Registry Viruses

Quick question. Will the new Stable release of CAV 2 also scan for registry viruses? I’m fairly often plagued by registry trojans. Most recently - Win32.pcast

Location: Key “hkey_classes_root \pcast”

It actually related to a iTunes Podcast

Is my anti-spyware reporting a false positive?


There is no such thing as registry viruses. registry is just registry. Bunch of entries that almost always rely on files. So you need a physical file too. Plus i don’t know why PodCast should be malicious in any way. It’s like antispyware programs tagging ED2K entries as malicious even though they aren’t malicious at all. Same for Gnutella entries…

Edonkey is malware. Period.

proven over an over.

Amen!! 99 times out of 100, P2P should be called what it actually is - T2T (thief to thief).

“Thief” might be a bit too harsh - how about CCOUCINGATLTBSFCTD 2 CCOUCINGATLTBSFCTD (Chronic Collector Of Useless ■■■■ I’ll Never Get Around To Listening To But Still Feel Compelled To Download)

Before I am bombarded, please note that I have not said that P2P apps are solely for music/video/app stealing. Just mostly. :wink:

ewen :slight_smile:

Of course all it’s transfered on P2P is warez, sure… ::slight_smile:
Ever though where all the Linux distributions come from? Distribution of free software thats coded for free is not cheap. Especially if image files are from CD versions that measure 700MB up to DVD linux images that are as big as 4+ GB. Multiply this with like 2.000.000, hell even with 20.000 downloads and you’ll see the bandwidth demands which are massive. With P2P fans will divide the bandwidth among eachother, decreasing cost. Sure there’s warez too on them but saing P2P is thief to thief is just plain stupid generalizing. Or for example where would you get a song from some music artists that broke up decade ago? Artists are gone, publishers don’t sell the stuff anymore. Sure i could dig out people willing to sell those old CDs but thats just simply out of reach.
Only way is to get that on P2P. Or maybe it ever happened to you that your original CD got scratched so it’s not working anymore? Sure some companies offer you free exchange but sending that stuff to US from another side of the world is not really a viable option as it would probably cost more than just buying 5 other CDs. 2 games got scratched like this, both originals. And thanks to P2P i could download perfect copies of those games so i could burn them again and play them as nothing happened. I still have the originals as they are, well originals, but to play them i use the backup from “evil” P2P. Not so evil anymore eh? But of course, RIAA/BSA already washed your brain… ::slight_smile:

And for crying out loud, eDonkey is not malware. I’m all ears if you can prove that coz i doubt you can (at all)…

I read ALL of your words. Please do me the courtesy of reading ALL of mine.

I did say that not all P2P was bad. I did, however, say that most of the data flowing across P2P networks is.

Your “2 games” example is a perfect case in point. Do you really think that some benevolent soul put the CD images on the network just on the off chance that someone who had bought those 2 games suddenly ended up up with defective CDs?

P2P is an exceptionally valid technology, but technology has to be evaluated in terms of its usage.

Whilst I’m absolutely certain that you have never used a P2P network to obtain data to which you had no legal right, I’m equally certain that the same can’t be said for most other users of P2P networks.

ewen :slight_smile:

ed2k free has/does install malware, or you cannot use it. it has been that way for along time.

p2p is not bad, but loads of malware is spread through p2p networks. hackers fish ip’s through them. virus, rootkit and spyware is attached to 90% of it. anti p2p companies log your ip and flood your bandwidth.

p2p is, and will continue to be, hacker/malware heaven.

ED2K is network, not a program. eDonkey is a program. And it doesn’t contain any malware, just adware which is well documented and user is well aware of it. So no spyware and malware.
Gathering IPs on P2P is clueless work as there is milions of IPs that are just random stuff not connected with anything in particular. Hackers have more important stuff to do than gather IPs.
Percent of malware on ED2K network is very small, far from 90%. FastTrack (Kazaa) was heavily flooded by malware, where you could hardly find non malicious stuff. But thats not the case on ED2K. I’ve had reports of P2P worms spreading on Malware Research and we had hard time finding ANY malware, let alone that specific one. After like 2 hours of intensive searching for just that very sample i found just 1. So that 90% is far from realistic. I’ve also done search for VBS, SCR, PIF and EXE files and from all these downloaded only EXE files below size 500KB were malicious. SCR, VBS and PIF were all clean even though they looked malicious. So if you avoid files like GTA San Andreas.exe with size < 1MB you’ve already excluded 80% of all malware. This is the most common trick which can be resolved by size checking. Simple as that. Honestly, if you’re a pirate, looking for warez on ED2K is far less risky than doing the same through browser on HTTP webpages…

Of course, the average user has no clue about filesizes and what and gleefully download whatever has the filename they are looking for… alot of “warez” are spread through ALL p2p networks. Just dl anything and everything that could possibly be illegal (excluding movies , tv and music), and you will find malware in nearly all of it.

It’s a strange community of people who do these things, some of them are out to do malaicious things and some are not. Of course, I hope you realize that alot of companies also install thier own “warezed” things for you to dl, and yes they do log your ip. And yes, these often contain very nasty professionally written malware. (sad that companies do this actually, they will deny it to the end but they do it.)

Also, hackers love p2p, they just have to connect to the network, and they have loads of wide open systems to start exploiting, becuase as per usual, most p2p users are not using it for legal means. (and often the file is being seeded by the would be hacker himself). Nor they have any idea about computer security, and some are just plain dumb.

The internet is an open system completely, and people new to the internet have a lot to learn about how to protect themselves and thier computers. Otherwise, none of this software would be needed :wink: