Is anyone else tired of spyware?

Locked

Do you want to do something about it?

I’m a network admin for a small company. While I have anti-virus on all our computers, I can’t really stop spyware/adware from installing itself.
yes, I can educate users, but we know that won’t stop all of it.

I’m spending probably at least 1 day a week cleaning PC’s. And as soon as I find a tool that I think cleans up the systems, a new flavor comes out and I’m forced to wipe the hard drive.

I’ve had it! And I think some of you feel the same way. So I have an idea.

Many of these hijack programs direct browers to specific web sites. Also, popup ads that install themselves on the hard drive target specific sites and/or products.

So I’m thinking, why not bill them? If I spend 2 hours cleaning a PC, I should send them a bill for, oh, $50 an hour, or $100 for my time. Of course, they won’t pay, but why not?

Could these bills, not payed, be turned over to a collection center? Could legal action be taken? By myself, I won’t be able to make much of a dent. However, if we could get hundreds or thousands of techs, and maybe consumers, or businesses submitting bills to these firms, could it impact their slimy business? Could this work? Would you be willing to particapate?

I welcome your feedback!

Topic

Tired of Spyware

In reply to Is anyone else tired of spyware?

Hi

For starters, you might want to install Firefox on the users desktop, then go into Internet options and increase the security levels as well as maybe enabling content advisor. Also if you put Spywareblaster or Spywareguard and keep them up to date, they will stop most of the garbage that tries to drop in on your’e users desktops.www.wilderssecurity.com/spywareguard is the site to go to. You also might want to check out the Beta Spyware program that Microsoft is offering, keep in mind it is a Beta (Research and Development)(WinXP) and download it onto the users desktops, it has active monitoring, when surfing the net, and will protect the computer. As for billing the perps who are responsible for this, save your stamps and just try to be proactive in ensuring your companies assets are clean.

Good Luck

Jim

Reply To: Is anyone else tired of spyware?

In reply to Tired of Spyware

the problem is that installing firefox is not an answer to the problem. Protection through using a more obscure product will only help in the short term as if we all do this it will gradually move to be the leader. Once everyone moves to firefox then so will the spyware developers! What do we do then move back to IE or go on to opera? In either case the spyware people will follow eventually.

Programs like MS’s antispyware will help however this product is best positioned currently for homes and small businesses as currently as far as I am aware it cannot be controlled by GPO thus controll of the product on 1000’s of desktops is not going to be easy. MS will add this in but probably a version or two on from this beta.

Billing these people will not stop them but some how we have to put them out of business, or learn to live with them.

Firefox does help!

In reply to Reply To: Is anyone else tired of spyware?

Trevor Bax does make one wrong assumption.
In fact there are no longterm solutions to the spyware problem. Spyware guys were, are and will be constantly prowling for our Net behaviour, so their bosses can give us the ‘right’ popups, banners, etc… And their compadres, the spammers, can flood our mailboxes with their ‘irresistible offers’…

Fact is, since I installed Firefox and stopped using IE, my two spyware removal tools (SpyBot and Adaware) hardly find anything to remove.
IE is and will be a leaky basket, Firefox is a much more robust Program, which obviously has been designed from a clean(er) sleet.

Conclusion: Firefox is a good short term solution. And I have more confidence in Mozilla than in Microsoft to stay abreast of events.

Fix the cause, not the sypmtom

In reply to Firefox does help!

Using other browsers will help until someone find a security hole somewhere and continue their sinister actions. This i see as fixing the symptom while we should be fixing the root cause – people producing spam in the first place.

Spyware isn’t Spam

In reply to Fix the cause, not the sypmtom

SPYWARE IS NOT SPAM!!!

Spyware collects info on you …. SPAM is Unsolicited Commercial Email.

Maybe the problem is idiot programmers who don’t do any/enough research.

cause and effect

In reply to Spyware isn’t Spam

SPAM is one of the major end results of spyware

And….

In reply to cause and effect

I’m sorry to dissapoint you but that’s not going to stop spam!!

Email addresses can be harvested in many other ways too.

People posting their addresses in the internet.

Major sites being compromised.

Incorrect newsgroup postings.

The list goes on and on…….

So what. Do you want to ban email too?

Why not just ban the internet .. you won’t get any adware/spam then.

You see your comments do not make sense.

I could just use a simple phrase like you do “cause and effect” to make a mockery of just about anything.

I wish someone had thought of a way to stop spam … oh yeah I forgot .. they have … it’s called Anti Spam programs!!

Just like in the real world you need a firewall. You also need good Spam filters.

But I suppose that means you actually have to use your brain and download one.

Oh, and BTW, where do you get your statement from that “SPAM is one of the major end results of spyware” I suppose you actually just made that up!!

Who said it was spam?

In reply to Spyware isn’t Spam

Who said it was spam?

??

In reply to Who said it was spam?

Nobody said that.
The parent of my post was insinuating that SPAM has nothing to do with SPYWARE. They are closely tied.

gordon.forbes did

In reply to Who said it was spam?

Quote:
“Fix the cause, not the sypmtom
Using other browsers will help until someone find a security hole somewhere and continue their sinister actions. This i see as fixing the symptom while we should be fixing the root cause – people producing spam in the first place.”

THE ROOT CAUSE PEOPLE PRODUCING SPAM IN THE FIRST PLACE

Not all spyware/adware is just to get your email address.

Google is adware, and to some extent spyware.

There’s also Alexia (which comes bundled with windows).

They record demographic, browser, your searches etc.

What do you think they do with that – they don’t sell your email address (well, not that I’ve seen so far), they make money from spying on what you’re doing.

With 20 spywares at a time how would you breakdown the billing?

In reply to Who said it was spam?

Sure, that’d be fun, billing the spyware company, but with maybe 20 spywares on any given computer that I have to clean, how would you break down the billing? I’d say the CWS_about blank has caused me the most greif.

Aren’t they working on legislation to make these softwares easier to remove?

The Wallet hurt them

In reply to Fix the cause, not the sypmtom

If you hit them in the Wallet the US Spyware vendors will just move overseas out of the reach of the long arm of the law. How can we really fix the problem or prevent our users who fold their arms and play brain dead.

Read this article…

In reply to The Wallet hurt them

You want to fix the software problem? Read this article and you’ll understand what needs to be done.

http://www.techweb.com/wire/security/159402774

Users playing brain dead

In reply to The Wallet hurt them

“or prevent our users who fold their arms and play brain dead.”

The problem is, they’re not “playing”, they really ARE brain dead

IRS Principle

In reply to Fix the cause, not the sypmtom

I think hitting them with a bill would make an impact, but if you find one of them and make an example out of them like the IRS it would change their thinking. A slap on the hand doesn’t intimidate people any more. People are setting around so cushy happy because they’ve got the liberal judges making things easy on them – not to mention the immoral, Homo-loving “Supreme? Court who are managing to pull this country into a pit called hell. We need more people who will do what is needed to straighten things out.

bring back the Terminator!

In reply to IRS Principle

Spyware relies on things like “Active-X” in order to turn IE into a gateway to hell. Firefox doesn’t use active-x, so it’s immune to those types of exploits. Also, IE is tightly woven into Windows – an integral element of it, in fact. There are thousands of known and yet undiscovered pathways into your OS. Firefox doesn’t. It’s that simple. None of the PC’s in our organization which use Firefox have a problem. None.
I’d love a movie where the superhero hunts down spy-jackers & spammers and gives them each a violent, painful death. Pass the popcorn.

Fix the cause, not the symptom

In reply to Firefox does help!

Using other browsers will help until someone find a security hole somewhere and continue their sinister actions. This i see as fixing the symptom while we should be fixing the root cause – people producing spam in the first place.

Easy Said… But Not Easily Done!

In reply to Fix the cause, not the symptom

How would you stop them?

Infact, you answered the reason to all failure in “Symptom fixing”… “until someone finds a security hole somewhere and continue their sinister actions.”

Firefox helps, but

In reply to Firefox does help!

Firefox helps, but its not always an option. Some sites that my business must use only work with IE. And even when its a viable option, its a short term solution at best.

If the music industry can get the names and addresses of music downloaders, it should be easy for the justice department to track down the people who produce this crap and put them out of business.

Firefox not always an option….

In reply to Firefox helps, but

Firefox doesn’t handle some website very well, so you would have to have IE available for those web site that Firefox doesn’t render very well – but then you have to educate DAU’s (dumb arse users) how to use Firefox, AND when they need to swap to IE to view a web page properly, AND then explain to them (again & again) why they have to use two browsers (why can’t I just use IE????).

Some people have as much ability with computers as I have artistic ability (ie – none!) 🙂

Stu

Music downloaders

In reply to Firefox helps, but

Evidently there is no advantage to the powers that be to stop spam or spyware the way there is to stop music downloads.

Can you say re-election

spyware v. illegal downloads

In reply to Music downloaders

I would say the difference between the two has more to do with the amount of pressure put on the ‘powers that be’ by the parties concerned.

If the userbase united and started harassing the government about spyware it’s likely there would be more action on that front.

The liklihood of such a thing actually occuring to the same degree as the RIAA pressures is rather implausible though.

I’m game

In reply to spyware v. illegal downloads

It would be fun even if we never got “paid”.

And what’s more Firefox…

In reply to Firefox does help!

Firefox, by virtue of being open source, has all those folks out there helping to make it more robust. It’s still fixing the symptom, but so far it’s a pretty damn good fix!!!!

Firefox not that good.

In reply to And what’s more Firefox…

It’s probably just my computer but something is screwing up Firefox and I don’t have much free time to research through websites and faqs to find the answer. With that last “big” upgrade my right click went bye-bye. I could still highlight and edit, copy and paste something I wanted to keep for reference. Last week I upgraded several extensions and now my highlight went bye-bye and also select-all. I am forced to open IE to save anything.
Firefox has gone backwardsd for me. I don’t see how it can hope to compete with IE the way it’s going.
Now I gotta figure out how to make IE my default again. I gotta go. Spent too much time on this.

extensions

In reply to Firefox not that good.

You probably are using mouse gestures extension – this will cause your right-click to be disabled until you press ctrl or shift. You probably are also using auto copy extension – upon hightlighting, it copies the text to clipboard, and then removes the highlighting. In some ways Internet explorer has just dumbed us down. These are things you chose to install, don’t blame it on Firefox. Configure or remove them.

Great minds

In reply to extensions

Goddam … you just beat me to it 😉

FF or User?

In reply to Firefox not that good.

I bet you’ve probably downloaded Auto Copy without bothering to read what it does.

Well, it’s great, when you highlight something it automatically copies it to clipboard and then deselects it (like trillian).

Don’t worry, it got me confused for a bit when I first used it, but I use it all the time now, as all I need to do is highlight, it just removes 2 extra steps … copy and deselect 🙂

Check the bottom right of your screen for something that says “Auto Copy ENABLED”.

If you don’t like it .. disable it.

Or just uninstall all the plugins you downloaded if you don’t unerstand how they work.

Tools -> Extensions -> Uninstall what you don’t like.

way to go G.Brown, you’re a genius

In reply to FF or User?

Thanks for re-answering the question. That is half-reanswering the question. See the above post by me for the full explanation.

Aha!

In reply to FF or User?

No,I didn’t read it. Thank you! I’ll try to find it and read those things. Right now I gotta go back to my daughter’s house and clean out her kitchen faucet. It’s down to a trickle. She had an old water heater that had pvc pipes inside. They disintegrated and clogged up everything. I hope this fixes it. I really don’t want to replace all her pipes. I replaced the water heater Sunday. That’ll teach me to have kids.

Don’t know enough

In reply to Firefox not that good.

Since you do not know how to reset IE as your default browser, you are incapable of understanding the dangers of using IE and the advantages and disadvantages of each product.

I have not used iE for last 3 years, I use both Opera (for speed, security) and Firefox (ease of use, security).

I have spent far to much time removing trojans brought in under MS’s security free (as in no security) activex. My desktop belongs to me, I paid for it and I will not surrender control to MS and its licensees.

Removing IE

In reply to Don’t know enough

While Removing IE is a novel Idea, you would still have to worry about IE only sites. We sure do hope that FireFox could work out with that. For you to resolve your spyware issues, and would like to contribute ways on how to troubleshoot those buggers, here’s a third-party site which I could suggest… http://www.hijackthislogs.com

You think you know it all ?

In reply to Don’t know enough

Read your EULA….YOU DON’T OWN ANYTHING MICROSOFT! In effect, you sort of lease it!

AND…6 sites that I visit daily must use IE, which includes a University web site I use for my MBA in IT. FF screws it up totally! I do use FF for the rest of my research, but….

And don’t be admonishing people for knowing or not knowing something….not all people can be as ‘SMART ‘ as you, jschmidt, and gbrown….it really shows your level of intelligence…you’d rather complain and belittle instead of help.

That was not FF’s fault.

In reply to Don’t know enough

1) It was the fault of the site designers, who used certain MS-centric features, which do not conform to W3 standards.

2) There are FF extensions available to accomodate such “Broken” sites.

An increasing number of site developers are coming to the realization that, unless they wish to & can afford to be unaccessible to an increasing large portion of their potential market, they need to move away from using MS features that work only on IE.

Deepsand, isn’t that web design 101 though?

In reply to Don’t know enough

One of the VERY first things I learned long before the simplest tags, was cross browser compliancy to make your page accessible. ANY company, or institution that hasn’t addressed browser compliancy issues is hardly building effective pages. I seen so many poeple who can make collected data dance and sing on THEIR end but when it comes to visitors or web positioning they haven’t the vaguest clue what they are doing.

Rule 1: Ensure your webpages are viewable in multiple resolutions, not everyone runs 1280X1024 , make your navigation simple and ensure you have CROSS BROWSER FUNCTIONALITY! If not, the code you can write isn’t worth the keystrokes used, and definitely not the paycheque you earned for writing it.

if I hit a site that I can no longer access, I email the site admin LONG before looking for a way around it. They are closing the doors, not Firefox.

Of course it is.

In reply to Don’t know enough

But, as in so many other trades, the newbies think that they can skip the prerequisites & jump right into grad level stuff.

Either that, or they’ve got some know-it-all superior who insists that they absolutely need some eye candy that is most easily produced by a non-conforming app..

Well, if you’re that adamant against MS

In reply to Don’t know enough

Just use any number of the various flavors of linux.

back to basics!

In reply to Firefox does help!

it is so “American”! Instead of going to the roots of a problem some soft fix is proposed. User’s who surf the internet steal time from their employer. Even if they do it during breaks – it’s the employer’s equipment and not intended for personal use. Therefor employees should pay a share of the cost, similar to a parking violation. Guess how quickly they drop the bad habits and increase productivity! It seems nobody is willing to talk straight to an employee unless it is “you are fired” which eliminates any reasoning and makes it pretty easy on the boss.

Joachim

change of browser

In reply to Firefox does help!

how about using Netscape 7.2 as primary browser ??? .. i know it has a more rugged design and build than IE 6.0 or whatever they have as their “latest one” out there .. i use UNIX as my primary OS and Netscape does a wonderful job for me .. no complaints … down with MS .. up with Sun.

MS AntiSpyware on domain

In reply to Reply To: Is anyone else tired of spyware?

I admin a school with multiple users on each machine. Giant antispyware had a big issue with this. The User Shell Folders checkpoint causes user files to be redirected to other users home folders. Many students have lost files when logging into the lab where it is installed. I’ve worked around but it is machine specific settings. Until final release and .msi install DO NOT USE in environments where users share machines.

Won’t put out of business, but . . .

In reply to Reply To: Is anyone else tired of spyware?

You are probably currect about not putting these busybodies out of business, but as I understand the initial idea, it isn’t to put them out of business, but rather to make them have just as much if not more trouble about billing, as we are having with spyware etc. It gives me a great deal of “joy,” seeing in my minds eye, their Administrators, etc, chewing on their bottom lip in disgust at the sheer amount of billings that they have to climb through!

Why not sue them!?!

In reply to Tired of Spyware

If somebody trespasses on your personal property, as in your computer with spyware, then sue them for the transgression! If they collect personal information about you or your habits, without your permission, then you got a case in Canada given new federal legislation (i.e., PIPEDA). Unfortunately, most freeware or shareware, use the benefit of their software as the carrot for their spyware. However, if no benefit and no permission, then sue!

HOW?

In reply to Why not sue them!?!

A great idea – so let’s sue. Now WHO do we sue…under what law? Who do we serve papers to? Which jurisdiction?
Spyware software developers know that there are no answers to these questions yet, and know that they have to be “caught in the act” before they can be prosecuted. Yes, they are infringing on our privacy – unasked…..but sending them a bill is only asking to be targeted. Hoping you will be paid is like hoping to win back-to-back lotto’s.

Billing for Spyware wouldn’t work…

In reply to HOW?

Think about the way a lot of web advertisement works. Legitimate ones at least, you click on a banner or an ad, and the referring site gets “credit” for referring a potential customer to the site. That’s the value and power of the web for many businesses. Then you have companies who will offer the referral bonuses to ANY site which refers potential customers.. this is where a lot of the spyware/adware comes in, while billing for spyware wouldn’t stop it, any legitimate business would have to change their payment practices to include “damage” control from potential bills/lawsuits, or decide to only pay for customers who actually PURCHASE product or services from that site. It’s not going to stop it all, but it should slow it down.

Sue & Win ????

In reply to Why not sue them!?!

The principle sounds right. But what in practice will happen if you sue or if you bill.

Personally sueing or billing the spamware company for damages or time spent in cleanup or other countermeasure efforts forced upon you will only be effective if you win or if you can bring the billing to legal channels and win your case.

I am all for this avenue as a means of deterrence but I feel that without credible cases and credible precedent all this banter is for not.

We need a landmark case filed at the lowest levels and won and all apeals exhausted with fines and settlement paid and done.

EJ Cox
Sanatoga, PA

Being Proactive About Spyware

In reply to Tired of Spyware

I agree that Firefox is usually a viable alternative to IE. However, since not all webages are create equal, some “mission critical” sites do require IE. In addition, many IT professionals (especially government IT like me) can do nothing to change these requirements. So, the game continues and we must do whatever we can in our limited spheres of influence.

Given the constraints I just mentioned, there is still wiggle room. If your company has the cash and willingness to cooperate, WebSense is a great product.

In my opinion, a proactive organization will have the following:

1. A web/URL filter to block sites that host spyware, mobile malicious code, web-based email, and remote proxies. (Installation of P2P file sharing and IM clients are a leading cause of spyware.)
2. A solution that will allow administrators to block the download of certain file types.
3. A solution to block specific ports used by spyware related apps like IM and P2P.
4. Methods to detect and block spyware on each client workstation.
5. Methods to remove spyware that did not get blocked.
6. Acceptable use policies for enterprise network and email.
7. End user education.

An organization can configure a secure stack, including a firewall, cache proxy, and web/URL filter to accomplish the first three objectives. Websense is worth investigating as a URL/Web filter. Websense claims their product is the only one that blocks incoming and back-channel transmission of spyware.

Check out these URLs:
http://www.websense.com/products/resources/wp/EmergingThreats_Spyware.pdf

http://www.websense.com/products/about/PG/

Workstation – Spyware Prevention Checklist

In reply to Being Proactive About Spyware

For IT professionals that do not have the luxury of WebSense, you can still be proactive at the workstation level by using my Spyware Prevention Checklist:

Spyware Prevention Checklist

Consider using Firefox for all web browsing unless functionality of business critical web applications require Internet Explorer. If you can use Firefox exclusively, then steps 2, 3, 5-8, & 10-14 still apply.

1. Open Internet Explorer, click Internet Options, click the Security tab, and click Default Level on each Security Zone.
2. Install all Windows Critical Updates.
3. Install and update Spyware Blaster. Remember to click the link to Enable All Protection.
4. If you have Windows XP, use SP2’s built-in popup blocker. Otherwise, install a valid popup blocker of your choice.
5. Either manually disable the Messenger service or run GRC’s Shoot the Messenger applet.
6. Either manually disable the Universal Plug & Play service or run GRC’s Unplug & Pray applet (Windows XP Only).
7. Execute DSOStop2 and click the Protect Internet Explorer button.
8. Execute HTAStop and click the Protect Internet Explorer button (WARNING: Windows XP Only – Will cause problems on Windows 2000).
9. Install IE-Spyad2.
10. Run GRC’s SocketLock utility.
11. Install and update JavaCool’s Spyware Guard or utilize the built-in spyware detection of MS Antispyware, Spy Sweeper, or Spybot S&D’s Tea Timer.
12. Rename the default Windows Hosts file located at %windir%\system32\drivers\etc and place the Gorilla Design HOSTS file in the same directory.
13. Install eDexter to efficiently handle the new HOSTS file.
14. Educate the principal user on Internet best practices.

Utility Download Links:
Ad-Aware – http://www.lavasoftusa.com
CWShredder – http://cwshredder.net/bin/CWSInstall.exe
DSOstop2 – http://www.wilders.org/downloads.htm
eDexter – http://www.pyrenean.com/distribution/dxtr142.exe
Firefox – http://www.mozilla.org/products/firefox/
HijackThis – http://www.spychecker.com/download/download_hijackthis.html
HijackThis Log Analyzer – http://www.hijackthis.de/index.php?%20langselect=english
Hosts File – http://accs-net.com/hosts/get_hosts.html
HTAStop – http://www.wilders.org/downloads.htm
IE-Spyad2 – https://netfiles.uiuc.edu/ehowes/www/res/ie-spyad2.exe
LSPFix Utility – http://www.cexx.org/LSPFix.exe
Microsoft Antispyware Beta – http://www.microsoft.com/downloads/details.aspx?FamilyID=321cd7a2-6a57-4c57-a8bd-dbf62eda9671&displaylang=en&Hash=KX7DK75
Shoot The Messenger – http://www.grc.com/freepopular.htm
Spy Sweeper – http://www.webroot.com/shoppingcart/tryme.php?bjpc=64000&vcode=DT02
SocketLock – http://www.grc.com/freepopular.htm
Spybot Search & Destroy – http://www.safer-networking.org/en/download/
Spyware Blaster – http://www.javacoolsoftware.com/spywareblaster.html
Spyware Guard – http://www.javacoolsoftware.com/sgdownload.html
Unplug & Pray – http://www.grc.com/freepopular.htm

Great Post!… but…

In reply to Workstation – Spyware Prevention Checklist

Move step #14 all the way up to #1. User education is always your best defense.

User Education

In reply to Great Post!… but…

You misunderstand. I am a proponent of user education before, during, and after spyware cleanup. I just always make sure to do it before I leave a user with their cleaned up computer. Doing so leaves a final impression as to the importance of computer security.

AND I HAVE TO PAY

In reply to Tired of Spyware

and y do i have to pay for a firewall and antispy and be busy to mantain them
if not for spyware

Well, if the ONLY work you’re doing IS…

In reply to AND I HAVE TO PAY

Removing spyware… it’s keeping you fed, isn’t it?

Hijacking

In reply to Tired of Spyware

There are laws against hijacking an airplane or one’s automobile, why not one’s computer? Spyware’s authors have no permission to use my computer,but they do anyway. This is not freedom of information or speech. Throw them in jail? Lawsuits anyone?

EXCELLENT SOLUTION TO ALL SPYWARE/ADWARE SCENARIOS

In reply to Tired of Spyware

http://www.mediachance.com/free/spythespy.htm

They will claim…

In reply to Is anyone else tired of spyware?

They will claim that users ‘agree’ to their sofware being installed in some way by clicking their misleading crap.

I’m all for trying to bill the gits though. Lots of small bills would be harder for them to fight I guess though. Think of 10,000 people trying to take em top court for $100 each. They’d have to send someone to court 10,000 times to defend themselves.

On a brighter note have you tried the MS antispyware beta? It might be the sort of product you are looking for to block infestation in the first place.

Interesting idea

In reply to They will claim…

now if we could just coordinate it so that we all file in small claims court at the same time against the same companies…..

Not at the same time…

In reply to Interesting idea

…but at different times. Why make it convenient for them so that they only have to show on one day? Make it so that they have to be in court every single day of the week, and in every possible jurisdiction.

Across hundreds of jurisdictions?

In reply to Not at the same time…

If we get people from all over the country submitting claims at the same time, then the companies will end up having to be in court on or about the same day in multiple locations, thus requiring a lot more resources.

A good point

In reply to They will claim…

I’m glad you brought that up. Yes, I expect that they may say we somehow agreed, (I don’t think you always get a choice though). In a corporate environment, I am the only legal decision maker. When there is a policy that users can’t load software, any ‘agreement’ the user might make shouldn’t be valid.

I think….

Users

In reply to A good point

Try setting up the users with limited accounts on their desktops, this will stop them from installing even after they have downloaded, as well as stopping them from installing off of disks. Also if you have clear guidelines on internet policies, you shouldn’t have these recurring problems, unless some of the users don’t subscribe to your policies, then methinks it is time to replace users.

Yeah, well….

In reply to Users

It’s a good idea, but when I tried limiting the desktops, I found that some of the apps we use wouldn’t work.

I’ve been able to educate most users, but there are some hardcore ones that, well, what can you do. We’re a small company and the owner are proud of the fact that we have a limited number of company ‘rules’. It makes it a nice place to work, but it does cause a few problems for me….

This is one solution, but

In reply to Users

many users need to be able to install software, so it isn’t a complete answer.
SA’s can block some of the sites using access lists, and SP2’s firewall plus other anti spyware utilities in combination might reduce the problem temporarily, but the bottom line is, someone is trying to use the computer and connection YOU are paying for to make money for themselves.
This is no different than the telephone solicitors using YOUR phone and YOUR phone account to call you during dinner to sell you something you don’t want.
Don’t buy anything you see as a result of a pop-up ad or SPAM, first of all, and secondly, make those responsible for the problem bear the cost.

Tightening down users

In reply to Users

While stict tightening and web access control could signifigantly cut down on spyware, you have people who would scream about the freedom of speech. Saying their rights are being violated in the work environment by the company censoring what information is available to the user. I’ve been there, done that, within 6 months of implementation of the server, I was told to take it down, but of course not before making special “rules” for 150 so execs who wanted to go here or there. They told me the server was being eliminated because it reduced productivity..

Whose Responsibility?

In reply to A good point

Youe employees may not be able to enter into legal agreements, but if they let the spyware in against your policies, they have personal responsibility for the outcome… Unfortunately, responsibility wouldn’t likely lie with spyware producers unless they used deceptive tactics to get your users to install it.

Your assuming a lot

In reply to They will claim…

If the scumbags are in a country that can’t be bothered to have a law against such behavior because they are making money off of it, the there would not be a court for them to answer to.

A mafia hit sounds good to me. Let them wake up with a horses head next to them.

But just like SPAM and Virus originators there should be a way to nail them to the wall.

Nice One

In reply to Your assuming a lot

The mafia hit sounds good.

Personally I think it’s a good idea to bill the companies and I would be willing to get involved. I’m sick of doing the same thing and wasting time doing shit I shouldn’t need to.

Yessir

In reply to They will claim…

As mich as I hate to admit it – Microsoft Antispy beta is a pretty kickin program

MS AntiSpyware

In reply to Yessir

I’ve found MS AS, pretty efficient, it’s very fast at scanning for the files, and unlike a lot of the other ones which just remove the “core” spyware file, MS AS often removes most if not all of the files from the directory, and has them listed as signatured files. Also, it has the functionality of hijackthis, plus it’s much more informative.

Spyware Blaster

In reply to They will claim…

http://www.javacoolsoftware.com
This software prevents several thousand active x and java items from know spammers and other bad actors from running and installing themselves on your system. Freeware. I is the only preventitive rather than reactive software that I know of.

So far MS Antispyware is OK

In reply to They will claim…

I agree the MS Anti-spyware is a fairly decent product for a beta version. I like many other admins can’t wait till there’s a enterprise version so I don’t have to visit each desktop to deploy this sucker.

I would not put it past MS to eventually bundle this into a service pack.

We generally deploy our desktops with Spybot and MS Anti-spyware now. The combo of the 2 seems to catch most of the stuff.

Personally I would rather be doing more productive admin stuff than having to deal with this crap, but such is the vein of following the MS route for employment.

MS Antispyware interfers

In reply to So far MS Antispyware is OK

I found that MS Antispyware was causing the cpu to freeze if I had Norton’s running. In fact, I did not realize MS antispyware was installed until my cpu’s started freezing. I disabled Norton’s and it stopped. So who do we trust?

We had problems too

In reply to MS Antispyware interfers

We are currently using Spybot and MS Antispyware. We’ve found that we have to install spybot before MS otherwise it really mucks up the system and we can’t get MS to make any of it’s agents active. The combo of the 2 seems to work fairly well. Just don’t put it on anything less than a P4, it wreaks havoc on our Celerons.

Spyware, Banner ad server Class action suit !!!!!

In reply to They will claim…

First of all you can bash Microsoft if you like that is not the real problem. You can suggest Firefox but that is not a 100% fix all solution. The problem is these slimey rats that are just plain con artists and crooks. They need to pay for thier actions. How do you educate users on every way they can be fooled into installing trash on thier system. Especially when it changes daily. I have even verified that some infections come through the regular banner ads that appear in your browsers or pushed out by visiting a sites home page. I would love to see them pay. I would go so far as to have a lawyer who wants to make some cash start a class action suit against these people. I am sure there is one out there somewhere. I have spent numerous hours repairing corporate, education and home users computers because of this. I have also been infected on my own even when using multiple vendors products that claim to block or clean this. As for Microsoft’s Antispyware ( formerly Giant) it does not work on WIndows 98 which there are still has many users.

Unreachable goal

In reply to They will claim…

The problem with billing them is that there are hundreds of different people/sites writing these pop-ups into their code, and even if we did all send them bills, they would not be enforcable by law. They would have only succeeded in wasting more of our time in sending them bills. Even a class action suit would be problematic as it would require somebody identifying all the culprits behind the popups, though I guess if we just targeted the companies that were named in all the popups it would be a good start.

For short term goals, I had a recent problem with pop-ups, and using spybot, adaware and a few other downloaded tools did nothing for me. Then I saw StopZilla, and installed it for a 15 day trial period. It immediately stopped my pop-ups, and since the trial period ended and I uninstalled it I have still been pop-up free. Whatever it did really cleaned up my PC.

It Taint The Users’ Machine

In reply to They will claim…

I work for a California Government Entity. As such, we try to emphasize to the users the machine is not their personal machine and they are not supposed to be installing whatever they want. “What do mean, I don’t have administrative rights to my computer!!!! I need to be able to screw it up royally anytime I want and then just need you to fix it.”
As such, maybe the EULA argument could be countered by the user didn’t have the proper authority to install it.
Also, I want to see if any of the California entities (State, County, DA, whatever) have the “huevos” to enforce the new law about installing Spyware on a computer.

TTFN
Paul

Just stop it yourself

In reply to Is anyone else tired of spyware?

I have gone from cleaning more than 70 entries per week to 2, and they were both acceptable and set to ignore as they are just cookies from a homepage login.

How’s it done? Firefox, free, no adware.

The only way I hav picked up ads with Firefox is from installing sharware and in that case you must agree to the license first.

Spot on, Oz

In reply to Just stop it yourself

I run Firefox, with SpywareBlaster, and the spyware infections have almost disappeared. The occasional tracking cookie is about it.

cheers,

Alan

Good one, Oz

In reply to Spot on, Oz

Firefox, SpywareBlaster, and now I’m down to a cleanup once a month, only to get rid of the occassional cookie. Way to go Mozilla.

Actually

In reply to Good one, Oz

There is a flaw in firefox that enables a malicious user to infect you.

The funny thing is ….

It infects IE …

Anyone know how to uninstall IE completely?

Uninstall IE

In reply to Actually

A little FREE program called “IEradicator” does a pretty good job of it.

Thanks

In reply to Uninstall IE

I’ll have to give it a go.

I used to have IE as a backup for some people that couldn’t be arsed to write their webpages properly, but actually, recently I can’t remember launching it at all.

So, I think it’s goodbye IE.

only on Win9x

In reply to Uninstall IE

IEradicator doesn’t work on the latest Windows (NT) versions …

uninstall IE

In reply to Actually

you can uninstall it with 2000lite / XPlite.

the only disadvantage; you can’t do Windowsupdate anymore because that will only work with IE, what did you expect ?!!!

Windows Update isn’t Necessarily a “Necessity”

In reply to uninstall IE

Even though you can’t do ‘WindowsUpdate’ you can still download each individual update by their corresponding MSKB article; it can just get tedious trying to find all of them.

Go here

In reply to Windows Update isn’t Necessarily a “Necessity”

I disabled ActiveX ages ago, even when I did use IE.

The easiest way I’ve found to dl the updates, go here:

http://www.microsoft.com/technet/security/current.aspx

You can choose your OS or Program and list all the updates available.

Thanks for the link noorman

Heck with WindowsUpdate – use Bigfix

In reply to Windows Update isn’t Necessarily a “Necessity”

I’ve found that bigfix provides the updates in a timely manner, lets you vet and install the ones that you want, and ignore those you don’t. http://www.bigfix.com, and, it’s a freebie! They also offer enterprise solutions.

Cool

In reply to Windows Update isn’t Necessarily a “Necessity”

Nice one, I hadn’t heard about that.

Just had a quick hunt for it.

Brilliant, it seems like they’ve got a free home user edition.

Think I’ll play with it when MS can be bothered to release their latest patches/upgrades or whatever you want to call em 😉 seeing as they didn’t bother this month.

Here’s the link for others…

http://www.bigfix.com/download/download.html

I would agree with you if you were right

In reply to Actually

All of the examples I have seen of this supposed “flaw” are situations where the user goes to a web site with Firefox, is presented with a warning asking whether or not to allow a Java applet to run, and then the malware is installed by the Java applet.

This has ABSOLUTELY NOTHING to do with Firefox. Firefox correctly presents you with a warning asking whether or not you want the Java code to run. Once you’ve allowed the JRE to run the code, Firefox is out of the picture.

In this case, it’s a user issue. If a popup comes up and asks if you trust the software from “Integrated Search Technologies,” it’s your own darn fault if you allow the applet to be installed.

You’re right .. but so am I :)

In reply to I would agree with you if you were right

That’s the only one I’ve seen too.

You see in FF you get the option not to install – in IE you don’t. Unless you’re up on your security then this is the inherent problem with IE.

Why do you think that they’re bringing out IE7?

I figure that what MS was trying to do was to wait until they release their next OS and only ship it with that.

But now that Mozilla/FF is getting many more users, MS have decided to do something about it.

Do you think that if FF wasn’t available they would have bothered?

I don’t think so, it would be like the firewall etc that you can’t get for windows 2000, only XP.

If they had it their way, you’d have to upgrade to the next OS to get this.

Call me cynical but it’s plain as the nose on my face.

Firewall IS available for W2K

In reply to You’re right .. but so am I :)

But you have to configure it manually.
XP is very much like W2K. They made some things easier, and of course, made it look as different as they could (otherwise, why spend $200 for an upgrade?), but under the hood, the improvements were largely inconsequential.

MS got u eating out of their hands

In reply to You’re right .. but so am I :)

Upgrade or Security Patch?

I know what I’d argue, and I definetly know what they’d argue. Jeez, i’m sure that if it was possible they’d charge you for each update available.

Actually, I suppose you could really say that XP is just a slight update of win2k.

The features could be implemented if MS wanted, but they’d prefer more of your money. And it sounds like you’re way to willing to just throw it around.

Yeah, LINUX

In reply to Actually

IE can be surgically removed from Window$, but the best way is to dump all M$ entirely.
I don’t use it unless I am forced to, and that is only because of my job.
I can’t say too much bad about M$. If it weren’t for supporting their crummy software, I’d be out of a job.

I absolutely agree!

In reply to Yeah, LINUX

No offence to the others… But I agree with Jeff!… especially about the “Crummy” Part!
It’s more “Crummy” than the amount of Crums that can be found in a cookie factory!
Although XP is higher up their pittiful scale of improvements… as for win98 & 98SE also Win ME, you’d be doing your self a favour by buring your head in the dirt and watching your self sufficate, then suffering the stressful headaches of constant fixing of the problems…

Or was it Fixation?

In reply to I absolutely agree!

Constant Fixing… Or was it Fixation…
either way, the so called 800 pound Gorilla (Microsoft) I presume fits both notations quite eliquently.

One must not forget though… most viruses are specifically aimed at MS, by MS haters to bring it down… which would be no real loss. The truth of the matter is… Spam and Spyware aren’t meant to promote malfunction like viruses, their ment to steel and sell, two words that affect all users alike… because it is the users they plan to affect… not the program.

Auto Load-and-disable

In reply to Just stop it yourself

Can someone write an ap that will respond to requirements to “load” (but disable) a spyware program to satisfy requirements of a web page? Or…can an application be written that hands a neutral or false front set of data to the spyware program? What would be the result if the data the spyware program collects is worthless to the spys?

Who’s to blame?

In reply to Is anyone else tired of spyware?

At a meeting of a local computer club we had a round-table on ‘Spyware Blame’, and your idea was mentioned – it is a good idea.
Another one that raised interest is getting the ISPs involved. I guess the logistics would be staggering to this, but it might also be the most effective. If we were able to monitor our connections, add up all the junk at the end of the month, and deduct that off our Internet bills … the ISPs would respond very quickly.
As it sits now, ISPs almost seem to encourage internet garbage, as it has become a source of revenue for many of them … selling spam blocking, spyware control, firewalls, virus packages, ….

But, the bottom line is still education. When people stop clicking where they shouldn’t, the problem will start to vanish.

ISP’s are the choke point

In reply to Who’s to blame?

If you want to try to stop the creation/distribution of spyware the only effective method will have to involve the internet governing bodies. 5000 state, provincial, federal … laws/lawsuits will never accomplish the task. There will always be some banana or icicle republic out there that won’t play along.

The internet governing bodies could set up criteria for pulling IP’s. In order to protect their business ISPs would then be the enforcers and the cost of providing services would go up to some degree in order cover costs.

There will always be some moving targets, but if they are constantly forced to pull up stakes we may be able to make the cost prohibitive for them to do “Business”.

If you think world governments can do the job better spend your time/dime on defenses. They are all incompetent or corrupt.

Good idea

In reply to ISP’s are the choke point

Yeah, brilliant, if ISP’s stopped IE or MS from accessing the internet then there’d be a lot less adware/spyware.

Instead of making the net more expensive for me and all other people who could be botehred to do a little research, it would speed it up (that spyware takes a lot of bandwith, and i’m on contended adsl).

Yes it would reduce bandwidth loads

In reply to Good idea

I not quite sure what your comment about IE or MS has to do with my post?

You are right elimination of spyware and associated spam would reduce bandwidth loads. I doubt it could be done without a significant expenditure of time and money for someone.

If your thinking is, the savings in bandwidth use would offset the cost of producing that savings, I would be very suprised if that proved to be true.

P.S. as in (Please Sincerly) see my “I Bsolutely Agree Post” and then…

In reply to Good idea

P.S. as in (Please Sincerly) see my “I Bsolutely Agree Post” and then…
Definitely see the other one after it!

That would be nice…. But!

