A,Risk category: Security risk,Overall Risk
> Impact: Low,Action taken: Removal not attempted"
>
> This little beauty popped an extra entry into my Vista start menu, BUT
> didn't show up under the Classic start menu. Slipped past everything,
> and I am protected out the wazoo. I had to do a manual removal.
>
> So if this slipped past everything I have, there is INDEED a need for
> AV.

Well, if Norton classes whatever it found as :

Security risk,Overall Risk Impact:
Low,

then it doesn't sound like a virus to me ! :-)

..
 
"bomb#20" <darkstar@home> wrote in message
news:wcWdnVtiNf87pvnanZ2dnUVZ8vGdnZ2d@giganews.com...
> DarkSentinel wrote:
>> "bomb#20" <darkstar@home> wrote in message
>> news:5Z6dnUgCL6cAwMfanZ2dnUVZ8h-dnZ2d@giganews.com...
>>> TheBosst127 wrote:
>>>> What antivirus software do you reccommend for Vista Home Premium. I
>>>> was running McAfee and ran into multiple problems so I uninstalled.
>>>> I installed CA which was free through my ISP, and that was no
>>>> better. I am currently running with nothing.
>>>>
>>>> "Andre Da Costa[ActiveWin]" wrote:
>>>>
>>>>> Trust me, you need Antivirus for Windows Vista, I am running Vista
>>>>> x64 and I was surprised when I did a scan with Norton AV Corporate
>>>>> Edition 10.2 it fold several Trojan horses and viruses under
>>>>> C:/Windows which successfully cleaned and deleted.
>>>
>>> I woudn't hold your breath waiting for an answer from Mr. Andre Da
>>> Costa. I am still waiting to hear about the viruses he says Norton
>>> found in his Windows directory.
>>> If Norton had found something that Vista didn't block then I'm sure
>>> they would
>>> have told the world about it.
>>> So, I wouldn't trust any advice from Mr. Da Costa.
>>
>> Well here is from MY scan logs from Norton...
>>
>> 12/10/2007 7:15:52 AM,Auto-Protect,CasinoOnNet,Removal not
>> attempted,File,2007.12.09.006,10.1.0.26,SYSTEM,KANG,"Source:
>> C:\Windows\Install.exe,Risk category: Security risk,Overall Risk
>> Impact: Low,Action taken: Removal not attempted"
>> 12/10/2007 7:15:52 AM,Auto-Protect,CasinoOnNet,Removal not
>> attempted,File,2007.12.09.006,10.1.0.26,SYSTEM,KANG,"Source:
>> C:\Windows\Install.$$A,Risk category: Security risk,Overall Risk
>> Impact: Low,Action taken: Removal not attempted"
>>
>> This little beauty popped an extra entry into my Vista start menu, BUT
>> didn't show up under the Classic start menu. Slipped past everything,
>> and I am protected out the wazoo. I had to do a manual removal.
>>
>> So if this slipped past everything I have, there is INDEED a need for
>> AV.
>
> Well, if Norton classes whatever it found as :
>
> Security risk,Overall Risk Impact:
> Low,
>
> then it doesn't sound like a virus to me ! :-)

That wasn't the question, now was it? He said that nothing was going to slip
into the C:\windows folder. I just proved otherwise. Whether it is
low-impact or not, has no bearing. WAS it found in that directory? Yes, it
was. Be it virus, malware, trojan, whatever. Don't try changing the
parameters on the fly, just because you don't like the answer. Here is the
link to the description of the threat.

http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2006-062612-1530-99&tabid=1

Notice what it says under behavior...

Behavior
CasinoOnNet is an application that allows users to play online gambling
games. The software has reportedly been installed on computers without
notice or consent and is a potentially unwanted program.

Without notice or consent it says. That fits the bill for needing
protection wouldn't you say? And it DID slip past Vista's built in security
as well. I don't game or gamble on line. So this crap got picked up
somewhere while I was researching something, and was added WITHOUT telling
me, and WITHOUT my consent. That alone fits the bill for needing protection
for me and others.

The question you have to ask right now IS...

If a low-risk threat got past, what's to stop a high risk threat from doing
the same thing? I for one would rather be overly anal about security, and be
protected, than lose my data because I took a lackadaisical view towards it.

