Wednesday, June 01, 2005

Spyware

If you're expecting a success story here, move on. I'm a whipped puppy. A friend of my daughter brought her laptop over with "things popping up even when I'm not on the Internet." Sounded bad from the start. When I booted it up and found that it had NEVER had any Windows updates applied (since May 2003) and the McAfee anti-virus trial period had expired (2 years ago!). The next day was spent downloading and applying patches. I'm a regular reader of Fred Langa's newsletter. I went to his site and found this article.

I figured that Microsoft's AntiSpyware was a good place to start. You'd think since they created this situation, they'd know best how to fix it. Well, you can't be right all the time. It ran and looked very efficient giving a long list of what it "removed." It lied.

Next was LavaSoft's Ad-Aware. It too ran forever and gave a long list of what it "removed." Same result. Several pieces of software were still there. All the while, Microsoft's was complaining and claiming that it had removed some vermin and then it would just pop up again.

Googleing the web for these particular worms, IEPlugIn and ABetterInternet, turned up war story after war story of horror stories of people trying to remove these.

After 2 days of working on this system, I threw up my hands. I think the only sure fire way is to reimage it. Perhaps if you ran HijackThis and posted to one of these helpful forums you could eventually get rid of it. I can't imagine how long this would take.

Anyway, the moral to this story is that I lay the fault for all this on the PC manufacturers. In this case this was a Dell but they're all the same. It should be a CRIME to sell a PC without a lifetime anti-virus subscription. It should be a CRIME to sell a PC without Windows Update turned on. It should be a CRIME to sell a PC with AOL loaded on it.

When I buy a commercial PC, I put a Windows XP installation disk in the CD before I ever power it on. Then I delete the partitions, format the drive, and install a clean copy of Windows.

1 comment:

Anonymous said...

I spent the better part of a day a few weeks ago cleaning up a friend's laptop. Aside from running the normal antispyware tools, watch task manager for anything that is not a known Windows process the delete files, remove registry keys, etc... Get everything out of HKLM\software\microsoft\windows\currentversion\run and runonce. It'll take a few reboots and a few boots into safe mode, but you can eventually get most all of it. Get rid of Kazzaa et al... That's the start of most of your problems anyway... Sorry, no more free music.

As for Antivirus, I'm cheap and have found a free version of AVG Antivirus from Grisoft that has worked pretty well for me: http://free.grisoft.com. Of course stay patched (SP2) and most of all, use Firefox -- you'll dodge most (not all) web expoits and have an all around more pleasant web experience. Searches, plugins, toolbars, and browsing in general are just nicer (smoother integration, faster, more natural seeming) than with IE. Tabbed browsing and mouse gestures (get the Mouse Gestures 1.0 extension) have changed my life. Anything that doesn't render right is likely due to flawed code anyway... I still use IE from time to time, but just when I have to.

Actually, the best way to avoid spyware is to avoid sites that look like they might have something to gain from spywaring you.... The best way to avoid getting mugged is to stay out of the dark allies.

Finally, yeah, it should be criminal. How much responsibility falls on the user and how much on the company though? It is worrisome how many REAL problems are caused by "zombie" computers these days... Something has to change.