In reply to ISP’s are the choke point

“The only effective method will have to involve the internet governing bodies.” Nice Statement! But in this case… Reality Bites! There is no such thing as “internet governing bodies”. The Internet was, is, and always “will” be the new born [wild child] of the [I.C.N.I] (Information Communication Network Infrastructure), and Hackers have convincingly show that this wild child… has, is and always will be “Unpredictable”, never truely conforming to rules. As for [I.H.P] (Information Highway Policing)… That’s a Joke. What we need is… [W.W.W.I.I.I.R.R.R.S] A (World Wide Web Intellegent Internet Information Recognition and Rejecting Response System) that can truely distinguish and identify the Crap.

“And Also”

In reply to That would be nice…. But!

[W.W.W.I.I.I.R.R.R.S] should be placed on [Sole-Network Servers] (independant of direct communication to P.H.C’s) and between specific junction points of the [N.I.L.E] Network Infrastructure Layout Ecosystem.
P.H.C = Personal Home Computers

WWW – Wild Wild West

In reply to That would be nice…. But!

You’ve got a real talent for acronyms!!

Call it what every you want, the point is Governmental/Legal remedies won’t work. Governments are incompetent, Lawyers don’t care about the result just the fee potential.

Talking about sending bills, class action suits … is wasted wind. So we are in the Wild Wild West, better be able to protect yourself or someone will steal your horse.

Acronyms Authority

In reply to That would be nice…. But!

That would be Creative Response Advertising Program (C.R.A.P.) I suppose?

A while back computer world had an article mentioning the acryonym authority:
American Committee to Reduce the Use of Acronym Names, (or ACRUAN) for short. To apply to use a new acronym you need to fill out the form for this (New Acronyms To Be Considered, or N.A.T.B.C). To obsolete them fill out the other form, Acronyms to be Removed From Actual Use Now, or ARFAUN form.

Thank you for your future filling out these convenient web based forms in triplicate.

That’s cute!… “Acronyms Authority”

In reply to Acronyms Authority

My point on this…

What is this world comming to?
An Acronyms Authority? For Pete’s-Sake, (and I mean that!, Pete… if your really out there?)
I mean, Come on… lets get real! “Acronyms” are/should be, and were meant to be used only within the same body of information… whether it’s a book, essay, paper, etc. so that valuable space or irritating repetitiveness dosen’t consume the readers mind. Now sure… I used Acronyms in short paragraphs where I didn’t need to…. I’m guilty 🙁
But this thing about Political correctness on the meaning of Acronyms, or Acronyms being used and copy-righted by businesses, that should be illegal. Political Correctness should only associate with words and Phrases themselves, and Acronyms be used for what they were designed/meant for.

Before… the term “windows” was an open concept name used in the early portion of the computer age, now it’s to be the sole property of a dictatorship firm known as Micro Soft?

They weren’t even the ones who came up with the windows term?, and just because some bought off judge decides that the name is now property… dosen’t make it so.

What next? Some one going to Copyright the name Darleen? How about Buch? Maybe Bill… Now that would be funny!, Right B.G.?

Hey, what if someone copyrighted the term “IT”, what then…. everytime we use it, we pay royalty?

When the heck did Language ever become ownership? Ideas… sure, Language…, names…, Acronyms… hello world, get real.

food for thought

In reply to Is anyone else tired of spyware?

Good points. I should add that I’ve been useing various tools, including MS AntiSpyware.

I am testing Firefox now. I know that it will prevent many of these problems, but there are a few issues with it as well.

I do try to educate the users here, and to be honest, it’s really a hard core of 10-15 people that have a problem. But the owner of the company encourages the employees to ask me for help with their home PC’s, and I’m happy to do it, but they always have the same symptoms, i.e., “my PC is running slow, can you help?”

I have to say, I believe that the problem is bigger than just cleaning PC’s. A number of times I’ve searched for something, gone to a website, and gotten hit. No subscribing and no downloading. And I know that the problem will get worse. That’s why I believe that something needs to be done, and we all need to address it.

Thanks.

I love it

In reply to Is anyone else tired of spyware?

I have no problem with spyware at all (at home). I have a problem with trying to manage tech support inquiries that are attributed to spyware.

If I am infected at home, I can deal with it myself. Pity to those who do not know the ways of Windows. Pity to me who has to listen to the bickering. 😉

well

In reply to I love it

I am sure they would just LOVE to bring the computers to you at work and have you fix them. After all, being nice and personable, people might think you were a repair shop…..

Yeah… yeah

In reply to well

I’m working on my attitude – I need to discourage people from asking me for advice. The next time that I talk to a client, it’ll be with a grunt.

how silly

In reply to I love it

If you have no problem with spyware at your house then stay in your house because some of the world outside of your house is clueless. Whoever you are giving support issues for, you should give them a clue and let them know how you keep it out of your house. Otherwise you are just going keep feeling pity for yourself. It’s not going to stop itself you need to find a solution not just an answer to a quick fix.

ruble ruble ruble time to get back to work

???

In reply to how silly

Some people do not want education, they want a silver bullet solution. My support is on the ISP level, so you can just imagine.

Lock the desktops

In reply to Is anyone else tired of spyware?

I know it is a draconian tactic, but, if you lock the desktops and get serious about filtering web access you can stop most of the spy-ware coming at you.

Even if you just keep adding restricted sites to a web filter and increase the blocking level of your firewall, you can reduce spy-ware significantly.

I must be too limited in my surfing, as I don’t have a spy-ware problem myself.

(At least since I forced my kids to stop using the peer to peer networks.)

The number 1 source I have that attempts to install mal-ware on my systems are the free desktop theme and screen saver sites.

One thing to keep in mind, is that spy-ware is just the latest battle in the war of people trying to make money off of their web sites.

First it was banner adds, then pop-ups, now it’s mal-ware.

What will be next if we do manage to effectively stop the mal-ware?

Chas

Yup

In reply to Lock the desktops

In the corporate world, you need to lock them down.

On a home support basis, there is not much you can do besides cringe. 🙂

Dead on (for the most part :)

In reply to Lock the desktops

I completely agree that the garbage screen savers and themes will slow your computer down to a speed that seems comparable to a Pentium 90 (just an illustration; don’t quote me). Another source that you’re right about are a lot of P2P software. And, it’s not whats downloaded that’s causing the problems, but the P2P software itself. If you’ve ever installed stuff like Kaaza or BearShare, your computer is almost invariably full of trash.

However, I’m not sure how much locking the desktop is going to help. Certainly, it will help some. However, IE is so much a built-in part of windows (this can be debated), that even a locked down user who’s using patches that are only slightly out of date (which isn’t unusual in the corporate world), they also have the potential to infect the entire computer, especially if a virus is installed. And, the problem with filtering the stuff at the firewall/router/you pick, is that much of it runs encrypted through the normal www port 80, which makes spyware traffic very difficult to determine without very sophisticated software. Really, what it all boils down to is having all systems patched as much as possible, even with the headaches involved. Add in a GOOD anti-sypware system, and the threat will be reduced phenominally. Unfortunately, patches can break things, so until MS decides to make patches that are fully compatible with “all” instead of “most” currently working software, you may have your hands tied.

Group Policy and Non_Admin

In reply to Dead on (for the most part :)

The easiest thing that I have seen that works is to balance user abilities with Group Policy, User Rights, and Internet Filtering.
In group policy there is a software restriction policy. I have found that placing the 14 most prevelant spyware executables into the policy has stopped almost all of the spyware infections in our environment. We have only had 3 infections in 12 months across 3500 computers.
Our users also do not have admin rights, so most software will not install properly even if they get past policy.
We also use N2H2 to filter our user’s internet access, blocking access to many of the sites that provide free screensavers and themes (which are where many infections come from).
The last peice of protection comes from the company pc policy that states that the user is not allowed to install freeware, shareware, or beta software on company computers.

Side note: I have only had to update the group policy list of executables twice in since we started using it. That makes it real easy to keep up with. You can also block the creation of certain folders, which lots of the “non-spyware” spyware uses for installation.

If you would like a list of the executables and folders that I am blocking, drop me a line. I’d love to help out fellow IT guys!

==============================
IBecause of the requests for information, I have started a new thread with help in it under the desktops discussions.

Help for the little people

In reply to Group Policy and Non_Admin

Yes, please! Starting a list of known executables and folders can go a long way in the corporate world.

Invasion of Privacy Act

In reply to Is anyone else tired of spyware?

Why doesn’t this fall under the catagory of invasion of privacy. If we were being bombarded with adverisers at our front doors, You could force them to stop by law. The computers in our homes and offices are private property. If computers are not covered they should be. As far as I am concerned Adware and Spyware getting loaded on my computer without my permission is equivalent breaking and entering. We need to start a grassroots uprising or a class action suit to have it stopped.

Uninvited (Guessed)s

In reply to Invasion of Privacy Act

I couldn’t agree more that Spyware qualifies as invasion of privacy. It seems many of these programs get installed whether the user chooses Yes to Install, or No to not install. I bet the perpetrators would cease if we hit them with criminal and civil penalties!

Expose the companies and all partner companies

In reply to Is anyone else tired of spyware?

If companies start to get bad press for this type of activity, then you would get their attention.

Note, has anyone seen where some of the spyware makers are threatening the adware removers to stop removing them? The search tool bars were claiming that even though they were installed as a Media Player update that the customer agreed to it.

Scumbags.

deceptive packaging

In reply to Expose the companies and all partner companies

Surely such a combination of “friendly” and “unfriendly” software, passed to the consumer on labelled as the “friendly” software must constitute a very hostile form of deceptive packaging.

If I buy a tube of toothpaste and the fineprint (written on the inside of the cardboard box) says it contains a significant amount of sugar then this would clearly be a case of deceptive packaging.

How is the bundling of nasty software with useful tols any different?

I never claimed otherwise

In reply to deceptive packaging

I mearly stated that they “claimed” that the user concented. I also mentioned that when the popup apears, it states that it is a media player update. When in fact it had NOTHING to do with media player.

details.

There is software out there that helps a lot!

In reply to Is anyone else tired of spyware?

I had exactly the same problem….antivirus software, but still getting tons of other garbage that took forever to clean up. Often, the user feels like your a god for being able to “fix” it, but it just feels like a TERRIBLE waste of time.

Then, I started trying different software to combat the spyware nightmare. Initially, I tested AdAware SE (the personal edition…I don’t pay to only test software…sorry Lavasoft). You can download the free version or buy a commercial license at “http://lavasoft.de”. It works fairly well, but it’s difficult to administer.

Next, I tried Spybot Search and Destroy, which also has administration problems, but it has a ton more features to help prevent the adware in the first place. Plus, it’s completely free, which is a big plus if your protecting quite a few machines. Well, it catches most stuff, but not all. So, I went on to try something different.

The last one is Spy Sweeper (http://www.webroot.com), and I have to say, this is the one to use. There is both a standalone version and an enterprise version that will allow you to monitor and set rules at a central location. You can also download a free 30-day trial (includes definition updates) at their website. Seriously, you should just try it and see what it finds. It’s absolutely amazing, at least to me.

I know CA also has a spyware tool for enterprises, but I haven’t had the chance to play with it. Honestly, I don’t even feel I need to. Spy Sweeper will clean your computer clean as a whistle (of course, as long as you don’t have any viruses festering and trying to cause chaos).

Link to Spybot S&D

In reply to There is software out there that helps a lot!

For those curious, here’s a link to Spybot Search and Destroy (http://www.safer-networking.org/)

You can combat it al network level

In reply to Is anyone else tired of spyware?

I’ve found that FortiGate products (FG-50, 60) have feature to filter out “grayware” (that’s way they call it). It’s appliance that have firewall, router and content filtering features. It’s not cheap but it does the job. I am sys.admin in about a dozen organizations and two of them use FG’s. They forgot what is spyware. But to configure FG and configure its VPN client is a MAJOR pain in the a$$ :))).
On PC level – Spybot + Adware + Microsoft’s AntiSpyware beta (with agents enabled) does this job (and don’t forget HijackThis – powerful small tool against hijackers).

Good luck.

True Fix

In reply to You can combat it al network level

This is what needs to happen if spyware/adware/spam is to stop: Find the CEO of the company who is spreading it. Pull him (or her) out of their house in the middle of the night or a Saturday afternoon. Make them run a gauntlet of those who have had their computer compeletly compromised or identity stolen. If they survive to the end. Lucky them. Repeat as needed with the next company and/or the same. There is NO incentive not to spread spam or spyware.

Nice idea but too pro-active for most!

In reply to True Fix

I agree with the sentiment but your solution is probably even less “legal” than “crime” we’re fighting!

Until there is an enforceable law – unlikely? – We can either frustrate them by blocking their attacks on our systems (which will be an ongoing struggle)or we can identify perps and spam them back big time. Overload their setup and clog up their net access.

If you do set up a lynching party however, don’t forget to invite me!

Legal?

In reply to Nice idea but too pro-active for most!

kitg6flw,

Yes, I do have to agree with you that it is currently illegal. We should change that. What is needed and needed NOW is an inforcable law that makes spyware/adware illegal, and with painful consequences. Be they financial or other wise. Corporal punishment for propigating/distributing spyware/adware? There is caning in Malaysia. The real point is that the spammers/spyware/adware perps are getting away with it. For them to stop, they must be hurt. Ok, legally. I have spoken with so many people whose systems are so overrun with spyware/adware that the only way to fix it is to wipe the hard drive clean and reload, OS et al. Yes, they loose all of their data.

You will be invited, but it won’t be a lynching (too fast!).

Hijack This

In reply to You can combat it al network level

I agree – great piece of software, with extremly helpful forums 🙂

hijack this

In reply to Hijack This

also has a automated log analyzer at http://hjt.iamnotageek.com/ i found it very good cleared out a bad home page hijack in about 15 mins

Sick of spyware

In reply to Is anyone else tired of spyware?

I think that billing them is not enough. I would like to charge them for bandwidth, diskspace, processing time, Time for waiting for the download and time for cleaning up the mess. I am sick of these intrusions and raping of my computer resources. Why is there a law for breaking and entering, stealing and damage to propperty but not for syberspace?

hosts filtering

In reply to Sick of spyware

one of the power tools in spybot include a huge list (128k i believe) of sites that are added to the hosts list to redirect to local host.
127.0.0.1

basicly, when your computer gets a request to connect to one of the listed sites, you instead get a connection to remote host unavailable type message in the block where the ad or other request resides.

It has helped a lot to keep my system clean, even/especially when visiting sites that are known for banner ads, spyware, and such.

Use e-Dexter Too

In reply to hosts filtering

e-Dexter cleanly handles the local host redirection and replaces the Page Cannot Be Found error on blocked websites with an inconspicuous image file. You can download e-Dexter from here:

http://www.pyrenean.com/distribution/dxtr135.exe

Right on!

In reply to Is anyone else tired of spyware?

But someone should ask the senate to pass a bill on that. Even more so millions of $ of productivity are lost everyday by the amount of people that has to clean up their PCs. Could we ask a senator to indulge a committee to study this?
Best regards,
Paulo Tavares

Reply To: Is anyone else tired of spyware?

In reply to Right on!

Have the government study this? Get real. As long as the people who do this grease the right palms, you will get NOTHING.

Listen to the arguments already. Most claim that the customers are presented with a screen to which they must agree to the installation of whatever innocuous trash they are luring the “customer” with, PLUS the rights to install whatever garbage the scavengers want to install at any time. (This, obviously, does not cover the “drive-by” installations.) Still, many of the self-righteous jackals DO have the law on their side.

And you want people who (for the most part) cannot operate a computer as well as your dumbest user to make legislation on this matter? No offense, but instead of billing the companies or coming up with some “strategy”, you would be better off taking up a collection among people who are pissed off, and bribing some key players in government. It is faster, more direct and MUCH more effective. (Sorry, it is Monday and the subject is government. No optimism…)

Spot on

In reply to Reply To: Is anyone else tired of spyware?

What happens when the Jackals become part of the law?

http://techrepublic.com.com/5208-6230-0.html?forumID=81&threadID=168955&messageID=1733016

RE: SICK OF SPYWARE

In reply to Is anyone else tired of spyware?

I am in full agreement…however getting paid from these firms could be a pain in the arse. Would we ever receive payment?

In the meantime, our clients keep getting with with this crap, interfering with their internet access, popups and want us to clean them off the system and we have to charge them to keep in business ourselves. It’s a vicious cycle.

I would be willing to participate in billing the bastards who write the shit to begin with.

Spyware…tools and ways to fight it

In reply to Is anyone else tired of spyware?

Installing Firefox is a good option, if your company like mine is more comfy with I.E. install the google toolbar, it blocks pop-ups. On machines running WINXP install MS Antispyware beta-for once something from MS actually works.

On older machines, one a week run either spybot search and destroy or SystemMechanic Pro 4 or 5, the popup blocker is quite effective.

More than that educate, educate, educate…if that doenot get results, and you want to take real drastic steps and can do so, block Internet Access for a day for the offenders…

Corporates using Norton should install its firewall, too.

Blocking and IEFeats solution

In reply to Spyware…tools and ways to fight it

We’ve had a real problem with certain malware with customers that deal with websites in Eastern Europe and China. Our solution is Firefox (which is much less susceptible to malware) and AdAware Plus which can actually block Malware on the way in (as opposed to trying to get rid of it once you have it already). This combo works amazingly. If you need to use IE then AdAware Plus also does the trick as it stops malware on the way in. Be aware you will have to teach users to use AdAware (particularly the AdWatch part) and that it will aggressively stop popups – including legitimate ones but it is easy to temporarily disable (right click on icon) but your users will have to be shown this.
Also if anyone is fighting with the IEFeats malware and it is particularly tenacious I found the only way to find the files is with a Linux boot CD with NTFS access. Try http://ebcd.pcministry.com for a the bootCD. (by the way the USB boot device ($25) is also amazing) Then look for unknown dlls logs and dats. (I had qaawf.dll, dfaqv.dll, n_zfayhs.log, n_napbaa.dat, n_lkwxuc – you get the idea). The dlls were around 64kb and the some of the dats and logs had HTML code in them which was the home page that came up once infected.
I hope this helps someone save the hours it took to figure it out!!!

Interesting Idea

In reply to Is anyone else tired of spyware?

Sign me up. Something has got to be done to put a halt to these scumbags that think it is ok to invade a persons personal possesion and load it full of their garbage. I have heard of so many unfortunate folks that lost so much information because they did’nt know how to get rid of this invasion of privacy. Their lack of computer knowledge led them to believe that all data was destroyed because of the direct actions of these morons that install this garbage. If anyone has a better idea well now is the time to speak up. But for now….I’m on board.

Roast a Spammer

In reply to Is anyone else tired of spyware?

That’s a great idea; I bought a new vehicle and the dealership was most interested in my having to also purchase their plate frame with their logo. My direct question to the salesman was how much was the company going to pay me for advertising for them; needless to say, no plastic licence plate frame was put onto the vehicle, just the plates. The same principle should hold with spammers and ISPs who don’t pay attention to how their resources are employed and since they’ve allowed their subscribers to take up space on my hard drive and if it’s like the crap from Millennium Digital Media in Charlotte, Mich by sending Trojans and to try to use my machine as a proxy of some sort, they SOBs should pay very dearly.

Michigan is trying to get on board…

In reply to Roast a Spammer

At this time Michigan Legislature is attempting to craft a law against spyware and trojans. Lets hope it works and someone uses it against these bas*****!

California and Utah Already Did

In reply to Michigan is trying to get on board…

California and Utah already have anti-spyware laws. 14 other states (including Michigan) are considering legislation as well. The U.S. House of Representatives already made a unanimous vote for passing the SPY ACT.