--
Ok, I admit it, I killed Barney!!
http://www.lockergnome.com/darksentinel
You know what to do with the munge
 
DarkSentinel wrote:
> "bomb#20" <darkstar@home> wrote in message
> news:wcWdnVtiNf87pvnanZ2dnUVZ8vGdnZ2d@giganews.com...
>> DarkSentinel wrote:
>>> "bomb#20" <darkstar@home> wrote in message
>>> news:5Z6dnUgCL6cAwMfanZ2dnUVZ8h-dnZ2d@giganews.com...
>>>>
>>> Well here is from MY scan logs from Norton...
>>>
>>> 12/10/2007 7:15:52 AM,Auto-Protect,CasinoOnNet,Removal not
>>> attempted,File,2007.12.09.006,10.1.0.26,SYSTEM,KANG,"Source:
>>> C:\Windows\Install.exe,Risk category: Security risk,Overall Risk
>>> Impact: Low,Action taken: Removal not attempted"
>>> 12/10/2007 7:15:52 AM,Auto-Protect,CasinoOnNet,Removal not
>>> attempted,File,2007.12.09.006,10.1.0.26,SYSTEM,KANG,"Source:
>>> C:\Windows\Install.$$A,Risk category: Security risk,Overall Risk
>>> Impact: Low,Action taken: Removal not attempted"
>>>
>>> This little beauty popped an extra entry into my Vista start menu,
>>> BUT didn't show up under the Classic start menu. Slipped past
>>> everything, and I am protected out the wazoo. I had to do a manual
>>> removal. So if this slipped past everything I have, there is INDEED a need
>>> for AV.
>>
>> Well, if Norton classes whatever it found as :
>>
>> Security risk,Overall Risk Impact:
>> Low,
>>
>> then it doesn't sound like a virus to me ! :-)
>
> That wasn't the question, now was it? He said that nothing was going
> to slip into the C:\windows folder. I just proved otherwise. Whether
> it is low-impact or not, has no bearing. WAS it found in that
> directory? Yes, it was. Be it virus, malware, trojan, whatever. Don't
> try changing the parameters on the fly, just because you don't like
> the answer. Here is the link to the description of the threat.
>
> http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2006-062612-1530-99&tabid=1
>
> Notice what it says under behavior...
>
> Behavior
> CasinoOnNet is an application that allows users to play online
> gambling games. The software has reportedly been installed on
> computers without notice or consent and is a potentially unwanted
> program.
> Without notice or consent it says. That fits the bill for needing
> protection wouldn't you say? And it DID slip past Vista's built in
> security as well. I don't game or gamble on line. So this crap got
> picked up somewhere while I was researching something, and was added
> WITHOUT telling me, and WITHOUT my consent. That alone fits the bill
> for needing protection for me and others.
>
> The question you have to ask right now IS...
>
> If a low-risk threat got past, what's to stop a high risk threat from
> doing the same thing? I for one would rather be overly anal about
> security, and be protected, than lose my data because I took a
> lackadaisical view towards it.


Technical details from the Symantec page you supplied:

Updated: June 1, 2007 3:46:06 PM
Type: Potentially Unwanted App
Risk Impact: Low
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

When CasinoOnNet is installed, it creates the following files:

%ProgramFiles%\CasinoOnNet\Casino.exe
%ProgramFiles%\CasinoOnNet\INSTALL.LOG
%ProgramFiles%\CasinoOnNet\UNWISE.EXE
%ProgramFiles%\CasinoOnNet\Unwise.ini
%ProgramFiles%\CasinoOnNet\Utils\CasinoOnNet.exe
%ProgramFiles%\CasinoOnNet\Utils\CCRD.iss
%ProgramFiles%\CasinoOnNet\Utils\Conditions.txt
%ProgramFiles%\CasinoOnNet\Utils\CST.iss
%ProgramFiles%\CasinoOnNet\Utils\ecinw.iss
%ProgramFiles%\CasinoOnNet\Utils\ExtractZip.dll
%ProgramFiles%\CasinoOnNet\Utils\mfc42.dll
%ProgramFiles%\CasinoOnNet\Utils\Msvcp60.dll
%ProgramFiles%\CasinoOnNet\Utils\msvcrt.dll
%ProgramFiles%\CasinoOnNet\Utils\Pl.iss
%ProgramFiles%\CasinoOnNet\Utils\sdlconf.cxm
%ProgramFiles%\CasinoOnNet\Utils\SoundDrv.dll
%ProgramFiles%\CasinoOnNet\Utils\TarotBonusGamesDLL.dll
%ProgramFiles%\CasinoOnNet\Utils\ToolTips.ini
%ProgramFiles%\CasinoOnNet\Utils\ViSBonusGamePlayer.ocx
%UserProfile%\Desktop\Casino-on-Net.lnk
%UserProfile%\Start Menu\Programs\Casino-on-Net\Casino-on-Net.lnk
%UserProfile%\Start Menu\Programs\Casino-on-Net\Uninstall Casino-on-Net.lnk


The program then creates numerous folders, .mpg files, and .bmp files under the %ProgramFiles%\CasinoOnNet folder.

Next, the program creates the following registry subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Casino-on-Net
HKEY_ALL_USERS\Software\CasinonetInstaller
HKEY_ALL_USERS\Software\casinoonnet
HKEY_ALL_USERS\Software\VHLD


As you can see , no mention of CasinoOnNet affecting Vista.
No mention of it writing any files to the Windows folder.
No mention of Install.exe
No mention of Install.$$A

Are you sure you were running Vista ?

If you were running Vista I would contact Symantec as I am sure they would love to blow their own trumpet
about blocking something that Vista couldn't.
..
 
Back
Top