Posted on 10/31/2004 10:16:57 AM PST by quidnunc
David Eckstein turned on his computer one day and launched his Web browser, just as he had every day. This time, however, CNN.com did not automatically open. Instead, the page was a search engine he'd never heard of.
Eckstein tried changing the browser settings back to CNN but the search engine would return whenever he rebooted. Finally, he just gave up.
The San Francisco marketing consultant is yet another victim of spyware, an amorphous class of software that mostly gets onto people's computers without their knowledge. So resource-hungry, it often renders the machines unusable.
"It makes you want to throw your computer out the window," Eckstein said.
In the past year, the problem has become epidemic as people spend more time online and spyware developers get more aggressive.
"It makes spam look like a walk in the park," said Bob Bowman, chief executive of Major League Baseball's Internet unit, which in June started banning new advertisers from using such techniques.
As part of a government-backed study, technicians visited Jenna Dye recently in Young Harris, Ga., and found 1,300 spyware-related items on her machine.
"It would shut itself down in the middle of doing stuff. We had lots of pop-ups. The (CD-ROM) drawers would pop open," the mother of two complained. "It's frustrating. We spent $1,800 on our computer and we didn't want to use it."
Until the machine was cleaned up, Dye and her husband would make 2 1/2 hour trips to the nearest mall to avoid shopping online. "We use it every day now again," she said.
Spyware was found on the computers of 80 percent of participants in the study, conducted by America Online Inc. and the National Cyber Security Alliance.
-snip-
(Excerpt) Read more at chron.com ...
It seems to me that when a computer is infested with malware, becomes unusable, and the user has lost productivity, costing them money AND possibly service calls, the advertisers, or manufacturers of the malware should be liable for actual and punative damages.
I know of a company that had critical data on a computer that was infested. I couldn't just wipe the drive and then reinstall everything. I had to remove the hard drive, install it as a secondary drive, and clean it, save her data, then wipe and reinstall her OS and applications. She was without her computer for two days, and the service cost her about $1200. Her lost productivity probably cost her over two thousand dollars as well.
If we can't hold them legally liable, there should be some sort of justifiable clause in the assault laws, where it's OK if you can prove somebody is behind the malware, you can beat the crap out of them!
Mark
AMEN! Those are the free big three--and PC World just looked at spyware protection and all the crap on the market for sale, and Spybot and AdAware were still the best, even though they ARE free!
Weren't for me. But you do want to watch out with Hijackthis, which is a regeditor and could disable programs you need if you aren't careful. Many sites on the web have folks willing to help you figure out what you have in your startup files. I don't know exactly all the stuff myself, but I have found a lot of friendly people willing to assist me when I catch something weird with that--and I highly recommend if you use it and aren't 100% computer literate, you don't go knocking off stuff without a second opinion first.
My Ad Aware finds all kinds of things. I quarantine everyhing it finds.
I just updated mine this morning, no problem.
You should have been able to clean it from her machine in about 2 hours. What you did was pretty extreme. I'm to the point now that I can get a machine uninfected and armored in a couple hours. Most of the time is simply waiting on the scans to finish. I agree that they(spyware authors) should be held liable for damages, but it is not necessary to kill the drive entirely.
I've had some machines that literally started throwing popups as soon as the desktop appears. A new one would come at you 10-15 seconds later. It would never get to a point that you could function. 100% utilization. Some have had multiple trojans that don't allow themselves to be removed when not in safe mode. Still a few others required me to enter safemode Dos prompt to kill them. The fact is, you CAN kill all of them and if any system files are damaged, you simply expand them out of cabs files.
My FR homepage has more detail.
I think the ad-adware server may be having problems. None of my machines can download the new reference list, either. The latest refrence file lists the date as 2002.
Spybot can replace adaware for now. Spywareguard and Spywareblaster from Javacool Software are good, too. Free and efficient.
I got hammered today as I was setting up my wife's new XP machine. A shockwave install pulled down an IE homepage re-direct, a searchpage re-direct, and a BHO for some reason, but spywareguard stopped all 3.
I think Firefox, Mozilla or Opera are safer than IE in that regard.
Seconds on the AVG and Regseeker recommendations. Free and good for what they do.
Antivir PE is another free AV. I use AVG memory resident and set Antivir up to run a scan at night. Antivir does a good job scanning inside archives, and AVG will spot badguys when Antivir unpacks them into the Temp folder on it's pass through.
I've been using the free Sygate Personal Firewall as of late, too. It has a light footprint and will block outgoing requests at the application level.
I use linux hardware routers/firewalls even for my home network gateway, but I think the ability to block outgoing applications is worth running the firewall on a workstation.
Can't be too careful.
longjack
Nice job Malsua on your FR Homepage. You've got it all covered. I think from now on when this stuff comes up I'll just send folks directly to your FR Homepage.
bookmark
Thanks. I just updated it to cover the hosts file. Ran across a hijack last week that took all 404 pages(page not found) and redirected them to a whole list of places. Funny enough, it redirected all attempts to get to all the virus vendors and various other support files to the 404 page. Heh. It was essentially "We've got you now, and we're not going to let you even LOOK for help"
Perhaps if they nail Spamford Wallace, the spam king/spyware king, some of the other companies won't think the financial/legal risk is worth it.
Good luck!
Symantec has a new internet security product with their newest 2005 version. It finally includes spyware and adware. It only had virus checking before.
I try to help out when I can, I've been "playing" with computers for around 15 yrs without really doing anything constructive.I don't feel too bad about that if I can help somebody out from time to time.Need to know how to run Doom on a 486 with 4 megs of ram?I didn't think so.
LOL Get a new computer?
(a program called playdrv.exe is eating up ~60-90% of my system resources.)
I would start looking for this in Windows Explorer while running in safe mode.Check C: then program files then Windows if you can find it you should be able to delete it.
Just tried to update Ad-aware from work, and it did the same thing my two home computers did--show 5% complete and stop.
I updated Spybot successfully, though.
"Spywareguard and Spywareblaster from Javacool Software are good, too."
I'll give them a try.
"I think Firefox, Mozilla or Opera are safer than IE in that regard."
I read an article on Firefox the other day, and plan to try it.
"Antivir PE...Sygate Personal Firewall..."
I'm using Panda Titanium and Zone Alarm Pro with XP SP2 at home.
Funny thing, though...on one of my machines the disk write light flashes like a heartbeat monitor, and at just about the same speed. I thought maybe I'd been highjacked, but Zone Alarm blocks outgoing traffic, so I don't know what the deal is.
"I think the ability to block outgoing applications is worth running the firewall on a workstation."
I'm on the company LAN at work, so I have to let the Alpha Geek take care of that.
"I quarantine everyhing it finds."
I've been deleting. What's the deal with quarantine?
Spybot
Spyware Blaster
Spyware Guard
All free
I never get spyware
"If we can't hold them legally liable, there should be some sort of justifiable clause in the assault laws, where it's OK if you can prove somebody is behind the malware, you can beat the crap out of them!"
Can we use axe handles?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.