Will it do any good? I live in Utah and I can tell you that spyware hasn’t decreased here. Utah is currently battling a constitutional free speech challenge to their law. It’s too early to tell what the effect of California’s legislation will have since it just passed in January.

The CAN SPAM Act neutered previous state legislation against spam. Federal legislation against spyware is likely to have a similar effect on the states.

One of the primary problems law makers are having is defining “spyware”. There are, in fact, legitimate companies tracking the browsing habits of their customers so they can align products and services for them.

Even IT professionals have a difficult time defining spyware because it has become a multifactor threat.

Look, spyware legislation will do little more than acknowledge to the public that lawmakers know there is a problem. This issue will not be solved by domestic law. It cannot be enforced. Even international law may have little effect as the U.N. is unlikely to assign a high priority to antispyware measures and they do not have a distinguished law enforcement record.

The bad guys are organized. They work in groups. They have money and they are making more of it. How do you effectively track these guys? I mean, the more annoying, invasive, and damaging their tactics, the less likely law enforcement will find them.

A technology consortium including major tech companies like Microsoft must provide solutions and they should do it in conjunction with government entities. The onus should fall upon the shoulders of Microsoft since vulnerabilities within their Web browser and operating system are being exploited. (Ultimately, the end users and support professionals are exploited.)

We’re all frustrated because we are the guys in the trenches. Our resources are dwindling and the spyware situation is escalating. I just want to be heard and hope that my voice will make a difference, but I don’t know who to speak to.

Is there a law for that?

In reply to Is anyone else tired of spyware?

It’s a wonderful idea but it should have a legal aspect to back it up. If there’s a law that would state that, then anyone can claim for damages resulting from spyware. Then maybe that would deter spyware development and eventually phase it out. But is there such a law for that?

Now we just need to find a sleezy lawyer (oxymoron)

In reply to Is there a law for that?

Now, we just need to find a sleezy lawyer that will take on the case and sue the perps for our money. BTW, this needs to include all of the money for the damaged hard drives, sometime loss of data and even operating systems in some cases…

Actually it is redundant

In reply to Now we just need to find a sleezy lawyer (oxymoron)

The term “Sleazy Lawyer” is not an oxmoron, but is a redundant phrase. Oxymorons are self-contradictory phrases like “Non-Dairy Creamer”.

This would have to be law for the WORLD

In reply to Is there a law for that?

I total agree that there should be a law against these SPYWARE and ADWARE companies, but these companies are shell companies over sea. Those governments do not care about any internet /computers issues in the USA. The only thing they want from USA is money to rebuild the countries or destroy another country. The programmers are just doing there job to be paid just like you and me so, I cannot knock them for trying to make a living. This is cycle that can never be broken that?s my two cents

You’re having a laugh aren’t you

In reply to This would have to be law for the WORLD

Please show me some specific independent stats to say where the spyware is coming from before coming up with BROAD statements like that that you don’t back up with any facts at all.

This site is no better

In reply to You’re having a laugh aren’t you

Why are we discussing this on a site that tries to install its own spyware on every page refresh?

ad.doubleclick.net that tries to register itself in my windows system folder. Is that not a tracking cookie?

Yup

In reply to This site is no better

I wish I’d have brought that up earlier … but I blocked it quite a while ago, and it didn’t even come to mind.

Another reason why I like FireFox 🙂

Now … if all these “clever” people start sueing TechRepublic wouldn’t that be funny.

I doub’t they’ll get to the real issue, which is buggy, insecure software.

Do you really think these people would try and sue MS, or TR, they know they’d lose. That’s why they’re gonna pick on the smaller companies rather than the larger ones, it’s a bit poor really aint it. Especially for supposedly technical people. They seem more like lawyers than they do techies.

A bit paranoid?

In reply to This site is no better

Web stat are NOT malware; they serve an essential & legitimate business purpose.

Bear in mind that the web is “stateless.” There are many instances in which the application either requires knowledge of prior activity, or is enhanced by such knowledge.

Cookies were expressly implemented for such purpose.

I Agree

In reply to This would have to be law for the WORLD

I absolutely agree that this problem is an international issue. A lot of it is obviously coming from Eastern Europe, Asia, and the Pacific Rim. Consequently, there is very little that domestic authorities can do to combat the problem. Indeed, international law would probably have very little effect.

I suspect there is is an organized crime, perhaps even a terrorist element to some of this. The U.S. Department of Homeland Security agrees as is evident from recent advisories. If this is the case, we would all be hard pressed to figure out how to bill the bad guys, let alone collect money from them. They also do not respond well to domestic or international law.

In addition, the lines between spyware, adware, spam, viruses, Trojans, phishing, etc. has become blurred. Presently, many of those can lead to the others. Most of these irritants are also motivated by money. It follows that the principle targets are computer users in the most prosperous nations.

Fellow IT Professionals, it is going to take much more than some Tech Republic anti-spyware threads to solve these problems. We can share ideas about how to combat them at various points within the ISO stack and that is good . . . but, we’re basically a bunch of impotent peons or we wouldn’t be visiting this site. The big players are the large tech companies and the governments of the industrialized world, all of which need to cooperate. Due to their power, money, and culpability, Microsoft should be at the forefront of this effort.

You sure – check Top 10 Worst Spam Countries?

In reply to I Agree

OK, where do you get your figures from?

Why is it that all you seem to be doing is blaming other people…

And I thought most spam originated from the US.

Check your figures before you start blaming other countries:

http://www.spamhaus.org/statistics.lasso

Quote:

1 United States 2459
2 China 644
3 South Korea 380
4 Brazil 178
5 Russia 174
6 Taiwan 146
7 Canada 132
8 Japan 130
9 Argentina 98
10 United Kingdom 94

IT professionals should tell the REALITY, not SCAREMONGER with half-truths.

You Focus on Spam Stats

In reply to You sure – check Top 10 Worst Spam Countries?

I apologize. My comments were based on articles I have read over the last few months. I do admit that my statements were broad because I have been unable to find any accurate statistics on malware and countries of origin. There appears to be no SpamHaus.org for malware statistics.

However, Vincent Weafer, senior director of the Security Response team at Symantec recently stated that virus writers appear to be joining organized rings based in Eastern Europe or Russia. Here’s the article:

http://www.infragard.net/press_room/articles/article_020605.htm

I noticed in an earlier post that you flamed someone for confusing spam and spyware, yet you chose to focus just on spam stats. I commend you for including them, but the main focus of this thread was to discuss solutions for spyware. Since you are adept at finding figures, I challenge you to find spyware stats.

I just want it to stop, whatever the origin. I’m blaming other people because I know I’m not the one coding and propagating malware – I can’t exactly blame myself, can I? Who do you blame? The reality is that five years ago spyware didn’t exist or if it did, it was very obscure. Now, I spend several hours a week eradicating it and it is getting worse. That, my friend, is reality.

Adware Stats

In reply to You Focus on Spam Stats

Yeah, but people obviously don’t read, because a few postst down people start on with the Spam thing again, it’s quite frustrating.

The spam ones were the only ones I had handy,

I’d be interested in the adware stats, cause I rekon it’d be about similar.

I don’t have a list handy and haven’t got the time to be your personal researcher 😉 well, that is unless you want to pay me 🙂

Here’s a good start if you want to do some research, http://www3.ca.com/securityadvisor/pest/

Spyware Stats

In reply to Adware Stats

Admit that you are numbered among those that started in with the “spam thing” since you listed spam stats. It frustrates you when other people do it, but you did it anyway because those were the stats you had handy. That seems a little dichotomous to me.

I didn’t ask for a personal researcher. I challenged you because you blasted me for my statements about the countries of origin – when all I had to go on was articles where “experts” were quoted. I think my quote from a high-ranking exec at Symantec sufficiently backed up my claim about Eastern Europe and Russia. My hope was that anyone could give accurate spyware stats or a good place to look for them.

The CA/Pest Patrol site is pretty good at listing spyware instances and accompanying metadata, but country of origin isn’t included.

OH Please

In reply to This would have to be law for the WORLD

bank robbers, drug dealers, mercenaries, are all just doing their jobs. Jobs, by the way, intrude on society against it’s will. ‘Callin’ it your job ole’ hoss sure don’t make it right” (thanks john)

I agree with charging them.

In reply to Is anyone else tired of spyware?

I work from home as a IT Tech for a few small businesses and some private customers. I can remeber the times when if I got called out it was something technical or a major glitch, now most of the calls I get are to correct peoples computers who have been invaded by spyware and such forth. Not that i’m complaining about the extra work, but I am getting sick and tired of the same kind of work over and over. Thankfully one of the customers wants a rackmount server and network, something else to do, ……… Untill the spyware etc gets it.

Better Still

In reply to Is anyone else tired of spyware?

Why not bill them for instances of Spam
an Idea back along was to bill the spammer ?1 for each e-mail recived

so one could have an automatic account(for Billing purposes) so he/she pays you ?1
To recive the e-mail

The Same should go for spyware Browser Highjacking
for every instance found on one computer the company individal pay you ?1

Ie I found 780 instances of spyware,browser highjacking scumware etc etc on a computer

so their woudl be a total of ?780 for having it on your machine

I think there is a law

In reply to Better Still

Most of what has been said I concur with, but I don’t think we need a new law, we just need to apply some that are around already in new ways. In the US there is a law about stealing electricity as in the UK. Effectively, these guys are stealing electricity – the difference between a machine on standby and active – not much difference you might say, but add that difference up for 200 installs and removal procedures and it starts to add up. Being a federal offence if enough reports hit the authorities they will act.

Worth a try.

how to make them pay?

In reply to Better Still

This is a nice idea, but how do you find out who they *really* are
and even if you do, how do you make them pay?

These people are scumbags–they won’t pay up : (

I have identified a few of them,

In reply to how to make them pay?

I have identified a few of them so far, and sent bills for my time and for the use of my computer. I don’t really expect them to pay without a fight, but next month I will be sending them the third notice, and then I intend to turn it over to a collection agency.

I think I’m on firm legal ground, and would be more than happy to join any class action suit. By
clearly posting my rates on my computer (use of my computer and/or my time implies acceptance) and by sending bills, etc, I have a paper trail, etc for use in any court case against them.

Now that’s funny

In reply to I have identified a few of them,

I really do want to hear what the outcome of that is.

Why don’t you try and sue MS too – for making your system so insecure.

I started that a few months ago

In reply to Is anyone else tired of spyware?

My time is valuable, and CPU time, memory usage and disk space are valuable resources. My computer is my property, and if anyone wants to use my time or my property, I will bill them. My standard (confiscatory) rates are posted in a text file on my computer. Use of my computer implies acceptance of my terms and rates.

If anyone thinks my rates are too high (and they are outrageously high), then they can stay out of my computer.

Lol

In reply to I started that a few months ago

All those people with annoying gif images that take up your CPU and drive space … I mean you didn’t ask to see the picture.

Some people just think a little too simple me thinks 🙂

Sauce for the goose

In reply to I started that a few months ago

The tactic they use of embedding consent into a small type disclaimer buried in a EULA could be used by us legitimate users as well.
If you install any software on my computer, you agree to my Terms of Service, which include ridiculously high rates.
I like it.

text file

In reply to I started that a few months ago

Can you post a copy of what the text file says? Having a file like that on each computer at least gives you a starting point for any legal action you might take in the future.

Starting Point

In reply to text file

“Use of this computer implies acceptence of the following terms:

1. CPU time, memory and disk storage are considered by the owner of this computer to be valuable resources. The owner may, at his sole discretion, hold any user liable for any charges that user may incur at the following rates:
CPU Time – $1000/hour or any part of an hour”

…..etc (I just made up rates for different resources, higher than any sane person would agree to pay)

“2. Failure to read these terms does not absolve any user from these terms.

3. Time spent removing unwanted software and/or files will be billed at a rate of $250/hour.

4. Payment is due at the time at the time the usage occurs.

5. Any and all legal meaans of collection will be pursued.”

————————-
This is not aimed at any legitimate uses, ads, etc. Its aimed at those companies that install crap on my network without my knowledge or consent. Some of the newer adware actually opens backdoors into your system, so that their content can be sent later. I think there is evidence that malicious hackers, etc. have found ways to use that to really damage systems.

great idea

In reply to Starting Point

This is a great starting point. If we all used a similar file and followed up by actually billing and filing lawsuits or mechanics leins, and posting the companies names in a public forum… etc.

I am thinking about a website that tracks the names and addresses of companies that produce these programs, as well as the companies that buy them. Anybody interested?

great idea

In reply to Starting Point

duplicate post… Please ignore.

Bill to the sites

In reply to Is anyone else tired of spyware?

I think that bill to the sites is not a good idea because as you may know a adware tool developer could also include visits to your site company and in this case you must to pay for it.

start with software developers

In reply to Bill to the sites

Try a fresh install and run Ad-Aware.

What do you find – ALEXIA for virtually every vendor software that is installed.

Start with the vendors and have then remove their spyware.

cheers,
cs

Sounds good

In reply to Is anyone else tired of spyware?

This sounds a good solution provided you can actually trace the scum who are doing this I,m into it It really bugs me too

Good Idea… Maybe like this:

In reply to Is anyone else tired of spyware?

I actually think that it’s not a bad idea at all. Maybe not directly, but there should be a way for charging these companies for the work and time you spend cleaning up their shit. The problem is, that most spyware which does install stuff onto your system to redirect you to their site, is generally been given permission by the user prior to this. So in otherwords you can’t really hold them responsible anylonger. The user would become the one to receive the bill.
What I think should happen; is a new law, inwhich spyware that is installed to your system, would first have to CLEARLY identify itself and present the user with a warning, other than a general ARGREEMENT. Pleople just don’t read that stuff when surfing. They just click the box they have to click to go on with whatever they intend to find.
Of course there also is a lot of spyware that is being introduced to your system without any prior authorization. Unfortunately these tools come from sources yet to be identified. There are tons of sites out there that don’t have owners, so it seems. Which makes it hard too. Try to bill a ghost! The bill will come right back at ya!
Companies like Microsoft should work a lot harder on training their support-staff in means of helping improve communication between getting input from the outside and their research departments.

I recently replied to an artikle about Trojans, Viruses and Spyware, by sending an e-mail to Microsoft.
One of the things I had found in my system was a file I still don’t know where it’s from and it hasn’t returned yet (Luckily). But it does cause for enormous bandwidth drop for LAN/Internet.
At the time my Norton AntiVirus didn’t recognize the WEBDLG32.DLL file as an Ad-Aware/Spyware file. Now it does. I think Ad-Aware still doesn’t recognize this file as Ad-Aware/Spyware. It also includes a file with extension .INF

Here’s what’s in it:
———————————————
[Version]
Signature=”$CHICAGO$”
AdvancedINF=2.0

[Add.Code]
webdlg32.dll=webdlg32.dll

[webdlg32.dll]
file-win32-x86=thiscab
clsid={0E1230F8-EA50-42A9-983C-D22ABC2EED3B}
FileVersion=1,0,0,1
RegisterServer=yes
———————————————
The CLSID can be found in four places in the registry. It doesn’t give me any clues.
– HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
– HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
– HKEY_USERS\…\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
– HKEY_USERS\…\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\

But anyways, the main reason for sending an e-mail to microsoft were the InternetExplorer ADD-ONs. Such an ADD-ON can change the way a user surfs, for sure. This is what I found:

Explorer Class – (Not Verified) – Browser Helper Object – DSMAN~1.DLL

When this Internet Explorer ADD-ON is Enabled, search engines like google will come up with very weird results. I don’t know what else it does and where it comes from yet, but I don’t surf sites like ADULT FRIEND FINDER and know for sure that I didn’t get it from any site of this type. I simply DO NOT visit SEX & PORN sites. They are a huge problem and welcome startout places for spyware.
When I enable it, and search for anything in for example google, i ALWAYS get some; “Adult Friend Finder Sex-bla..bla…bla” within the top 3 and more in the list below it.

This is what I inquiered about with microsoft. Cause I wanted to be able to remove the ADD-ONs causing this, instaid of DISABLING them, so I could search for where it originated from by having it re?nstalled while surfing.
That way I could block those sites from ever causing any damage again on systems I build.
I’m on the verge of stepping out of private computer-business into starting my own little firm. I’ll be building computer-systems on which I want max performance for a limited type of customers. The elite type of user, that demands only max performance high-end and visually attractive systems. I can’t afford to have stuff like a stupied piece of spyware drop system performance by 20%. That’s not good for my line of business. I’m not cheap… but people know what they get is good.
Oh, yeah… Microsoft’s answer (in short) was: YOU LIVE IN GERMANY, CONTACT MICROSOFT GERMANY FOR KNOWLEDGE OF YOUR LOCAL OS-version.
Well… I don’t have GERMAN-version, but US-version.
No matter!

Anyways. I think there really should be a new law, which prevents things from being installed to your system that easily. Simply make them include a big huge window with a warning that more then the customer bargains for is being installed. And then… if a company does not do that… simply bill them with a law that cancles out the notifications in an agreement if this warning window is NOT available!
Right now they’re probably covered by one or two lines in an agreement that a user doesn’t read, but agrees to. This must be changed.
Sigarettes also must carry HEALTH WARNINGs. So WHY NOT SPYWARE! They are a great thread to a SYSTEMS HEALTH.

Anybody wanna reply go post, please also send a copy to my e-mail address, as I usually don’t have time to keep checking with all forums all the time and i’m really insterested to know if anybody things we can do something about that!

PS; sorry for the long reply… needed to let of some steam! this spyware is a real pain in any administrators’s bottom.

Spyware Cost Factor

In reply to Is anyone else tired of spyware?

I would definitely be onboard with the idea that jereg has,there’s no better place to strike back at the Spyware generator than their wallet,that always get the attention and action where it’s most effective.

I say let’s get the ball rolling with this idea.

J.Cummings

You have to hit them where it hurts………

In reply to Is anyone else tired of spyware?

Given that these scum TRY to be anonymous, and even when found will claim they did no wrong it seems in many cases an alternative to sending a bill will be needed. Since in most cases the objective of the spyware is to get you to visit a web site and buy somethig here are two suggestions:

1) This one may infact not be legal (fighting fire with fire) Mount a DDOS attack on their web sites. If even 0.01% of everyone spammed started pinging their website or requesting page after page or “whatever” perhaps their servers could be overloaded causing them to be unable to take people’s money.

2) Use roboform or similar tool to fill out MANY bogus orders on their website for whatever they are selling. This would cause there costs to rise dramatically as they would have to sift thru all the bogus orders to find the “real” orders. This could potentially cause their scheme to become non-profitable if enough people submitted enough bogus orders.

Won’t work

In reply to You have to hit them where it hurts………

Problem is you’ll hit innocent sites. So soon as it is known people retaliate with DDos attacks, spammers will put legitimate sites into spam so that they trick you into taking out a valid business or a competitor. Its called ‘framing’ someone.

Spyware Blues

In reply to Is anyone else tired of spyware?

As a Systems Administrator for a North London College and a Freelance I.T. Support Technician, I spend a considerable amount of time removing Spyware, not so much from the college network, but from private users and small business owners who do not have their own in-house I.T. Support.

I tend to use about 4 Anti-Spyware packages namely: Spybot 1.4B2, Spyware Blaster 3.3, Adware SE, Microsoft’s New Anti-Spyware software, and of course Norton’s Anti-Virus Packages.

I find that when building a system from scratch, and all the above packages are installed after Service Pack 2 (WinXP)and then immediately updated from their respective Websites, I not my customers tend not to be infected with Spyware infections.

However, when attempting to deal with a computer that has already been infected the story is not so positive. Despite several scanning operations you never seem to beable to clean a machine completely, and inevitably requires a system re-build just be sure that the system is in fact cleaned.

