Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's AntiSpyware Disabled by Spyware

Posted by CowboyNeal on from the save-us-windows-update dept.

Ruke writes "A trojan has targeted Microsoft's AntiSpyware program, deleting all files within the C:\Program Files\AntiSpyware folder, as well as logging keystrokes at several online banking sites." The good news is that it's a Trojan, so one still has to bother with running an attached file.

13 of 428 comments (clear)

  1. Its the content, not the wrapping, but.... by Deekin_Scalesinger · · Score: 5, Insightful

    The news itself might be interest, but in the realm of well written articles this will not make the list. A choice nugget from TFA:

    <<< The password stealing Troj/BankAsh-A Trojan, discovered yesterday, is a spyware. It keeps a track of user activities on the computer. It spies on you. >>>

    Er, didn't we cover the spying part two sentences ago? Is A spyware? A spyware what?

    <<< The Trojan also removes important entries of the antispyware in the registry and thus literal kills the antispyware. >>>

    Literal? Come on - this reads worse than half of the AC posts in YRO. I hate playing the grammar nazi, but this was painful to read...

    --
    "As the intrepid kobold companion continues his journey, he begins to wonder... if priests raises dead, why anybody die?
  2. Best Antispyware... by jo_ham · · Score: 4, Insightful

    The best antispyware is buy a Mac, or install your favourite distro.

    Sorry, but there it is.

    It gets tiring fighting the broken dam, you can't hold all the water back forever.

    1. Re:Best Antispyware... by JQuick · · Score: 5, Insightful

      The parent was moderated "Troll"?

      Obviously it touched a nerve for somebody.

      The bottom line is that currently spyware is only a problem on Windows. Thus, running any viable alternative to Windows is the most effective way of avoiding spyware at the moment.

      Running a GNU Linux distro, any of the BSDs, or Macos X are all viable options, and arguably the most efficient solution to the problem of spyware.

      Granted, many might find these options unsuitable for a variety of reasons. However, labeling that suggestion a Troll does not make it untrue. Wasting time and CPU to either spyware or anti-spyware software both seem objectionable. Systems which provide desired functionality, and do not require additional effort to continue functioning normally are a sensible choice for many.

  3. Wait for it....wait...wait.... by WordODD · · Score: 5, Insightful

    How long till the Slashbots come out in droves proclaiming M$ sucks and their spyware removal sucks and they should all go to hell because a trojan(more like a crappy little batch file) is able to disable their program. Nevermind the fact that with the way this program works it would be just as effective on AdAware or SpyBot...and nevermind the fact that before running this trojan the MS spyware program TELLS YOU NOT TO!!

    --
    Please do not let scientific accuracy interfere with the intended humourous/interesting/insightful value of this comment
  4. And in other news by cr0y · · Score: 5, Insightful

    Viruses shut down norton antivirus.

    I mean really, who didn't see this coming?

    --

    ItWasFree.com - Take the mystery
  5. And it's a sure bet... by Tuxedo+Jack · · Score: 4, Insightful

    That by the end of this week CoolWebSearch "affiliates" will be bundling it with their software to ensure that they remain undetected (except by HijackThis, Ad-Aware, and Spybot).

    --

    Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
  6. Beta version by Indy+Media+Watch · · Score: 5, Insightful
    From the article: "Microsoft Antispyware is still in its Beta version (experimental version).

    It's a bit early to point the finger.

    --

    Indy Media Watch-Proctologist of the Internet

    1. Re:Beta version by irokitt · · Score: 5, Insightful

      Also worth noting, how many viruses/trojans/whatever have started by disabling Norton, or McAfee, or Network Associates? High profile anti-virus programs get targeted for removal all the time. So this isn't just Microsoft's bag.

      --
      If my answers frighten you, stop asking scary questions.
  7. Do you work using restricted accounts by McDutchie · · Score: 5, Insightful
    All the more reason to do all your real work under a user account with limited privileges and definitely never to allow others who use your computer to run with administrative privileges. Since nothing can touch C:\Program Files from a regular user account, the trojan would be ineffectual.

    For all its security efforts, Microsoft continues to let users run as administrator by default, which is downright irresponsible. I just spent an evening cleaning an acquaintance's computer of a persistent, multiple spyware infection because of this policy of Microsoft. Needless to say I created separate restricted user accounts for all members in the household, but the Microsoft installer should have done this from the beginning! You cannot expect regular users to do anything except go with the default.

    I also installed Firefox, and set all of the Internet Exploder security settings on "High" on all accounts except the administrator one (so that Windows Update can be run).

  8. it *is* vulnurability by RelliK · · Score: 4, Insightful

    The fact that you have to run as administrator to get any work done is a security hole big enough to drive a truck through. It is ridiculous that you can trash your filesystem just by double-clicking a mail attachment. *All* linux distributions I've used set up a user account for you and encourage you to use it. Mandrake, for instance, gives you a big red warning if you start KDE as root.

    Until microsoft fixes this it will be plagued by security holes. And don't give me this bullshit about usability -- Mac OS X got it right, why can't windows?

    --
    ___
    If you think big enough, you'll never have to do it.
    1. Re:it *is* vulnurability by lasindi · · Score: 4, Insightful

      The fact that you have to run as administrator to get any work done is a security hole big enough to drive a truck through.

      This is true, but let's face it. To say that this is a real example of how GNU/Linux is superior is kind of a cheap shot. If GNU/Linux were mainstream, what would the normal user do? Download goodies.tar.gz from your email, compile and su to install it. Tada, your system is screwed. This is what an "average," unsuspecting, Unix user would do. Buffer overflows and the like are legitimate vulnerabilities, but to blame Microsoft for a trojan being written is just not a legitimate criticism. Any operating system that lets the user install anything is "vulnerable" to trojans.

      lasindi

      --
      I have discovered a truly remarkable proof of this theorem that this sig is too small to contain.
  9. Can't have it both ways. by b00m3rang · · Score: 5, Insightful

    When Microsoft released their Antispyware, everyone said, "Oh, well, Microsoft didn't do anything, they just bought the software from Giant.". Now that there's a problem, "Whoa, Microsoft's software really sucks. It's sure is all their fault."

    Pick a side, people.

  10. Nonsense.. by PurpleXanathar · · Score: 4, Insightful

    1) If Windows had protected the antispyware program in some special way, we were now all complaining about antispyware being considered "special" by the OS and thus being in unfair competition with other spyware programs.

    2) On any Unix machine you have to be root to install most of the software (you usually have to be root before rpm or make install) : a simple trojan relying on *stupid* user behaviour can be written for any platform and this is not a security problem of the platform, is a security problem of the user's brain.

    3) From 2, even if the default user was not administrator, most people would simply try to install this new porn-lemmings game they received and they would "run as" it (just like you su - make install on linux).

    4) It's not even only a problem in the user brain. I wonder how much would it take to discover 5 malicious lines inserted in some big open source project. This *is* a possible evet, it could be an angry sourceforge employer, a security hole somewhere, a

    5) It seems to me whatever the choice of MS is in any particular matter, there is always someone who takes it to bash it down. When the fact is ridiculous like in this example, this kind of behaviour is detrimental to the whole community. Do you live to make Linux great ? Than use your time to make it the perfect OS, not to make Windows appear the worst OS ever - 90% of users have chosen it as the best product for them and they will not change their mind because you are bashing it down, they will change their mind when they'll see something better *for them*. ..Go and flame me now.