Perspective: The spyware that loved me

The IT department finally came for my computer last week.

For weeks I had been investigating companies that claimed to offer spyware-fighting software but secretly distribute spyware or other advertising apps along with their products . Because I wanted to put myself in the shoes of the average computer user, I deliberately let down my protections to load the applications in question.

Not the swiftest decision, I was told by the IT technician who hauled away my machine to reimage the hard drive. After weeks of headaches that got worse and worse, the machine started surreptitiously pumping viruses onto the corporate network.

At last the final indignity came. Instead of simply harassing me, the weedlike programs turned their attention to my company's network and started sending out viruses

I had an idea something was amiss when ordinary Web browsing got weird. I don't typically use Internet Explorer, so pop-up windows aren't a problem. Suddenly they became a fact of life. Immediately after installing the software in question, I began seeing new windows for a site offering to give me new "Smiley" icons for Yahoo Messenger. Whenever I used Google, a site called Zesty Find oh-so-helpfully popped up in front of whatever I was really trying to find.

Before long, new toolbars showed up--unasked for--on my screen. Most provided links to other little-known search tools, like Search Web Now and--again--Zesty Find. One of them, which I still can't figure out how to get out of my Internet Explorer browser, seems to be named "zooootrllpq." And no, that's not a tropical beetle.

My Internet Explorer favorites list also received an unexpected update. A few hours after installing the antispyware software, I was the proud owner of a handful of IE bookmarks, offering links to online casinos and sexually explicit sites with topics such as "fetish" and "shemale." Other links started appearing on my desktop with no real rhyme or reason, sometimes offering pointers to Internet gambling sites, other times to online love connections.

For weeks, Flash-based cartoon ads would suddenly load and start playing over my browsing window. More traditional pop-up boxes followed me everywhere.

My mantra while covering adware and spyware for several years has been to be careful and to use spyware-killing software like Ad-aware or Spybot Search & Destroy. I deliberately broke my first rule, and I quickly found out how little help the second one can be. Both programs found adware on my computer with ease, and I've spent hours deleting suspicious files and registry settings--but every single day, the same digital pests came back. Somehow they were hiding in the recesses of my hard drive like dormant seeds, ready to sprout up whenever conditions turn favorable again. In my case, that happened to be every single time I turned on my computer.

At last came the final indignity. Instead of simply harassing me, the weedlike programs turned their attention to my company's network and started sending out viruses. That's when the SWAT team got involved.

This is the direct equivalent of somebody breaking into your house and putting up posters over your windows.

I may not be as tech savvy as Linus Torvalds, but I know my way around the Windows registry. I can usually separate a white-hat .dll file from an imposter and can identify and disarm a rogue Browser Helper Object at twenty paces. The average Windows user is--I think--substantially less equipped than I am to figure out why these things are happening, and how to stop them. Still, I was at a complete loss.

And that means something needs to be done. This is the direct equivalent of somebody breaking into your house and putting up posters over your windows that reappear a few hours later every time you rip them down.

We're used to ads in mediums such as television or radio, but the key word there is medium. A Web site is a medium, and one expects to see advertisements contained inside the Web experience. The PC itself is property and the normal privacy and private-property laws should apply.

No-trespassing signs aren't enough, as my experience and thousands of others have shown. There are laws on the books against misleading consumers, and the Federal Trade Commission is starting to look at them in the context of spyware and adware. PC users could use a little more help. They need not to be abused by companies that have no compunction about outrageous trespassing and privacy violations. Somebody must be held accountable.

Now excuse me, I have to go set up a Roach Motel on my hard drive.

Biography
John Borland is a senior staff writer at CNET News.com. In 2003, he co-authored a book about the culture of computer gaming, called "Dungeons and Dreamers."

More Perspectives

FCC moved quickly after Janet incident....

Seems to me the unauthorized entry/intrusion of millions of pcs is much more important than Janet's breast. I guess we know where the priorities lie. Common sense has been thrown out the window lately. What's best for the people has taken a back seat to politics. sigh

Another good reason to move to Mac!

After spending all weekend (again) disinfecting my wife's
Windows desktop and my son's Windows laptop of these kind of
programs. I am dumping Windows altogether and buying more (I
already have a powerbook) Macs.

The only problem is - with more people doing the same,
someone might notice all of us content users and try to break
our world. Long live Unix

Simple fix

You could have tried Ad-Aware 6 to remove all your spyware, its great free software that keeps my computer clean.

And for surfing, you should really try out Mozilla Firefox to avoid popups etc

[BillPStudios]

WinPatrol, Mysterware and FTC

Adaware and Spybot are great tools. I wish you could have inspected your machine using WinPatrol also. WinPatrol would have showed you the specific add-ons and their locations.

The FTC is still accepting comments from folks before their Spyware Workshop later this month. You should submit your experiences. There's a link on www.Mysterware.com.


Bill Pytlovany

[BillPStudios]

WinPatrol, Mysteryware and FTC

Adaware and Spybot are great tools. I wish you could have inspected your machine using WinPatrol also. WinPatrol would have showed you the specific add-ons and their locations.

The FTC is still accepting comments from folks before their Spyware Workshop later this month. You should submit your experiences. There's a link on www.Mysterware.com.


Bill Pytlovany

How about some simple openness??

Seems to me that the best way to fight this is to be very open about the source of all this spyware.
Why not start a directory where all information about them is available, with ranking (!!) etc. It would make them unpopular in a hurry!!
You might even make it possible for CNet subscribers to register new spyware!
And include some basic cleanout procedures.

Isn't this the way the Net is supposed to work?

[mpotter28]

"way the net is supposed to work"

nice idea but the net your talking about was destroyed years ago by money grubbing thiefs. The commericalization of the net has changed it from a information/communication highway to the preserve of people trying to sell you crap (just check out e-bay they'd sell dead babies if the bad press didn't cost them money. then there's your local ISP (or mine anyway (ma bell)) every year they increase their rate by more than inflation rate and never invest any of their gross (as in evil) profits in keeping their service running in any acceptible manner. I could go on but essentially it's time to begin the revolution. When you get a pop up window or spam call the evil crooks waste an hour of their time and then inform them that it just come to your attention that you have a policy against buying from firms that use invasive advertising and hang up

Spyware Removal

I have spent a couple of years now removing spyware for my customers. Before Ad-aware and Spybot were available, I was working to do it Manually. About 6 months ago a new form of spyware came along that these programs simply do not find. Antivirus programs say they are not a virus. They take up residence in the windows folder and c:\windows\system32 and or c:\documents and settings\(your username here) To remove these you have to goto safe mode and login as administrator. Unhide all files, Includeing protected system files. Search these folders for hidden files named simular to this eenmmdsfz.exe
The Hidden files when unhidden will have a whited out looking icon. They will never have a recognizable name. So if the name is a word do not delete it. Also legitimate files will have the manuafactuor of the file listed on the file's advanced properties. IE Microsoft, Symatec etc.
It usually takes a few try's to get them all but it can be done. AS A WARNING ALWAYS BACKUP IMPORTANT DATA BEFORE ATTEMPTING ANYTHING LIKE THIS :)

spyware

i have a very ugly spyware on my system, whenever I try to login to my Yahoo acct it will not let me,it switches to a browser called "about blank". I am not that computer savy, so I would need almost computer for dummies instructions on how to get rid of it. Can you help?