In conclusion my policy is build the Anti-Spyware in at system build stage and keep it up to date, something many users seem to ignore.

Brian King
Computech 2000 Computer Services (UK)

Agreed! Show me where to kick…

In reply to Is anyone else tired of spyware?

I agree. if anyone is goin to serriously take this up then I am behind you. keep posting and lets find a lawyer that is prepaired to take this case. (I’m rather sure that there are at least one or two lawyers in the wild that have been adversly affected by spyware)
Whether it is the responsibility of the Advertising Companies or the advertised companies, I don’t care, Swift penalties need to be implimented Immediately for such invasive action as spam and spyware.

I DEMAND JUSTICE – feelmypain@hotmail.com

I solved the spyware problem….

In reply to Is anyone else tired of spyware?

…four years ago when I quit using Microsoft
Crapware.

There you go! LOL!

In reply to I solved the spyware problem….

I just hope not everybody follows your lead.
Being a PC Tech in a Microsoft world is like being an auto mechanic in a Yugo world.
Job Security Deluxe.

I’m With You

In reply to Is anyone else tired of spyware?

I already have thought of that. The reasoning is logical. If someone send something un-ordered to my house, I have the legal right to charge for storage. My computer is my property, and if someone uses it’s resources without my permission, I have a right to charge them. I’d like to hear from any “legal eagles” on this. Perhaps an attorney?

Sorta … but not

In reply to I’m With You

Well, if you picked it up from their website, or installing a program (without researching whether that prog has any spyware in) for instance, then surely couldn’t you equate it to walking through someone else’s house and picking up a bit of extra baggage.

Double post

In reply to I’m With You

Double post … please ignore

Spyware

In reply to Is anyone else tired of spyware?

If enough people participate I am sure we can generate a voice for these embedding spy-ware companies to back off or at least gain some ground with legal authorities to combat this problem … I currently use “Spy-bot” and Lavasoft’s “Ad-ware SE6” as well as Yahoo’s “Anti-Spy” to monitor activity on my system – at least it prevents me from re-formatting my hard drive ( that’s a pain for a solution!)

Reply To: Is anyone else tired of spyware?

In reply to Is anyone else tired of spyware?

Hi Jereg… Yes !!! I would be willing to do my “BIT” that was unintentional I think, anyway you get my drift.
allis “dyspyware”

Billing spammers may need authoritative support…

In reply to Is anyone else tired of spyware?

I am all for it! And $50/hour sounds CHEAP! If you made the mess, then you should be responsible for it’s cleanup. (Most) polluters pay, and ‘guilty’ auto accident purpetrators pay, why not the damaging spammer/spyware source? It seems to be a similar context of action: careless affects with some level of malition.
Problem is, there needs to be some sort of legal mechanism in place to more easily facilitate execution of legitimate complaints. Perhaps even some sort of certification for and by servicers to serve as concrete proof of damage. This way, spammers will have little recourse in defense and (potentially) be dis-incented to even start spamming (et al…). Of course, it will be necessary for victims to take full action when they get ‘infected’; thus the need for incentive for their pro-active participation (e.g. easy to initiate the victims recourse).
This will provide a two-fold protection: potentially deter spammers, and pseudo-‘insure’ potential victims against the impending financial costs.

Have a read of this ….. Adware maker joins federal privacy board

In reply to Is anyone else tired of spyware?

Have a read of this ….. Adware maker joins federal privacy board
Most of you here seem to be from the US, so do something about it.

Instead you just seem to be legitimising spyware/adware.

Anyone remember Gator …. well read on ….

Published: February 23, 2005
By Declan McCullagh
Staff Writer, CNET News.com

http://news.com.com/Adware+maker+joins+federal+privacy+board/2100-1028_3-5587653.html

The Department of Homeland Security has named Claria, an adware maker that online publishers once dubbed a “parasite,” to a federal privacy advisory board.

An executive from Claria, formerly called Gator, will be one of 20 members of the committee, the department said Wednesday.

“This committee will provide the department with important recommendations on how to further the department’s mission while protecting the privacy of personally identifiable information of citizens and visitors of the United States,” Nuala O’Connor Kelly, the department’s chief privacy officer, said in a statement.

Claria bundles its pop-up advertising software with ad-supported networks such as Kazaa. Recently, the privately held company has been trying to seek credibility by following stricter privacy guidelines and offering behavioral profiling services to its partners.

Ouch.

And you think sueing the smalll fry is gonna be a solution when you’ve got some of the worst offenders making policy, that really makes me laugh.

Hmmm. makes you wonder what kind of agenda these people really have.

I can just imagine “no, it’s not spyware, it’s just a commercial tool for data mining”

They just need to think up some sort of Orwellian slogan or two now!!

Gator, no-one interested, isn’t that surprising!

In reply to Have a read of this ….. Adware maker joins federal privacy board

Gator is adware that collects and transmits information about a user’s Web activity. Its goal is to gather demographic information and generate a profile of the user’s interests for targeted advertisements. Gator may log and transmit URLs that the user visits, partially identifying information such as the user’s first name and zip code, and information about the configuration and installed software on the user’s machine. Gator also tracks the sites that a user visits, so that it can display its targeted ads at the moment that specific words appear on the user’s screen. Gator is also known as OfferCompanion, Trickler, or GAIN.

Gator can be installed on a user’s computer in several ways. When a user installs one of several free software programs produced by Claria Corporation (the company that produces Gator), such as a free calendar application or a time synchronization client, the application installs Gator as well. Several peer-to-peer file-sharing clients, such as iMesh [8], Grokster [7], or Kazaa [9], are bundled with Gator. When visited, some Web sites will pop up advertisements on the client’s browser that prompt the user to download software that contains Gator. Gator can run either as a DLL linked with the free software that carries it, or within a process of its own launched from an executable called gain.exe or cmesys.exe. Gator is capable of self-updating.

fight fire with fire

In reply to Have a read of this ….. Adware maker joins federal privacy board

This could be a case of “the bad guy gone good” (like the hacker they hire as a security consultant)–only time will tell.

Well, possible, but unlikely

In reply to fight fire with fire

Nah, I don’t believe that, they’re just going to be pushing for the less intrusive and probably coming up with stuff along the lines of “as long as you don’t see it what harms it gonna do, I mean it’s just data, if you’ve got nothing to hide …..”, if you don’t want them spying on you then you must be some sort of terrorist.

See where this is heading.

We have our freedom and liberties to gain, and also not to be treated like a criminal, but they have money to make, and a massive control complex what do you think they care about?

Tired of Spyware??

In reply to Is anyone else tired of spyware?

I think this is an excellent idea. Another method would be to set up a legal defense fund and take these people to court. It would take so much time and cost so much for defense that even if we don’t win, we could bankrupt some of these schmucks.

Why don’t you

In reply to Tired of Spyware??

Just add your comments onto the ones already agreeing??

Beautiful Idea!

In reply to Is anyone else tired of spyware?

I love it!! I have a hard time billing my customers (mostly elderly from a retirement village) for all the hours I spend cleaning their systems, usually just a service call fee or something minimal, and I would love to be able to turn that around on these guys! You are right, just about the time you get a good cleaning system down, here they come with something else. Anyway, I’mm willing – where do we start?

Didn’t you …

In reply to Beautiful Idea!

Install any anti-spyware to start with then?

Surely you wouldn’t have to keep going back.

Or maybe another OS that isn’t as prone??

S.W.A.T. team

In reply to Is anyone else tired of spyware?

I’m all for a special operations team to hold a D.O.S. virus for these “special” companies. Release it on them to offset IT time expense for clean-ups!

Great idea

In reply to S.W.A.T. team

Go on I dare you … oh yeah … isn’t DOS ILLEGAL??

… insert witty comment about “special” users 🙂

Plain user!

In reply to Is anyone else tired of spyware?

I think this is a great idea! It’s not as important to me as it is for any business but it’s a pain in the you know what!
How would you go about the billing procedure?
This is a chore(not needed)for a busy person but it would have to be someone that is knowledgible
about the procedure. I’ll pass the on.
Ed

Eye for an Eye..

In reply to Is anyone else tired of spyware?

Billing them, while offering a measurement for the amount of time that they waste, seems like a good way to get these peope. However, they are probably not running an above board operation in the first place and the bills would go uncollected.

I think that we should target the sites with a “denial of service” or other such attack so that their sites crash and cause them to have to fight the hacker.

Revenge is the best retaliation!

DDos & Vigilantes hit wrong person

In reply to Eye for an Eye..

Problem is you’ll hit innocent sites. So soon as it is known people retaliate with DDos attacks, spammers will put legitimate sites into spam so that they trick you into taking out a valid business or a competitor. Its called ‘framing’ someone, and you would be the one tricked into being the ‘executioner’, doing the illegal act.

Good idea

In reply to Is anyone else tired of spyware?

I am also spending an inordinate amount of time as well as lost productivity on machines that become so bogged down that they crawl along and cause drain on resources of my IT department. If anyone knows of any recourse let us know. I would join any class action suit or whatever, this is turning into a real cost drain on our business.

Need some help

In reply to Is anyone else tired of spyware?

Hi,

I suspect a guy who is trying to redirect me to a MS download and say he is installing a new patch to stop hacker every day. Dont know how to kill him. spy-blaster,spybot – none of them are really of help.

I am located in Canada. Are there any cops or agencies/somebody like that who I can talk to?
Everyday my browser hangs when I start it. I have to kill a couple of exes to start my internet work. I am in job search and it is a pain.

I suspect I can get more details over time about this guy.

Friend – any help is greatly appreciated.
Regards,
Satya

Spyware

In reply to Is anyone else tired of spyware?

I agree with you 100% jereq, also, maybe there should be a fine for all spyware companies, sponsors, and any entity that knows that there software and/or website allows spyware/hijackers to be installed without the owner’s permission. For example, if you download and install the weatherbug it is loaded with hijack and spyware software, however, they don’t tell you what those additional software installations really are and they should pay a price for that. I know if I was to send out a software product that installed on someones computer and I was able to gain access without their permission, I would be sued. So it is with spyware, hijack, and any other software that is installed secrectly. We should be allowed to bill the ISP and/or the companies that sponsors these aggrevating programs. It will take a loud outcry from the people to make this work. So far it seems to me that most people are content to purchase the spyware remover software and any other software offered. What they don’t understand is that they are spending money they really wouldn’t have to if they could bill someone for their work cleaning their computers. I like the idea of billing the ISP/company.

I did exactly this…

In reply to Is anyone else tired of spyware?

I manage a web site for a small, non-profit group. Natually within a few weeks of going live with the site, anything resembling an email address was receiving all the crap we are all seeing. So I added a BIG ugly looking disclaimer right on the front page saying that anyone found sending anything other than legitimate organizational email would be charged a proofreading fee of $500, and if the charge was left unpaid, would be turned over to the local authorities on the grounds of harassment. So far, I have been able to glean enough information from email headers and logs to send official invoices for $500 to two different organizations. Naturally, neither responded. After 30 days, I forwarded the invoices along with a letter of complaint to their ISPs. Both ISPs responded that the accounts had been deactivated and thanked me for my efforts. Now granted, most of the crap we fight with comes from offshore where nothing like this would ever work. For all that, you can argue about IE vs Firefox and Spybot vs AdAware and all the other tricks and programs we have to use to combat this crap. You cannot force someone to use Firefox any more than you can force them to not open a particular email.

This problem cannot be stopped any more that you can stop homeless people on the street begging for spare change. So change to Firefox if you have the option – but be aware that next year you will be in the same boat as IE is in now. Keep current with whatever products you choose to use to try and keep your systems clean. There isn’t really much else that can be done.

Well, actually, there is one thing. Next time someone actually catches someone responsible for spewing this crap out on the internet, I’d like to see each and every one of their fingers cut off, publicly – like they cut off the hands of theives in the middle east. If that is the intellectual level of the individuals who propagate this garbage, let’s really stop it at the source!!!

Digital Islamic Justice

In reply to I did exactly this…

By cutting off their digits…
Funny, but I don’t know….
Like the joke:
What do you call someone in the Middle East with no arms?
A repeat offender….

Your on to something there!

In reply to Is anyone else tired of spyware?

I clean a lot of computers for friends and famialy and could work up a pretty big bill for the each month myself. I think its would be a great move towards the offensive, instead of the defensive that we’re used to.

IT Policy and Educate

In reply to Your on to something there!

These are some of the steps I have taken and have had a very positive success rate with this nuisance.

1. Implement an IT policy ( stating software allowed)
2. Group Policy on software install
3. Browser Security ( I know that is a scare thought)
4. Educate the end-user on how an infection occurs, plus warnings signs of infections.
5. Firefox for now..

I would say Spyware is an Invasion of Privacy

In reply to Is anyone else tired of spyware?

1. If you want to get people involved, Hand the invoice to your customer and suggest your Idea to them. I think you would get an interesting response.
2. Would you not say that Spyware is an Invasion of Privacy. This may make for interesting reading. http://supreme.lp.findlaw.com/constitution/amendment01/19.html

Is this very site any better?

In reply to Is anyone else tired of spyware?

Why are we discussing this on a site that tries to install its own spyware on every page refresh?

ad.doubleclick.net that tries to register itself in my windows system folder. Is that not a tracking cookie?

Yes, it is better

In reply to Is this very site any better?

Tracking cookies do not execute anything on your system. Why spyware includes them is beyond me. They are simply a way to store persistent data.

Spyware blocker software shows them to scare you.
Many are actually necessary for some websites that you WANT to use.

You can do pretty good though…

In reply to Is anyone else tired of spyware?

I?m tired of it as well but I have pretty good protection that works reasonably well.

First, of course if the AV/Firewall ? I use the ZoneAlarm Suite and turn off ActiveX. I also control what?s allowed in Java.

Next are the spyware blockers, they can help. I use all three major ones.

And last, but not certainly not least, is the host file. I have assembled a host file with over 19000 URL?s and routed them to 127.0.0.1. Every time I get a new POP-UP, Banner or spyware site, it goes in that file. The users have no access to the host file and it is set to R/O by the administrator. I maintain the file on a network server and workstations check (via the login script) for date and size. If there has been an update to the file, the file is copied to the workstation (run as administrator).

Any time the CRC of the host file changes, the low level routines responsible for DNS lookup flush the resolver cache and reload it from the updated host file automatically.

This works quite well. You can also re-route specific IP address with this technique, thwarting those who would use a direct IP address instead of DNS lookup of a URL. IP ranges can also be directly blocked by the firewall when you need to block a whole subnet, as is often the case. Since DNS is an IP stack operation, it can?t be subverted by spyware. Sure, it blocks everything from that address, but so what?

Al

I’m willing!!! We just need a little legal guidance,

In reply to Is anyone else tired of spyware?

I am sick and tired of the garbage. I no longer care that; “…clicking the OK button constitutes a binding agreement…” defense. The general public is generaly uneducated and it should be against the law to take advatage of that knowledge! I think its time to start billing the sleazeball racketeers who are extorting money from the public just to target a machine with ads, toolbars, and their sleazy search engines! I’M WILLING, AND READY! I’m sure alot of us have links to the known sites that list these companies. Lets start a web page and make it publicly known how many techs have legitimatley found “their garbage”, the hours to remove it x $50.00 an hour so we all can show how much it’s costing (though $50 an hour IS low) the general public. If people complain about it, pay to have it removed, then we should be able to list those identifiable companies publicly, and the time taken to remove their software/garbage and the reasons why the removal took place. (Talk about a major money matrix!)

Right On

In reply to Is anyone else tired of spyware?

I would love to bill for my time in removing spyware from my computer. Just tell me how and I will start sending invoices to the writes.

Tired of Spyware

In reply to Is anyone else tired of spyware?

Absolutely agree with billing the companies for time spent cleaning their resource hogging, system cripling junkware/spyware. If the state governments can claim monies from tobacco companies for treating patients harm done by their product(s, why not individuals or the businesses claim money from spyware companies for time spent on cleaning their junk.

Mike C.
New Jersey

Nothing will change unless ….

In reply to Is anyone else tired of spyware?

It is time for the governements to put on their pants.
I think if us the Networks Managers we put a lot of pressure on the governements and force them to write a law in that sense: It would be a criminal act to install a software or to make any changes on a remote computer without the agreement of the computer user/owner.

They should pursue these companies that wrote all the Data Mining engines and the spywares after the law passes. They should persue as well the virus writters and raise examplary punishement for the firsts ones they would catch, so the rest
of the community who write the adverse code will have to think twice before creating a new virus.

Radical? YES !! When you want to eradicate something as bad as that you don’t have the choice, you have to be radical.

So, for that purpose governments be radical !!

Spyware

In reply to Is anyone else tired of spyware?

Jereg,

It really depends on who you work for. At my workplace we have resticted, WinXP, the users on their desktop computers. This has cut down to zero the time spent cleaning up spyware; because they can’t download anything!

We have a computer notebook program for students and they are constantly downloading junk off the net and scrogging their notebooks. What we do is re-image their notebooks which takes 45min and we do not back-up their files! Therefore, it takes only a couple of times and they learn their lesson.

Trying to bill these off shore spammers will get nowhere. It would have to go to court if you wanted to succeed and who has the time or money.

An email Spam filter and restricted accounts is the way to go.

Another Incredible Utility

In reply to Spyware

Re-imaging a students system is great but still somewhat time consuming (45 minutes). For student computers we use an excellent program called Deep Freeze (http://www.faronics.com/html/deepfreeze.asp). Once you have the image you want you “Freeze” it. After that, every time the system is rebooted it is taken back to that original image automatically. When the system is setup properly the first time you don’t have to worry about it until you find something you want to add then, with the administrator password you set up you, “Thaw” it, install the additions and “Freeze” it again. It provides an “unfrozen” extra drive for files like docs that need to be saved but wont allow any new programs to stay on the system. There are a number of things I can write about in here but you’re better off checking out the website yourself. Good luck with the continuous war on spyware.

Deep Freeze

In reply to Another Incredible Utility

Mike,

We use deep freeze in the labs but it would be a real battle if we were to put it on the notebooks.

When we started the notebook program spyware was almost non-existant, therefore no forethought about using deep freeze, but having to retro the program now would cause the students to have a fit not to mention cost. And we can’t restrict them because of the constant need to load class related software.

My next solution is to start charging the repeat offendors. I’m currently working on this proposal to push up the ladder.
Thanks for the tip!

Deep Freeze

In reply to Deep Freeze

Acantu,

Thanks for the “caveat” regarding the notebooks. We too utilize Deep Freeze in our labs but recently purchased notebooks for a kind of “Virtual Classroom” scenario that our Chancellor decided to try. We are starting with a small number to see how well it works but haven’t come to a final decision on the various software we will need currently and in the future. Your information gives us something else to consider. Thanks again!

Is anyone else tired of spyware

In reply to Is anyone else tired of spyware?

I read your article and solution, my belief is that prevention rather than a cure is the answer.
Xp sp 2 goes a long way to halt pop ups.
Spysweeper (by webroot) an excellent program, prevents future hijacking of ‘your’ home page, and regular scanning removes all known adware/spyware.
This program like antivirus programs are only good as if you update definitions daily/ biweekly. Spysweeper starts up when you boot your computer so it is monitoring all the time.

And finally computer users must realize that when ‘they’ accept a download/install, ‘they’ must know EXACTLY what ‘they’ are downloading first, before they accept. This by far will prevent future problems. When In Doubt Leave Out.
Only download/install from known companies.
Use Google, type in the name of the download and type in the word spyware after it and read.
PREVENTION IS BETTER THAN THE CURE.

Well….

