Slashdot Mirror
Non-Technical Users Talk Malware
swirsky writes "The Chicago Sun Times is running an article detailing the experiences of non-technical users after they were infected by spyware, malware, and viruses. We cluck our collective tongue and think that we'd never be so stupid, but this is a major problem that plagues personal computing." From the article: "The study found that spyware has disrupted the computer lives of 43 percent of surfers. That means an estimated 59 million people have spyware or adware on their computers, the study found. Adware is defined as tracking programs that come bundled with other software and that users knowingly download, although they don't necessarily want the adware."
I downloaded my first program with BitTorrent a few weeks ago -- a TV show that my VCR failed to record. While doing that, I accidentally clicked on a certain part of the web page. Bingo slammo, my system was infected with spyware, this nasty Aurora and nail.exe
Being a technical guy, familar with the registry, COM, and how windows works, I went about trying to kill this pesky snake. A few hours later, after saying some words I won't repeat here, I decided to wipe the machine and start over (it was a lighly loaded box, so no major loss)
I could have gotten SoftIce and gone into kernal mode to trap this bastard, but it was way beyond my effort vs. reward tolerence level. Spyware has gotten so complicated and sneaky nowadays: to me it is worse of a threat than virsuses ever were.
Now I run double anti-spyware programs in addition to my A/V and firewall. I think that we technical people are also misunderestimating the danger posed by this junk to our own machines.
Run With the Bulls, Swim With the Sharks
Although I don't charge for malware removal (on my family's machines), I know a kid not much older than myself (I'm 15, I thin he's 17) that runs a business centered around this sort of thing....He is apparently doing very well... p.s. I must say I have to agree. I love malware as well, but for a different reason...every infection brings my family members that much closer to letting me switch them over to Linux...
How many were cookies? The only adware I've really got were tracker cookies from doubleclick etc. Those are recognised as infections in AdAware, and they are easy to get if you forget to turn off cookies.
I personally run Debian Linux as desktop OS on my desktop machines, and the *BSDs on my firewall and server machines and entrust my source backup to the FreeBSD machine with NFS, but it is not hard to have a Windows machine that is spyware free. I have my grandparents, non computer savvy teachers, and many relatives who call me "computer whiz" (which is annoying) setup with Firefox and a software firewall (I'm not going to setup an OpenBSD machine to firewall unless they give me more than four litres of Mountain Dew) and they have no problems. They all run Windows {XP, ME, 2000, 98} without problems. With Firefox and gmail, they have never complained about the computer "being slow" or "crashing alot" now. This is a simple solution that ISPs like Adelphia should solicit to customers, instead of blooding blocking ports to "protect" less competent users, and annoy the rest of us like me. These teachers and relatives are soliciting Firefox, gmail, and a software firewall to all their contacts.
Powered by caffeine and sugar; BSD
Gator, er, Claria, is not spyware.
Gator CPO at the Department of Homeland Security.
Legitimized by Microsoft and with representation on HomeSec DPIAC, Gator is now officially securityware, Citizen!
And if you've got some sort of problem with that, take it up with the boss, namely HomeSec's Chief Privacy Officer. She's none other than Nuala O'Connor-Kelly, formerly of Doubleclick.
What's with the head-on-desk-thumping motion? I'm not demented enough to make this shit up!
One one hand, spyware is some pretty evil stuff. There are little weasel programs I've spent quite a bit of time trying to get out of systems.
On the other hand, I get paid to do that. I just did one small company with 5 computers that was literally shut down because they couldn't do anything on their systems. Spyware is a problem on just about every single "joe average" computer that I have seen lately. The problem, of course, is going to get worse as long as Windows continues to allow users to run with privileged access by default.
I don't feel like going into a Microsoft rant - I'm sure it would be preaching to the choir anyway. I would like to share effective tools in my warchest for cleaning out spyware -
Ad-Aware - My favorite anti-spyware program right now. Gets about 95% of baddies.
HiJack This! - Cleans up anything that Ad-Aware may have left behind. It scans all startup regkeys, services, and BHO IE extension keys and lets you select which ones to nuke. BE CAREFUL, it lists both the good and the bad. If you don't know what a process is, google for it before you remove its key.
There are many other useful tools on this download page as well, like LSPFix. This program will fix the mess left by programs that mess with your TCP stack, such as New Net, whos manual removal can disable your Internet access completely.
Pocket KillBox - You know those processes that come back from the dead after you kill them? Can't delete the EXE because it's locked in both normal and safe modes? Pocket Killbox is what you need. If it can't delete the file outright, it can temporarily end the Explorer task and try it that way. If that doesn't work, it can use Windows' replace-on-reboot function to swap the EXE with a dummy file on the next reboot. Very handy for getting rid of the most nefarious of processes.
Spyware Blaster - Pre-emptive spyware prevention. The interesting thing about this program is that it doesn't remain resident in memory. Instead, it writes files and regkeys to your system that prevent the spyware from installing. Adding and removing protection can be done in one click.
-R
The mac had a fair number of viruses back around 1992-1994 when OS7 came out. At that point many schools were buying color macs (II series, then centra, then quadra) since they were far superior (graphically and in some means, performance-wise) to the PCs at that point. This happened to coincide with the beginning of internet use and networking in many schools, and quite a few viruses got prolific amongst the macs, at least in my school system. The only half-decent AV product at the time was from Norton, but even it was awful since it was really slow and wrote about 10MB of files in directories which the mac GUI couldn't locate (which was a fairly nasty surprise given how small hard discs were then)... it was nasty. I remember moving to win95B boxes (we skipped 95 initially) and being impressed with having fewer viruses and nuisances than on the mac. Granted, things have changed a bit.
I can't agree more. At least 75% of my business comes from spyware removal, and we're starting to get a lot of new customers who were sick of other shops just wiping their systems, not evening performing backups properly. The fact that we actually fix the machines, and in a worst case scenerio, create a real backup and then reinstall, brings us a ton of customers.
I luckily don't have to deal with the family removal issues. The one family member that is constantly infecting her machine lives no where near me, and my local family is very knowledgable (only one Windows user, my mom, and she keeps her machine so clean. Uses Firefox, and used Opera before that, with no input from me. Only problem is if she does call me, it means something is really broken and beyond her ability to fix it.)
I'll also agree that figure is pretty spot on for removal costs.
rm -rf