Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Tuesday, August 19, 2008

Where did my Spyware come from?

Most folks will immediately blame another family member using their computer especially if they have teens in the house. In most case, it’s nobody’s fault if a machine is infected with some kind of spyware/malware/virus/badware, what ever you call it. So how the heck did your computer turn into such a mess.

Social Engineering
The number one method the bad guys have used for years is to just plain trick you. I’m sure you know not to reply to Email from the former ambassador to Nigeria but what if you get an alert message from Microsoft that says they found three viruses on your computer and you must download ie_update.exe?

Recently, we’ve seen updates of Internet Explorer and news videos that claim to be from CNN and MSNBC. They’re all meant to trick users into downloading badware. Convicted hacker Kevin Mitnick tells how in the old days he’d leave a floppy disk laying around public areas of a company with the label “Employee Salaries”.

I recently spoke at a conference for the National Network to End Domestic Violence. A common trick discussed was how perps would send an online greeting card that includes an apology but comes laced with a keylogger so the abuser can spy on all future computer activity.

The use of social engineering to try and take over your computer will continue to be number one method and will certainly improve and get more sophisticated. You’re sure to see a lot of this type before holidays and anytime there’s a huge world wide event.

Software Vulnerability
You probably all know about those regular software updates from Microsoft, Apple, Adobe and others. I’m not a big fan of “auto”updates but downloading security patches isn’t a bad idea. I usually wait until they’ve been released for a week or so and have been tested by the rest of the world. After that I do recommend having your system software updated with any patches available.

A software vulnerability can install a program on your system without downloading or clicking on any suspicious links. Anytime you’re connected to the internet your computer is probed to see if it’s visible and if any vulnerabilities exist. If the right vulnerability exists when your system is polled it can become the property of the first bad guy to find you.

I experienced one years ago when MSBlaster suddenly appeared on my computer. Luckily, WinPatrol was on patrol and I was immediately asked if this was something I had installed. I didn’t know what MSBlaster was so I removed it. This was a brand new threat so none of the anti-spyware/virus programs had any information about msblaster in their signature files.

Music and Porn Sharing
Seriously, I don’t have a lot of first hand research on this particular segment but I do what I have to in the interest of knowledge.

While this may get much of the blame in many households its not as prevalent as it used to be. That’s not to say that surfing for music and porn isn’t a malware mine field, it’s just that infections are a little more obvious. You know you’re in trouble when the only way you can close the browser Window is to completely shut down the browser or reboot your machine.

You don’t really have Spyware
One of the main reasons people purchase new computers is because their old computer is slow due spyware. In many cases when I’ve been asked to clean up spyware I find the system is basically clean. Usually, the computer is old, and has had so many programs installed and uninstalled over the years that the version of Windows on their computer is just plain tired out. How’s that for a technical quote?

Windows is a collection of various programs and libraries. Over many years of installing new programs different versions of Window components may be installed. This can become a big hodgepodge of files and old drivers so that no two versions of Windows are the same. We used to joke that Windows 95 wasn’t the year it was released. It meant every 95 days you should reformat your machine and reinstall Windows from scratch.

My best advice for these machines would be clean up auto start programs, add memory, clear up as much disk space as possible, and especially clean up any temp files including the Internet Explorer cache. Others swear by defragging your disk or using registry cleaners but I’m not a big fan.

Additional References:

Windows Versions are like Snowflakes

AutoUpdates are Evil

Do I Need a Registry Cleaner?

Your PC is NOT old

Labels: , , ,

Share on Facebook


Anonymous Anonymous said...

Hi Bill, my name is Paul, just bought yous PLUS pgm,I love it but I'd like to make couple suggestions.when click 'WinPatrolLog',could add catagory of entry on entry.Also I made manual chgs (disable) but those chgs didnt show up when click 'View History',am I doing something that over rode logging of all chgs,human or non?

6:04 PM  

Post a Comment

<< Home