In reply to Is anyone else tired of spyware

This is getting hilarious, and I think it’s gonna be my last post on this subject as there are just too many people who don’t bother to think and just repeat some old MS tosh.

Wouldn’t you class google as Adware/Spyware?

http://www.google-watch.org/bigbro.html
Quote:
“The nine points we raised in connection with this nomination necessarily focused on privacy issues:

1. Google’s immortal cookie:
Google was the first search engine to use a cookie that expires in 2038. This was at a time when federal websites were prohibited from using persistent cookies altogether. Now it’s years later, and immortal cookies are commonplace among search engines; Google set the standard because no one bothered to challenge them. This cookie places a unique ID number on your hard disk. Anytime you land on a Google page, you get a Google cookie if you don’t already have one. If you have one, they read and record your unique ID number.

2. Google records everything they can:
For all searches they record the cookie ID, your Internet IP address, the time and date, your search terms, and your browser configuration. Increasingly, Google is customizing results based on your IP number. This is referred to in the industry as “IP delivery based on geolocation.”

3. Google retains all data indefinitely:
Google has no data retention policies. There is evidence that they are able to easily access all the user information they collect and save.

4. Google won’t say why they need this data:
Inquiries to Google about their privacy policies are ignored. When the New York Times (2002-11-28) asked Sergey Brin about whether Google ever gets subpoenaed for this information, he had no comment.

5. Google hires spooks:
Matt Cutts, a key Google engineer, used to work for the National Security Agency. Google wants to hire more people with security clearances, so that they can peddle their corporate assets to the spooks in Washington.

6. Google’s toolbar is spyware:
With the advanced features enabled, Google’s free toolbar for Explorer phones home with every page you surf, and yes, it reads your cookie too. Their privacy policy confesses this, but that’s only because Alexa lost a class-action lawsuit when their toolbar did the same thing, and their privacy policy failed to explain this. Worse yet, Google’s toolbar updates to new versions quietly, and without asking. This means that if you have the toolbar installed, Google essentially has complete access to your hard disk every time you connect to Google (which is many times a day). Most software vendors, and even Microsoft, ask if you’d like an updated version. But not Google. Any software that updates automatically presents a massive security risk.

7. Google’s cache copy is illegal:
Judging from Ninth Circuit precedent on the application of U.S. copyright laws to the Internet, Google’s cache copy appears to be illegal. The only way a webmaster can avoid having his site cached on Google is to put a “noarchive” meta in the header of every page on his site. Surfers like the cache, but webmasters don’t. Many webmasters have deleted questionable material from their sites, only to discover later that the problem pages live merrily on in Google’s cache. The cache copy should be “opt-in” for webmasters, not “opt-out.”

8. Google is not your friend:
By now Google enjoys a 75 percent monopoly for all external referrals to most websites. Webmasters cannot avoid seeking Google’s approval these days, assuming they want to increase traffic to their site. If they try to take advantage of some of the known weaknesses in Google’s semi-secret algorithms, they may find themselves penalized by Google, and their traffic disappears. There are no detailed, published standards issued by Google, and there is no appeal process for penalized sites. Google is completely unaccountable. Most of the time Google doesn’t even answer email from webmasters.

9. Google is a privacy time bomb:
With 200 million searches per day, most from outside the U.S., Google amounts to a privacy disaster waiting to happen. Those newly-commissioned data-mining bureaucrats in Washington can only dream about the sort of slick efficiency that Google has already achieved. “

Well….

In reply to Well….

Your response to google and the information you provided is alarming, and I was not aware.

I have noticed that when I do a Trace on an email sender, I notice 9 out of 10 emails go through a US military address, I have often wondered why.

I clean infected computers, and when I find a situation that I am puzzled on, I go to google and do research.
I would be grateful if you would let me know if you have a better web site that I can do my research on. thanking you in advance. t_alkin@

No problem, here you go

In reply to Well….

http://www.scroogle.org/cgi-bin/scraper.htm

no cookies | no search-term records | access log deleted after 7 days

They also do a Yahoo one:

http://www.scroogle.org/scraper7.html

No problem, here you go

In reply to No problem, here you go

Appreciate that, thank you very much.

further to

In reply to No problem, here you go

my email is t_alkin@hotmail.com

furrther to

In reply to Well….

http://www.mediachance.com/free/spythespy.htm
I would be very grateful if you would check out htis web site, I have not downloaded this utility, but it reads well. Your comments would be appreciated

There is plenty a NetAdmin can do….

In reply to Is anyone else tired of spyware

I have a useage policy that prohibits users from installing unauthorized software. We also run Spyware Blaster, Ad-Aware and Microsoft’s Anti-spyware (which seems the best anti spy software I’ve seen so far).

While my users are still generally local admins, I revoke this privilege if they consistantly install unauthorized software – whether by accident or not.

In addition, I send regular emails out reminding users not to install anything “free” for any reason. I also monitor bandwidth usage and investigate the highest use sites (almost always spyware) and block them at the firewall.

Spyware is on par with viruses and spam these days…managing it is a big part of how I spend my time.

So what’s happening in real time?

In reply to Is anyone else tired of spyware?

Just finished reading all these posts. Nice idea but unrealistic in terms of being able to collect.Read the post about the advisory committee, had me laughing in frustration. Have done complete reinstalls…reactive with Microsoft and all other software vendors that require it…fun stuff. IE is not going to disappear….how many consumers buy it everyday with their new computer? Why not fight fire with fire … write a program that puts data miners back to the system that invades yours? That way you collect info on the perps! In-house net is closed, no internet and utilized for graphics production. All email and internet access comes through another system set up for that, and have used all the products mentioned in these posts. Spyware still manages to get through, but on a very limited basis. Hitting them in the wallet sounds good….but I don’t have the time to wait on collecting. How long does it take an insurance company to fight off a claim they don’t want to pay? Fight fire with fire…ping them back!

Firefox is not the answer for those who are using legacy applications.

In reply to So what’s happening in real time?

My network is a government network. Like the thread starter has stated, Firefox breaks my applications so it is simply not an option.

I’m all for spamming the spammers, but ANY reply to them just verifies your address and they sell it to all of their spamming and spyware buddies.

Do you mean for those “using IE specific” apps?

In reply to Firefox is not the answer for those who are using legacy applications.

If so, the “answer” would seem to include bringing those IE specific legacy apps into standards compliance during routine maintenance. This would not be a quick fix; it would require a policy change in many organizations.

Even without spyware, you *may* want to make your apps comply with standards – real ones rather than the “de facto” kind the industry loves so well – to decrease your dependence on a single vendor.

Now ain’t that the Truth!

In reply to Firefox is not the answer for those who are using legacy applications.

reply to them just verifies your address and they sell it to all of their spamming and spyware buddies.

Good idea!

In reply to Is anyone else tired of spyware?

A definitive technique engine needs to be set up to do this with minimal effort. But then again, the ‘scabbers’ will latch onto in too.
PB

spyware does suck, but gives us jobs

In reply to Is anyone else tired of spyware?

Spyware is terrible. But if you think of it. Spyware is the reason most computer techs have jobs. I’d jus let it be and stay on the defense. If anyone should fight it. It should be the end-user themselves.

DAMN RIGHT

In reply to Is anyone else tired of spyware?

Bill the MF’ers. They cause more problems than ever and they think they are real cool with that shit. I am sick and tired of what they do and all to make a buck. Its time to turn the tables on these “DUDES”
Bill them for the time and hassles that they create.

A More Correct Approach

In reply to DAMN RIGHT

We should insist as consumers, that an operating system be lock down tight with Browsers for the Web. Before it is marketed or purchased.
If you look at all the patches for supposedly ready for market O.S.s by M$ then you take into account the recalcetrent attitudes of the Anti Virus people. That Spyware is not a Virrus and other malware is just some other Company’s problem.
As a consumer I just don’t see why, when I buy an O.S., that I have to go and buy several more third party software programs from other vendors to protect my system and it’s information from malware that is probably being spread around by the very same programmers and third party vendors.
M$ better get this fixed as it is the strongest reason to look elsewhere next time I need an O.S.

spyware

In reply to Is anyone else tired of spyware?

I think they should be lined up and shot.Thats my opinion.But we all know that wont happen so yes i think they should be charged an inflated rate.What buisness is it of theres of where i go or who i visit.Its invasion of privacey period and that is against federal law and the constitution.I say jump on the wagon for a class action suit involving these companies and the feds to force them into action.Its simple hit them in there pockets afterall they are hitting us in ours.Board of directors do not like to lose cash and niether do we.

Adware Suit

In reply to Is anyone else tired of spyware?

I would be in favor of a class-action suit against the marketers of adware and pop-ups. We sue tobacco companies don’t we…

Spyware

In reply to Is anyone else tired of spyware?

I work in User Services for a university, we do desktop support. Most of our trouble tickets are for spyware these days, particularly the ones that create network connections like new.net and ones that run persistently, like wintools and marketscore. These stop our clients from using SCTBanner and running normal programs. The lost hours to these spyware is unimagineable. We are not the only university having these problems. Someone should start a class action lawsuit against all the spyware makers and stop this nonsense. I wouldn’t buy anything from any business that causes popups, popunders, or installs spyware on my machine anyway and am convincing others that they shouldn’t either. The going rate for working on a computer in this area is $75 an hour, regardless of the problem, so until individuals become intolerant of having to pay to have their computers cleaned there won’t be a solution.

prevent it

In reply to Spyware

so why does your company do nothing to prevent it?
there are lots of almost completely effective steps outlined in other posts. And on the upside you’ll probably be blocking keyloggers in addition to spyware, the difference being that keyloggers are not by a company but by thieves trying to steal passwords/ pins. As others have pointed out very unlikely to collect. Instead bill user depts at your company and see if mgmt will spring for anti-spyware measures, including personnel time to implement security measures to prevent this. It’s more satisfying to whine but more practical to fix your leaky network.

Sick and Tired

In reply to Is anyone else tired of spyware?

I like the idea of billing them… the big question is will they pay. I believe we need the operating system designers to get involved. We also need need Yes or No button before allowing them to install their slimy Software on our PCs.

If the OS

In reply to Sick and Tired

designers were involed ……… we wouldn’t be having this discussion.

Yes or No button

In reply to Sick and Tired

You often already have that, but as I found out the hard way ONCE, Yes means Yes AND No means Yes when you click those buttons. My favorite no buttons? Ask before running Active-x and the good old Alt+F4, Works every time for me. Now if I could just teach ALL the users to do it! Ad-Mal-Spyware free for over a year now. By the way, I don’t personally allow Alexa nor use IE (I’m spying on you) version 6. I stuck with 5.5. It works for me with a little help from Norton Anti-virus!

Either this or any other organized action

In reply to Is anyone else tired of spyware?

I don’t know if the proposed measure will work in every case (not all spam comes from the US or countries where that is a felony), bet something is for sure, the only way to have spamers (and other internet pests) to retreat is hit them in their pockets, like class action sue by affected personal or enterprise users of Internet.

Meanwhile, lets keep fighting by reporting to abuse@domain.com of the ISP providers, using tools to blockthem out, be careful with Sites that ask for our e-mail addresses in orther for us to get information. Avoid using distribution lists and/or forwarding outside of the Intranet, and, if necessary, use bcc.

Not a bad idea

In reply to Is anyone else tired of spyware?

It costs you money to remove this junk. Who should foot the bill? The victim or the perp?
It is like a car, that after you use it, suddenly, it drives itself 50 miles away and parks in front of a fire hydrant and gets towed.
You have to search for it, go get it, and you are denied the use of it until you jump through all the hoops.
Spyware/Spammers are getting away with criminal use of your computer until we get tough with them.

Globalization

In reply to Is anyone else tired of spyware?

I have read many of the posts here and the ideas go from each end of the specturm (I particularly like the cutting off of the fingers myself) but with most of this garbage created and distributed from outside the US until we have a global solution and department that takes care of it. Sadly to say we all know it will never end. One of the posts linked in an article about how the former Gator exec who is now on the homeland security board, that scares me. What is one of the ebiggest producers of this garrbage who is being sued left and right and was able to get so many users to put that peice of crap on thier systems(I know I found it on mine once and I never signed up for any of it)doing on the board of protecting Our privacy with homeland security? Lets face he knows how to get information from the vast majority of non savvy users.

I will start ramble here into a political and conspiracy theorist rant but isnt that what this board is for. Hearing eachothers opinion, concerns and feeling about what and how security and usages of our time and money is spent when it comes to our companies systems and our own personal ones.

There are many programs that go thru and clean the systems and they will get better with time, but will always be a race with the bad guys winning until things like some of the ideas in the posts are put in place and realy followed thru with. But, without it being done on a global scale where each country is held accountable, especialy the ones that allow this to happen with out checks then this problem will never end. We may be able to stop it in the US, in the UK and Canada. But the real offenders are not even based in these countries, and when they are stopped here they will just move to a country that will not hold them accountable.

So to do this we need the entire global user community to band togather. I am sure there are 10s of thousands that are willing in each and every place in the world with a PC and a Browser that keeps getting jacked. And the long list of crap that Adware and Spyware keeps cleaning off thier systems.

But maybe I am just thinking big brother is the one hosting all this so they know exactly what we are doing when we are doing it and why.

Right on

In reply to Is anyone else tired of spyware?

I could use the extra income. I could probably retire from the extra income as a matter of fact. I however think a bit more maliciously. I would like a way to reply to them with spyware from about 200 other companies that send it out. Spread the happiness

Spyware! Make it Illegal

In reply to Is anyone else tired of spyware?

The only way to slow down or stop these schmucks is to create laws that encompase global use standards (perhaps through the UN). OK, within the US, the Congress COULD TRY to create laws making the removal of this junk a billable service and the covert installation of the same a privacy violation (FBI rules apply there). The problem there lies within the legislative branch itself (they have no clue whats going on), and if they try to make some laws, the fools will likely water it down anyway.

Great idea !!!

In reply to Is anyone else tired of spyware?

Great idea, as far as I’m concerned spyware is no different than someone painting graffiti on your front door. It’s destuction of personal property.

Babarlow

I could use a bit of cash call me

In reply to Is anyone else tired of spyware?

how much stuff like a virus can piggie back in with it? Send them a bill for that to.

Bill my overloaded bus! I got yer “bill” right here!!

In reply to I could use a bit of cash call me

Many of you said “hit ’em where it hurts – in the pocketbook” and I agree with all that, but I like the alien who said “lets fight fire with fire”. That’s the only way to smoke out these detestable sneaks. But not with DDOS attacks, which will cripple the ISP’s and gobble up all the bandwidth. I say one of you geniuses out there build a little “back at ya” program that detects, denies and warns the scum___s with something like “NO ADMITTANCE! DO NOT ENTER – BAD DOG! YOU HAVE BEEN WARNED. ENTER AGAIN AT YOUR OWN RISK! IGNORE THIS WARNING AND YOU WILL GO DOWN!!! Then if their stupid enought to try again an attack program of some sort goes out and takes ’em out. Come on already! I know we’re at least as smart as they are. Of course we’ll need to make sure we’re armored to the teeth before we proceed with our offensive, or rather defensive. But, admit it people, this is WAR!! War on our very time and money. Not to mention the emotional and psychlogical pain and suffering (You think I’m kidding, don’t ya? Well just look at this thread, I’d say there’s alot of pain and suffering going on. Wouldn’t you??) We can’t do this by billing the snots. They’re like any coward, the hide and snipe. I say we have a right to defend ourselves in any way possible! Any takers??

Oh dear Oh dear…not another DDOS

In reply to Bill my overloaded bus! I got yer “bill” right here!!

I think that the problem here is people who think they are technically savvy, but in reality…..

Lycos tried it a while ago…… old news.

They’ve taken it down now.

“A spokesman for Lycos in Germany told The Register he believed that the tool could generate 3.4MB in traffic on a daily basis. When 10m screensavers are downloaded and used, the numbers quickly add up, to 33TB of ‘useless’ IP traffic. Seems Lycos may hurt not just spammers.”

But no, please, go ahead, after all, if you get prosecuted for DDOS attack then that just means the internet will be faster for everyone else 🙂

G. Read my lips…or rather my text

In reply to Oh dear Oh dear…not another DDOS

I said NOT another DDOS. Something new. I don’t know what. Something that runs right back up the pipe to them as soon as their trying to deliver their payload and stops them in their tracks. If your statement “I think that the problem here is people who think they are technically savvy, but in reality…..” is meant to mean me, then I say you don’t even know how to use an ellipsis! It’s three dots dude. Not five, not two, three. And just because you can’t think outside the box doesn’t mean everyone can’t. But lets save the insults for the real antagonists here. I don’t pretend to know how to write the “The buck stops here code” that I’m trying to promote. I’m not a hacker or a security geek (simile?) But I know many of TechRepublics aliens are. Again, I say, any takers??

A play on words

In reply to G. Read my lips…or rather my text

Quote:
“Then if their stupid enought to try again an attack program of some sort goes out and takes ’em out.”

Basically, what you,re asking for IS actually just a Denial Of Service, a Distributed Denial Of Service just means that there’s more than one system trying to crash the PC (which may well just be another infected user like yourself).

So what you ARE ASKING for IS a DOS or DDOS, just by another name.

Lycs tried it, it was called http://www.makelovenotspam.com/

erm, I really don’t give a monkeys about a few dots………….

After all, this is about technology, and not a writing contest.

😉

A rose is a rose is a rose?

In reply to A play on words

Gee, if Mr. Gates and Mr. Jobs thought that way we’d still be using mainframes and we wouldn’t need to be having this conversation. Perhaps a kinder, gentler, way is being called for here. We just ask them nicely to stop and if they don’t we won’t “take ’em out” we’ll just stick a banana up their…tailpipe.

BTW Do you work for Lycos or something? If Lycos can’t come up with an inovative way to stop these malcontents no one can?

And just what do you mean by “(which may well just be another infected user like yourself).” How would you know if I’m an infected user???

Is maybe … a rose?

In reply to A rose is a rose is a rose?

But I spose it depends how much you been smokin, it could be anything. Hey, why not a tulip. There we go – problem solved.

It’s no longer a DOS its a Mc68000ATTACK lol.

Well, I don’t KNOW but reading your opinin on it you have obviously been affected by whatever you were infected by at some stage, it was a comment.

Lol, no I don’t work for Lycos, if I did, I wouldn’t be shouting about a supposed attempted illegal activity, which ended up in them “apparently” being reversed DDOS’ed themselves. The site was down for a few days. So if you want to go and try it yourself, sure, be my guest.

If anyone does have any ideas, they would be interesting. What you have suggested is a DOS, with a popup message (a la spyware itself) pot calling a kettle black.

Further to

In reply to Bill my overloaded bus! I got yer “bill” right here!!

after reading your banter with brown I scoured the net and came up with this utility, your comments would be gratefully appreciated
http://www.mediachance.com/free/spythespy.htm I have not installed it. t_alkin@hotmail.com

spythewhat???

In reply to Further to

I just installed it on a test machine. I’m going to lower my defenses to test it tomorrow. Will keep you posted.

awesome idea but would you get the money

In reply to Is anyone else tired of spyware?

ok maybe getting the money isnt the point. but these cats are slippery so the question is would it be a fake company or a real one. how much time would you put into it before saying this isnt worth it. spammer dont just have one route to find them. they are usally have something shady going on.

dont just have one route

In reply to awesome idea but would you get the money

YOU CAN SAY THAT AGAIN… 3 TIME FAST!

I’m With you on this one!

In reply to Is anyone else tired of spyware?

I’m dead serious about billing the spyware companies back for there illicit miss-deeds. Only I charge 125 per hour for spyware/virus removal. I move much faster than most though. We should build a billing system and watch these companies either disappear or re-emerge in a few weeks under a new name. What happened to truth in advertising? I saw a tomato sauce that stated ” True Italian recipe” Only to find corn syrup and high fructose corn syrup on the list of ingredients.
So i guess the computer industry isn’t the only one filled with FUD!

Sounds Good but Our Courts Protect Them

In reply to Is anyone else tired of spyware?

As tempting as that sounds, it would end up costing us more in the long run.

One Judge in California has already sided with one of these companies and issued a Cease-And-Desist order for similar lawsuits. It appeared that an Associate Website was responsible for the illicit installation, not the spyware author.

We can only try to protect our systems as well as we can until the Congressional Leaders get as fed up with it as they did with SPAM. Then, maybe in a few years, we would see a similar legislation for Spyware.

Of course, if you try to use the same tactics against the Spyware authors, as they use to get their spyware installed on your systems, they have attorneys ready to sue you. LOL

Anti-Spyware Legislation

In reply to Sounds Good but Our Courts Protect Them

On March 9th, the House Energy and Commerce Committee approved H.R. 29, the SPY ACT, with a unanimous, bipartisan vote of 43-0. You see, they appear to be doing something to combat the problem. It matters not a bit. This is just a symbolic, toothless gesture like the CAN SPAM Act of 2003. Can any of us testify with a straight face that the CAN SPAM Act has worked???

Greg Walden, a Republic Rep. from Oregon who cosponsored H.R. 29, made this absurd statement: ?Our legislation gives consumers back their privacy and puts them in charge of what gets into their computers by making these invasive and destructive practices illegal.? Au contrair, mon frere! It will NOT give consumers back their privacy because it is inherently flawed! As I stated in an earlier post, the United States government cannot impose domestic legislation abroad.

Despite my greatest hopes, the American court system, Congress, the Federal Trade Commission, the Department of Homeland Security, and other federal entities will fail miserably in this endeavor.

I’m a proud American, but I’m also a pragmatist. The government will enact law, punish a few unlucky offenders, and months later everyone will realize the effort bore no long term effect.

ANTISPWARE LEGISLATION NEWS:

http://www.govtrack.us/congress/bill.xpd?bill=h109-29
http://www.bend.com/news/ar_view.php?ar_id=21655

A Pound Of Flesh

In reply to Is anyone else tired of spyware?

Great idea mate.

With the ?ound to the $ollar running at 1.85 to 1.90, why not bill the low-life in ?ounds?

Trouble is, it’s unlikely that enough people would bother.

My own opinion is to report them to MI5 or CIA as a terrorist cell operating against the financial interests of the Uk and USA. That way we get permanent relief.

The answer is the SAS. Or am I being a trifle harsh?

Another Time consuming Waste of Timel

In reply to Is anyone else tired of spyware?

While I agree that they should be accountable for the Tech time (man-hours) wasted by their malicious spyware and business techniques. Isn’t billing them just another waste of time because as we all know they won’t pay or stop without some enforceable laws and fines levied against them. The cost of billing, postage and invoice production is really another expense and a waste of resources, that could be used to effectively make a real effort to get some laws passed in Washington.

AntiSpyware Options

In reply to Is anyone else tired of spyware?

I’ll reply to your idea of billing the offenders in a second. First and foremost, however, are the steps you can take to protect yourself.

1) Download (free) and install Spyware Blaster on all the PCs. Will block a LOT (not all) of this stuff from ever getting on the machines.

2) Download & install (free) Spybot Search & Destroy on all the PCs. Use the advanced configuration to turn on scheduled scans to run weekly.

Download (free) and install Microsoft AntiSpy (formerly Giant) to all PCs and configure for autoupdate, realtime protection, and daily scans.

3) Purchase Pest Patrol Corporate, and install to an administrative machine (admin’s PC or a server) to run scans enterprise wide and provide realtime protection.

This should keep your systems pretty clean.

As to billing the offenders: Forget it. They’ll just ignore you, and they have an army of lawyers if you try to pursue collection! If you think you’re wasting time on spyware now, just try to actually collect on your bill!

On the other hand – send your anecdotal nightmare stories regarding spyware to your local congressman and senators demanding that they criminalize the placing of any executable code on someone’s PC without the user’s expressed knowledge and consent.

Make it a criminal Offence

In reply to Is anyone else tired of spyware?

Let’s just have the authorities make this activity illegal – implicate all parties – site owners as well as ISP’s who host the sites.

Think about it – If there was someone spying in your windows in your home – you could call the cops and have the creep arrested. Whether the creep is casing your place to rob it – or he’s just a peeping Tom – our courts would easily dish out a sentence. It’s no different with spyware – espicially since most of it has malicious intent – either sending info back for “Identity theft” or wasting your time by hijacking your browser. Let’s stop fooling around and fix the issue at the source.

Spyware tired of it?

In reply to Is anyone else tired of spyware?

I am in agreement with jereg!!!

I actually found one entitled DealHelper.com
I found their website, got their IP address and did a 24-48 hour D.O.S. to their site, as it had a business PC problemmatic for that length of time so I figured the old good for goose, good for the gander idea. I think it is an excellent idea to bill them for services rendered.

re: billing question

In reply to Is anyone else tired of spyware?

Since the spyware jerks did not actually ask me to perform the removal of their software I think the burden is still on myself and/or my customers. I am willing to submit bills for my time if it will help slow this down.

Great Idea – But how?

In reply to Is anyone else tired of spyware?

Jereg,
I agree with your sentiments 110%. However, I wonder how you would implement it. Do Spammers provide a billing address? I think this may be a good idea but practical implementation is still a question. How do you prove they owe you the money?
DrumIT

Can you spell “CLASS ACTION” ???

In reply to Is anyone else tired of spyware?

I HATE spammers and I LIKE this idea. To actually make it work, “we” need a class action lawsuit to collect on our billings.

So, I propose that we all send a bill for spyware removal. Then some attorney who also hates spam can tie them up in court for a few years.

…. anyone recall the civil action that WON against OJ ??? Nothing like a few $$$ being extracted from someone’s wallet to get their attention.

While “we victims” are at it, “we” need a leader – someone to contact the perpetrators and connect with the legal profession. Any takers???

I say – bury them with and in the legal system.

What About the Advertisers….?

In reply to Is anyone else tired of spyware?

What About the Advertisers or the people actually purchacing our private data?

As I recall, it is illeagal in most parts of the world to recieve “stolen goods”. Hitting the advertisers with liable suits would likely have better results.

If no one buys the info…the incentive to pursue info for profit should decrease.

Michael Welch

The Problem is… someone is always looking to buy.

In reply to What About the Advertisers….?

The Problem is… someone is always looking to buy.
Who in the right mind wouldn’t buy others information… especially if they know they’ll make a profit off it… one way or the other?

I totally agree

In reply to Is anyone else tired of spyware?

I spend hours upon hours trying to keep my pc and mostly everyone I know clean if it’s not one thing it’s another…I think you have a n excellent idea. So then if I wanted to bill them could I just bill them as a consultant?

Non-call List

In reply to Is anyone else tired of spyware?

Why not take it a step further and consider this some kind of criminal offense, kind of like telemarketers calling without permission? It is a constant battle, and for a personal computer to be taken to its knees because of spyware is utterly ridiculous, especially considering when most users cannot clean their pc’s.

How to clean your PC

In reply to Non-call List

format c:

🙂

Or you could just use your brain and get some anti spyware and a decent browser. And don’t just click OK to everything that comes up.

Great … a non call list … just post all your email addresses live onto the internet and it’ll all magically stop. Wow, I wish someone had thought of that before.

errr, one problem though.

Wouldn’t that actually give the people who you don’t want to get your e-mail address your e-mail address?

Don’t visit list

In reply to Non-call List

instead of depending on slime to honor a dont call list somehow, how about end users create a “don’t visit this website list”. It could be created automatically from anti-spyware programs. Any site that edited the registry (cookies do not edit registry) could be added to a list like the anti-spam RBL (realtime Blackhole List).

Any subscribing anti-spyware program could look at this list before letting end user visit the site. settings could either warn the end user that the site is a known source of spyware, or block it totally.

This would have advantage of catching all sites that did bad stuff, including ones that had been hacked. Site owners could look at list as early warning their site had been hacked if they had not added spyware download on purpose.

Disadvantage would be that at least one PC in the world running the subscribing anti-spyware would have to have had the spyware downloaded onto it.

Anti-virus / anti-spyware orgs/ companies could run networks of ‘honey-pot’ automatically browsing PCs that would both automatically browse websites via search engines and browse to verify reported spyware sites before adding to a ‘do not browse to this site’ list.

Bill to Spyware

In reply to Is anyone else tired of spyware?

I’d be willing to tey the idea. I’m fed up with having to clean my system on a daily basis.

tom

Spyware

In reply to Is anyone else tired of spyware?

How about doing the samething they did with the national no call list fo the phone system. Start a spyware do not send list and get the Feds,state and local goverments to sponser such a bill.
Thanks,
Fred

Credit Report

In reply to Is anyone else tired of spyware?

If they fail to pay your bill, turn them over for collection and report them to the three credit bureaus. These reports will damage them more than suing the bums.

Bill Them

In reply to Is anyone else tired of spyware?

I like it
Publish a list of addresses to send the bill I have plenty of spyware removal cases a week.
Xain

harder than you think

In reply to Is anyone else tired of spyware?

Maybe that will stop the companies that care about their reputation. But good luck actually getting a bill to some fly-by-night that will come out of the woodwork to fill the void the legitimate companies leave behind. FBN gets too much heat, they fold up, your bill comes back “undeliverable,” and, in a week or two, they’ve reinvented themselves and are spamming you again.
For a while, I was getting spam from “fs8@m01” I told them to cut it out, filed an abuse against them, they eventually complied–and I started getting spam from “fs8@m02” Tell me this ain’t the same outfit?

How about REAL guerilla tactics

In reply to Is anyone else tired of spyware?

I suppose my suggestion of a DDOS on spyware/adware servers would put us in the category of virus senders, but these f^$%ers really boil my blood.

A few molitov cocktails?? Who’s with me?!!

You’re Missing the Point!

In reply to Is anyone else tired of spyware?

The problem with spam, adware or spyware is that somebody somewhere buys something.

As long as people continue to buy stuff, people will continue to try to sell it.

People in China will continue to try to sell chinese jelly beans to everybody as long as people in Kansas, Paris and Boliva buy them.

To address spam issues: For business domains, how about an email honeypot?
This would be for unsoliticed emails and anything that goes to the honeypot would be blocked from actual emails. And you could send 10,000 replies every day for ten days. That would keep people away from your domain.

For pop-ups, have a plug-in that identifies when FireFox blocks a pop-up, sends the info to your firewall and automatically blocks that site’s ip for 30 days.

If everybody used a browser that wouldn’t allow the user to visit a site with a pop-up, sites would stop using pop-ups.

Can anybody write the email honeypot component?

they already do this

In reply to You’re Missing the Point!

brightmail and several other subscription services do exactly this (spam honeypots).

not all spam sells something, others are virus and phishing; so not buying wont keep these from coming.

Advertising Not the Only Motivation

In reply to You’re Missing the Point!

Money gained from advertising is not the only thing that motivates the offenders to write spyware. Theft is equally effective.

When a keylogger is deposited onto an unsuspecting user’s PC via drive-by-download or when they are tricked into visiting a phishing site, that user could be in for a world of hurt without spending a dime. For people still using modems, automated porn dialers can quickly soak them for a butt-load of money.

I’ve personally seen these things happen and can witness that the frequency of these occurences are steadily increasing.

Count me in!

In reply to Is anyone else tired of spyware?

I would love to know if there is a law that would allow billing and could include telemarketers that ignore the “I don’t want what you are selling list!” Jokes aside, just HOW d you track them down? I’m thinking, it would be ‘turn about is fair play’ by send them one of over 2000 virus, worms, and trojans I have collected on Zip’s. (grin)

Extra horsepower needed to fight it all!

In reply to Is anyone else tired of spyware?

My biggest beef with all the spyware (and viruses) is that is now common accepted practice to have to run software to combat it. Software which sits in memory, sits running on the pc waiting to ‘catch’ something. All this ‘necessary’ [and completely acceptable] software eats up precious cpu and memory cycles. I now have to buy a bigger machine just so I can use my machine. Webroot’s spyware software is great, but it cripples the computer. Microsofts is a little better. But I know when I turn off all my AV and Spyware and pop-up blockers [after unplugging my CAT5 cable, of course], my computer screams in speed, just like the days of yore (a few years ago).

That’s what I really hate about the world we’re in now. We need a bigger internet, now that we’ve filled the old one up wiht junk (re: spam).

It’s easier just to plug the holes

In reply to Is anyone else tired of spyware?

Take the easiest path. Plug the holes:

XP SP2
Deploy Firefox
Send bigger orgs through a decent Proxy like BlueCoat

It’s All about the Money!!!!

In reply to Is anyone else tired of spyware?

A few of us have had the germ of a good idea. Spyware companies exist because other companies pay lots of money to them for the data they mine. Remove the financial incentive, and the business dries up.
1. Find and publish the names of companies using Spyware companies (Verizon, T-Mobile & some national banks for a start) Have them published in major news sources -magazines, newscasts, etc.
2. Boycott these companies’ products, and encourage others to do the same.
3. Bill these companies (the data buyers) for the “costs” mentioned in other posts on this topic. Go through the process, lett’em refuse to pay, then formally report them to the credit bureaus – don’t forget Dun & Bradstreet.
4. When they find their credit ratings slipping, and sales slipping, and bad publicity popping up, they’ll start thinking twice about spending money with spies.
5. Whenever you run anti-spyware programs on your systems, and you find & remove infestations, save a copy of the report to a file on your computer. Send a copy of the file, with an estimate of lost productive time, and cost of repair, to your State AND Federal congressmen. 50 computers means 50 messages. Once a week meand 200 messages a month. (For this example) These people are too complacent about this topic, they don’t come in contact with the consequences enough.
6. Once a month, print out all of the reports, and mail them to the same people via USPS. Now they have both their email and regular mail systems clogged with their constituents making them aware of the size & intensity of the problem.
It’s called raising their awareness level.
In a cover letter going with the printouts (same one every month – change the date), ask them when they are going to take action against the problem.

And for God’s sake, tell them to get that guy from Claria off the Homeland Security post!!!!

It’s all about the money.

I agree with jereg

In reply to Is anyone else tired of spyware?

What they are doing with the spy ware they put into our computers costs us more then it does them..and to just recover from their tactics.. it’s alot of our time and our money that gets lost.. since the FTC and the FCC cannot see that.. cause they wish not to..we ought to petition and ammend for those who do put spy ware in..you will be charged a hefty fee for it’s removal..

I agree with jereg

In reply to Is anyone else tired of spyware?

What they are doing with the spy ware they put into our computers costs us more then it does them..and to just recover from their tactics.. it’s alot of our time and our money that gets lost.. since the FTC and the FCC cannot see that.. cause they wish not to..we ought to petition and ammend for those who do put spy ware in..you will be charged a hefty fee for it’s removal..

A good firewall pays for itself

In reply to Is anyone else tired of spyware?

Please don’t flame me, as I haven’t read all of the discussion so I don’t know if this has already been mentioned. But, I didn’t see it mentioned in any of the titles.

For a small business with one connection to the internet, a good firewall will block ALL of the crud. My client’s network gets no spam or spyware. Sure, the logfile from the firewall gets big with all of notifications of attacks that it thwarted, but I spend very little time dealing with junk ware.

Which Firewall???

In reply to A good firewall pays for itself

My friend . . . I’m incredulous. Share which firewall you’re using. If that is your only protection against spam and crapware and it works . . . by all means enlighten us! You could be saving my employer countless millions of dollars a year! Your valuable information could be the means of promotion for all of us – except you.

Yes, I’m ribbing you. Forgive me. I personally think you may be experiencing temporary bliss on an obscure network with incredibly disciplined users.

I administer servers and workstations on a federal government network and I have yet to see a firewall good enough to block “ALL crud” as you described. My experience says you need many layers of security – firewalls, antivirus, cache proxies, URL filters, spam filters, secure routers, workstation templates, GPOs, appropriate use policies, etc. (Phew! The list goes on.)

Good points, begging more discussion

In reply to Which Firewall???

I’m sure that you are quite right. Yes, my client’s networks are not large, thankfully obscure and the staff are generally well disciplined. At our monthly staff meetings, I have mentioned that we all need to keep up our vigilance in order to stop attacks before they start. And yes, I agree that a layered approach to security is necessary.

Which firewall? That depends on the installation. The original question was regarding a small business, and my response was based on that perspective. Clearly, your networks are a different breed which will require a different solution.

For small business networks, I have found SonicWall to be extremely effective in keeping out the crud. They’re not horribly expensive, but they’re not a cheap home network model, either. And they’re a whole lot cheaper than repeatedly rebuilding machines that have been infected.

I hope that there will be some more discussion. I’d like to find out about other firewalls and the layered approach that we should implement in order to keep our small business networks crud free.

As Requested – More Discussion on Firewalls

In reply to Good points, begging more discussion

I can understand your small business perspective. Two years ago, I worked in the private sector for a small financial company. I installed and maintained a SonicWALL firewall. Unfortunately, there was no port 80 security on the firewall and I had no money for extra devices. In addition, the staff was not as disciplined as yours and the principals of the company did not take network security seriously.

I frequently found that users had downloaded screen savers, themes, P2P, IM, and “utilities” like Weather Bug. Therefore, I frequently had to remove spyware and manually block sites on the firewall. A lot of malware comes over port 80 as a result of poor browsing habits with Internet Explorer.

In hindsight, I wish I would have had a NetScreen (now Juniper) firewall instead of a SonicWALL, but even then a layered approach to security was necessary.

Blue Coat is a nice Web cache proxy device that purports to block spyware. It works well with Web Sense which also blocks spyware.

Small companies may not be able to afford much more than a firewall and perhaps an enterprise antivirus solution. In which case, you have to be vigilant, help form good network use policies, secure your workstations and servers, and educate users at every opportunity.

I agree

In reply to Is anyone else tired of spyware?

You are not the only one who has thought about billing these companys for this. Now these slimy companys are getting worst and the average person would have no clue on how to rid there computers of the problem. I am at the point of suggesting that our goverment step in and make it a real crime with REAL punishment for these offending companys. Enough is enough, if it keeps up peaple are not going to want to use the internet for fear it may cost them money to get there systems fixed. Then where would we be?

something needs to be done

In reply to Is anyone else tired of spyware?

I also run IT for a small corporation and have a consulting business. And it is so unnerving to spend so much time eliminating malware from machines. It is insidious and so extremely counter productive. The mere fact that someone thinks that is such a good thing is beyond me. For them it is all about money and there are times when I won’t charge for my services because it is not the way I like to make my money. But, I would like for these net advertising companies to foot my bill for services rendered for their intrusive way of business.
So if there is a way to do this, sign me up.

Reply To: Is anyone else tired of spyware?

In reply to Is anyone else tired of spyware?

I think it is a good and would partticipate.

It is time to act ………..

In reply to Is anyone else tired of spyware?

We [ the folks that the public and companies rely on ] need to take a stand .
I personally have several friends who are more than capable of either slowing this down or stopping it all together.
It would seem that we have over thought all of this.
It comes down to a simple solution ……… as a teenager [ very computer smart ] told me .
Write a program that reverse’s the flow and in return disables the offending computer.
Ok …. I know it not quite that simple , but with all of the “brain power” we have just in this group , we should be able to come up with a realistic “fix” !
Disabling of the offender’s system in not a new concept or method of control , so why are we not using it ?
Me thinks ……….. I wonder ……….
who is benefiting from all of this crap ?
Hit them where it hurts …… not only don’t buy their product but demand that they cease and desist immediately.
At a local “coffee” we talked about the fact the several free …. checking services have went to full pay now ~ !
My oh my oh my ………. this stinks of corruption ………….period !
After all ……….who’s checking the checkers ???????
Now go ahead and tell me how wrong I am ……prove me wrong ………..
If you are a programmer …… prove to me that a program can’t be designed to disable to offending sender ……….
If you design/sell anti-virus software …. prove to me that you aren’t complacent in the known glitches and don’t ….. pre-design a fix , because every time a new “bug” comes around it makes you money ……… period .
.
I made this same challenge to our “coffee group” and am waiting to see if anyone will pick up the challenge ……….
.
Sorry … I’m not that smart or I would do it myself [ giving you an answer before you ask ]!
.
I will however help anyone , anywhere and anytime to execute this plan !

hacking is still illegal right?

In reply to It is time to act ………..

Write a program that reverse’s the flow and in return disables the offending computer

if memory is right than the above which you said is hacking. and that is still illegal right? and 2 wrongs don’t make a right (but 3 lefts do).

i guess i am just concerned. thats all.

Yes… It is, and so is Cracking!

In reply to hacking is still illegal right?

There are two types…
Hackers… Hack apart software, then rewrite it to improve upon it… and also to free it (give it at no cost to the public) If the software falls under GPL or GNU (Genral Public License)/ I’m Guessing GNU (Got No Use ??? )License, I’ve never found a specific clarified meaning for the abbreviation, or if it is known as freeware, where the owner is willing to give you the source code, then it is not illegal, It is also not illegal for any Linux or Unix Program, since the original lisence made by the creator of Linux himself said; (he stated) the source code is free and must remain free to anybody and must be offered free even if improved upon, “only in the case where one builds an affiliate program that runs on Linux / Unix foundation but is completely unique with [no] or less than [5%] of “borrowed” code can the individual be waved from the Lisence Agreement and claim the property rights for their software creation as their own, with no illegal action done. However, they must still provide the original “borrowed” code bits, which is Public Property under the GPL/GNU.
If a Hacker intends to Hack wether to improve or not, sell/give-away or not, a program that the permission rights and intellectual knowledge belongs to someone else… Then it is illegal, and big time prison time if caught. If in North America, Europe, Australia, NewZealand, South Africa, Japan and some other places where they enforce this law harshly, one can look at 10 to as much as 80yrs Prison Time. While In other parts of the world it is not taken so seriously.

As for Crakers… Their the ones who like to breake into software protected servers and P.H.C’s, and cause a lot of trouble by dilibrately and melishously corrupting files, slowing down Information traffic, etc.
Basicly… their the ones who have no good intent what so ever.

Sounds great…. But it will never fly!

In reply to It is time to act ………..

Sounds great…. But it will never fly!
It doesnt matter how much Knowledge one knows of Programing or what idea to implament and make it work. It may work for a short time, but thats all. And that’s the truth, this is why; Programing languages, ISP addressed, software, Other peoples ideas,etc, etc, etc. are “continuously changing” and they all make up what you know as the Net. The Internet has reached the point to where it can be compaired to the complexity of a neural network within a living oganism. Cell Phones, Servers, P.H.C’s, Television, Global Tracking Systems, Satilites, Robotic Intelligenses, security systems, etc, etc, etc. are all connected to the net… and that ain’t even the half of it.
Anyone trying to come up with a retaliation system, is wasting there time and money… or if it ain’t costing you dollars, look at this equation….. Life they sell as insurance, insurance = Money, Purchases = Money, Purchases = food, food = energy, energy = effort, effort = Time, cultivating = Time + effort, cultivating = work, work = Time, Time is presious and so is money, money is spent and so is Time, Thus Time = Money.

Tired of Spyware

In reply to Is anyone else tired of spyware?

I think the problem should be tackled by Microsoft, and handled via the operating system. It is the operating system that they are targeting.

First off, we have learned how to use blacklists and whitelists for our email.The same should be true of anything that attempts to install *anything* on your operating system, or make any changes to it.

The white list would allow all legit companies to run properly. It should be on the internet, so anyone encountering an install, overt or on the sly, would have to pass the whitelist test. Every legit company would happily join this list.

Everything else would have to be manually approved. The OS should keep a record of everything that gets installed, or uninstalled for tracking purposes.

It is the operating system that they are targeting?

In reply to Tired of Spyware

Not really… think about it, Your computer doesn’t buy stuff for itself, and it also doesn’t decide to write its own programs or better ones, or rewrite and perfect on old ones.
Spyware steals “your” ideas, not your computers, it wants to know where “you” venture to on the web… no operating system that I know of decides to take a surfing trip of its own desired accord when it feels like it.
And Spam… is just solicitated advertisements designed for the “would-be” buyer. They have nothing to do with your Operating System.

I made this same comment in another posting…

It is teh operating system that they are targeting

In reply to It is the operating system that they are targeting?

Yes, it IS the operating system that they are targeting. If the OS didn’t permit this activity, they couldn’t do it.

Spyware isn’t installed with the user’s knowledge, so it is not the user that is at fault, except, perhaps, by being sloppy. However, I don’t consider myself sloppy, and occasionally something gets by me too.

I am now running MS AntiSpyware, and am so far quite pleased. It runs 24 X 7 and alerts to any attempt to install spyware. It also scans at night and gives a report each morning. I’ve had it running just one month, and since then Adaware and Spybot no longer find anything, except one case where ‘sidefind’ was found, but it wasn’t actually installed, it was a leftover registry entry.

I haven’t gone to ‘warez’ to give it a real test though… 😉

No, it’s not the OS alone that is targeted.

In reply to It is teh operating system that they are targeting

In fact, most threats are targeted at the Browser.

That IE is so closely integrated with the Win family of OSes, particularly those subsequent to Win98, exacerbates the problem.

Not true!!!

In reply to It is teh operating system that they are targeting

“Spyware isn’t installed with the user’s knowledge” – yes your right in that respect… It’s not! But as I said before… what use dose a Computer have on its own (alone), None! Any Knowledge that is on a computer is input by the user, wheather they know it or not… Meaning: If you type or create or input Knowledge mechanically in on your own, or if you use surfing tools such as browsers to surf the web… you initially tell the computer what you like to look at or are interested in.
A computer does not create its own information or ideas, and it does not go surfing on the web by it’s own accord, and thus build up a knowledge bank of “red tags” identifying where it has been last.
That is done by the user and the user alone.
And that is what they “spyware creators” are after.
If ist’s the Os they are aiming at… the question would be… what for?
If they want to know its schematics… they can hack on their own. But we’re not talking about “hack ware” are we? Its “spy ware”, and as I said… if they want to “spy” on the OS… then they really don’t need to… cause they can spy on their own OS.
And if that’s the case… Then they aren’t so nosy, as much as they are stupid!

Reply To: Is anyone else tired of spyware?

In reply to It is teh operating system that they are targeting

OS systems and Browsers do not initiate private personal activities on their own accord… Thus, in no way can one say that “Spy ware” is aimed at the OS, Brouser, Data Banks, PCU, etc, etc, etc. And if IT consultans think that… Then I suggest you go back to school!

Even in Psychology you learn of the most advanced Bio-genic Computer… Its called the “Brain.” And the brain does not react to anything… unless it has been directly influenced by the senses, by way of the receptors, in conjunction with the Neurons.
The Receptors for a human… are the senses, “Internal” and external.
The receptors for a computer… are all the input devices, Keyboards, Mouses, Cards, etc.
Amd “Cards” as you know are on the inside.

Only differance is our Computers… “Brain” is more advanced.
But we do not respond to Nothing.
Every response needs an initiator, Just as every cause has na effect.

I’m beginning to think this is kindergarten class.

They can target OS

In reply to Reply To: Is anyone else tired of spyware?

while you’re computer doesn’t start browsing by itself, if they’re interested in spamming or phishing, they will make your computer start emailing under their control, or setup website to collect phishing info.

In this case they are probably not be interested in your surfing habits or personal info, since you’ve been zombified. they’re interested in your hardware and OS as an untraceable tool for spam, ddos attacks or phishing.

Am I tired of spyware?

In reply to Is anyone else tired of spyware?

YES!!!! And as acomputer repair center we make a lot of money from spyware/malware removal. Yet I am so tired of these programs being put on a computer without the owners knowledge or permission. Yes, I know, you download & install another program, (one that you think you want) and these things “piggy back” into your system, and they will argue that you “agreed” to allow it when you installed the other program. Blah, Blah, Blah, blah!!! Bottom line is this, if we fight back by billing them, will be just be tying up a lot of our (already very limited) resources? Will we find ourselves just constantly sending bills that just get ignored? If we sue them for payment, will that just tie up our paper work, time and or money. So, having said all that, let me pose a question, would it be better if we banded together and brought a class action suite against them? I’m willing to do my part in helping to get rid of spyware and malware.

Pop-up madness

In reply to Is anyone else tired of spyware?

I did not think of sending a bill, but I sure sent one of these annoying companies an e-mail telling them that I would NEVER purchase anything from them, and pointing out a spelling error on their site!

Out of the gate

In reply to Is anyone else tired of spyware?

Let see,

I use Symantec AV Corp version so users cannot mess with the settings, I update virus def’s once a night and scan HD nightly on all pc’s

I also use Astaro firewall w/intrusion protection, Spam, Virus and surf protection. I get updates all day long from them. I log every packet. Then back it up off site every hour.

All automated.

I have a very low intrusion problem. The worst is having USB on a pc and someone brings in the keychain storage devices.

I use AD to protect drive access.

So do we sue ? – not worth my time. I am from the school of be the black hat for a week and learn to protect yourself. Proactive not reactive.

If you deflect it soon you fall off the radar screen of wanna be hacks. Real hacks will see my protection and turn away fast. Real Fast.

It is that simple. Spenmd the money know your $hit and you will be fine. Oh and do preventative maintence. If it catches you off guard – You were asleep.

Spyware

In reply to Is anyone else tired of spyware?

I am all in favor of your suggestion, although I am sure that there is a legal loophole for the spyware/adbot companies. I run a public access lab, and I have wasted way too much time cleaning computers.
I will be installing Deep Freeze, plus I use Spybot and anti-virus software. As a public access center, i am in a constant battle with bots of all kinds, because many of our users are children and virtually all are computer-naive. I can’t tell you how many times someone comes to me and says that they computer they are using has a virus based on an adbot message.

heh

In reply to Is anyone else tired of spyware?

i absolutly agree with you. billing for the time will do nothing except tell them that we are willing to fight them to the bitter end. but we (my father and i) have been using TTC (Total Traffic Control by http://lightspeedsystems.com) for several months now and have recieved less and less spyware and spam. last week he only recieved 5 spam message out of approx 350 messages which includes his account that intentionally recieves spam to populate the filter. With the right security and filters in place we have had only to worry about the servers themselvs. the local workstations are frozen at his place (faronics deepfreeze enterprise http://faronics.com/html/deepfreeze.asp)call me silly but i am happy at the moment with where we stand. although there is something to be said about my home machine…..oh well

Agreed, screw the fixes, we want the money

In reply to Is anyone else tired of spyware?

lets find a way to bill back, then we could put financial liens on the corporations, and also the persons house.
Fight back
plus we need to recoup our lost wages by being in the now low paid IT fields

Spyware is good for business

In reply to Is anyone else tired of spyware?

As long as there are users to keep messing up their computers, you can come out ahead in the long run. I charge $80 a pop for removing spyware off of people’s computers. Sometimes it takes me an hour, sometimes 3, but all I usually do is install Spybot S&D, Ad Aware and do a SFC on Windows and then repair IE. That solved 99.44% of all the users problems. As long as they can surf the internet afterwards and Spybot is blocking sites, I’m a happy camper knowing that one more computer is clean and free of Spyware.

Tired of spyware

In reply to Is anyone else tired of spyware?

Damn right !!!!

This sort of thing was done with snail mail where junk mail was sent back to its origin for the sender to Pay for postage. As pointed out if enough people will join in then it can be very effective. I’m in

Tired of Spyware

In reply to Is anyone else tired of spyware?

I completly agree with you.
I’m sure that if they start receiving bills they will may be think twice…..

Firefox + Adblock

In reply to Is anyone else tired of spyware?

Has anyone tried using adblock to filter out these spyware? After you work on it for a bit its pretty easy to block most advertisements, I wonder if there is a way to upload a adblock list to other computers (probably is just haven’t tried). Adblock seems to block all traffice from a specific source not just filter it out after its been installed, if we were able to determine which websites these came from the adblock might be able to block the traffic.

Just a thought.

Reply To: Is anyone else tired of spyware?

In reply to Is anyone else tired of spyware?

I like jereg’s idea.. However these organisations are paying money to web sites to distribute their stupid spyware which contributes ti the economy of the internet as a whole. Kinda “Catch22”! So maybe it would not be a good idea to get rid of them?

So do hurricanes

In reply to Reply To: Is anyone else tired of spyware?

with that same logic, hurricanes also contribute to the economy by creating building jobs.

Perhaps we should have the military bombard builidings in the US to ‘stimulate the economy’

I agree that a good legal defense works

In reply to Is anyone else tired of spyware?

Sue the little creeps for the time it takes to put thinggs in order. If an ISP knowingly sponsers such parties then they too should bear part of the blame.

Spyware is a menance

In reply to I agree that a good legal defense works

Consider time spent, economic opportunities lost and likely theft of your secrets, then we need to have these guys fixed.

Spyware is a menance

In reply to I agree that a good legal defense works

Consider time spent, economic opportunities lost and likely theft of your secrets, then we need to have these guys fixed.

I am yet to get a better way to prevent spyware from spreading to machines on my Internet. Firefox works at times, but not always.

I am tired of spyware

In reply to Is anyone else tired of spyware?

I think that jereg has a very good idea. However, the only “bug”, would be trying to trace back to where the spyware and for that matter, any virii (plural for virus), are coming from. I am personally tired of having a number of programs on my system(s), that are necessary to try to clean out all of the spyware. Another thing, is if the spyware is coming from Europe or from the Middle and Fast East, how are you going to make the penalties stick? If it possible to charge the people putting the spyware on our computers, I am all for it.

Dose of their own poison

In reply to Is anyone else tired of spyware?

Why not? Why not pass a law requiring people sending un-solicited mail to pay for the time of recepients to read/remove/sterilize their mail. After all, if you call me on the phone from WorldsEnd, Zimbabyou, you have to pay for the call. So why not pay for their use of my computer? If they don’t pay, have the law require that if over 500 people they spammed are unpaid, the goes out of business or to jail.

Unfortunately, it is the user’s responsibilty to SAY NO!!

In reply to Is anyone else tired of spyware?

I don’t have time to go through all the posts right now, so forgive me if I’m being redundant. Unfortunately, the users need to JUST SAY NO! to the little “helpful” programs they keep installing. When they accept the EULA, they give your right to bill the company for your time-away! By accepting the EULA they say they understand that they are installing a program that is designed to wreak havoc on a system. (Some EULA’s hide this fact in mumbo-jumbo, but many are very straightforward, if only they were read!)

Again, it is a matter of user training. It’s too bad a license is not required for computing-with a minimal proficiency required before being issued. (Not really practical since potential threats keep finding new ways in-impossible to cover everything, especially things currently unknown!)

lock down your network

In reply to Unfortunately, it is the user’s responsibilty to SAY NO!!

so the fate of the company’s network should rest on some temp who browses to a trojan installing website to find screensaver/’utility’/freeware?

get real and lock down your net. then add training or at least notification to all users that if they manage to bypass and install something anyway they can be held responsible, so it is second line of defense only.

Great Idea

In reply to Is anyone else tired of spyware?

I’m all for it. I for one am tired of cleaning out spy/ad ware. And I’m tired of trying to find software to combat the problem.
Let’s bill them.

Spyware is the same as Hacking

In reply to Is anyone else tired of spyware?

Think about it…..you are on your pc and the net doing some work and without your knowledge a malicious program leeches it’s way into your box and installs itself in your hard drive, all without your knowledge amd with you granting permission for the owner of the program to install itself. Just getting into the box itself is hacking, installing a malicious program is hacking with the intent to disable the owners equipment. Thats what this spyware does, if you don’t act swiftly, it can bring a system to a grinding halt in many flavors…..The companies that design and distribute these programs should all be held on hacking and other various charges.

I, too, hate spyware

In reply to Is anyone else tired of spyware?

To bill companies delivering spyware to my computer is an interesting idea–not that it would bring compensation for my time lost in rooting out the junk, but that it might at least force those companies to lose their time rooting out my return junk. A junk for a junk, if you will.

Tired of Spyware in P.A.

In reply to Is anyone else tired of spyware?

as a Fellow Techie jereq i 110% AGREEE

Tired of Spyware in P.A.

In reply to Is anyone else tired of spyware?

as a Fellow Techie jereq i 110% AGREEE with your address to this Annnoying and Dangerous problem. Why not Bill “these” company’s for our long hours of work. Many people who are not tech savvy don’t understand what “we” techs go through when spyware crashes & disrupts their systems. Everyday we hear of people saying that their system is down becuase of potential Spyware & Adware problems. I say bill’em; bill the Bastards once and for all. Like the old saying goes all’s well that ends well. so lets do it. Come on fellow techies lets unite together and end this Chaos, get back control of the IT world we once had.

Reply To: Is anyone else tired of spyware?

In reply to Is anyone else tired of spyware?

i agree!! i am so tired of removing this crap! mostly from customers computers! these spam and spyware a**holes, owe me quite a bit of money! i think we should bill them and put them into collections, just like the credit card and cell phone a**holes do to us!!

Has Anyone Else Noticed This?

In reply to Is anyone else tired of spyware?

I have two antivirus programs on this machine. It seems that todays viruses are smarter than they used to be.

They seem to morph when running a scan. The 1st scanner doesn’t see them but the second program zaps them as they morph to avoid detection by the 1st scanner.

Multiple Antivirus

In reply to Has Anyone Else Noticed This?

Yes, I have noticed it. We have licensed Symantec Antivirus Corporate on our network, but some of the viruses and Trojans are sneaking right past the newest version with the most recent definitions. When I find an infection, I run AVG, NOD, Trend Micro’s House Call, and Panda Antivirus. I have found pests with each of them.

Even then, how can you be sure you caught everything? With serious infections, I have to resort to the undesirable reinstallation of XP.

Keeping more than one antivirus app resident is not always a good idea because they aren’t always copascetic with one another. Plus, you have the drag on your CPU time.

I used to preach Symantec products, but I relinquished the habit when I saw how much slipped by it. I’m not so sure any other product is much better these days.

thank you

In reply to Multiple Antivirus

I run symantec as well as trend micro. I appreciate your response. They do seem to work well together.

But for whatever reason one app just doesn’t cut it any longer.

To clean machines I have to use a number of programs.

But it pays the bills so I don’t mind 🙂

Just another day in paradise.

yes

In reply to Is anyone else tired of spyware?

yes

Capture, Gather & then Pounder

In reply to Is anyone else tired of spyware?

Here’s my nickels worth on this subject.

I too agree with jereg’s idea to hit them back where it hurts. And only by legal means would this put the brakes to those spammers.

Everyone participating could be running a software where one could identify and capture the source address of these adwares and spywares.

Many of these *wares also use other participating websites…etc, to spread and infest your computers. I’m not a lawyer, but in my books, the one holding the bag is as guilty as the one that stole the money that’s in the bag.

This log would then be filed and sent to an online server where these *ware entries would be stored onto a database. A legal copmplaint and warning letter would then be emailed to those spammers and participating websites, on behalf of those members.

The spammers would be made responsible to supply and/or provide