How exactly are you infecting yourself with spyware and viruses?

Miscellaneous and Personal Stuff I Must Share
1

Just spent another cold and lonely night cleaning spy-goo off of someone’s computer. I do this maybe 3-4 times a year for various family members - including the times when I say “it’s fux0red. Bring it over, I’ll reinstall…”

But I wanna know, seriously, how exactly this happens. The internet (including this board) is SPEWING with HijackThis logs and the likes from Joe User asking how to rid himself of “this spyware or trojan that I seem to have”. In the course of fixing the problem at hand friendly techs like me also end up cleaning off gigs of goofy startup programs that people didn’t know they had or didn’t want or something.

The last 2 folks I cleaned up after use web-based email exclusively, so Outlook isn’t their problem. So it’s either IE or something else (?) They also run Spybot and ad-aware (like I told them) and have all those “fancy” SBC-provided tools that supposedly keep the baddies out. But they still get infected from time to time.

So where exactly do you GO to get this stuff? Seriously. I rarely get spyware and if I do, I know exactly where I got it from (warez/cracks surfing. I’ve since given up the hobby). I know exactly when I’m infected and am usually clean shortly thereafter.

Do you know where you get it from? Can you admit to the things you may have done wrong to acquire these nasties or do you seriously not know?

I’ve never gotten straight answers out of anyone I help. Either people don’t know or they won’t cop to it. Usually they don’t come to me until a few weeks after infection and by they they dont’ have the slightest clue what misstep they took.

I’m not trying to belittle or yell at anyone. Helping people clean up their machines is just something I am used to now. I am genuinely curious as to what everyone else is doing differently than me that is causing all of this…hubub.

With all of the ISP-based tools out there and the filtering of messages at the server level, and alot of folks using web-based email and/or switching browsers…the pop-up blockers and the AV programs and the shutting down of most of the popular P2P networks…what else is left to do the damage?

My guess…alot of the “harmless” apps are coming bundled with safe apps and people are installing them unaware (like Viewpoint with AIM). And on the “nasties” side, I am thinking the popularity of online poker. The poker java apps are forcing stuff through…

So, general public at large - tell me where you get your spyware. I don’t know why I want to know, but I do.

2

I don’t know why friends I know end up with hundreds of the sodding things on their systems either. They don’t go to really bad sites, have AdAware and Spybot loaded and update both … I still reckon some folks are cursed. Touch wood, I’ve kept clear except for a few minor pieces of crap. Must be too boring in my habits, I guess.

Could be 'cause I use Firefox almost exclusively. Dunno.

3

I’ve had one virus. Three or four years ago, I went to a web page about, of all things, “National Lampoon” magazine, and there was malicious code in the page. The virus alert in my Norton Corporate AV popped up and caught it. I use Netscape for web and mail, I view only in plain text, have images and HTML blocked for e-mail, block all cookies except for those sites that need to use one, and use AdBlock. In addition, I’ve gone to my ISP’s website and created a list of people who can send me e-mail. Everybody else is outta luck. I get no spam! I have never opened an e-mail attachment, or an e-mail period, from someone I don’t know. I run Spybot Search & Destroy regularly. It never finds anything. I don’t have the first clue how our router works, but it has some kind of firewall in it that’s like Fort Knox. Nothing gets by it. This is so easy. I don’t know how other people manage to get trojans and viruses all the time, either. If they’d only use the right tools, and take the right precautions, it wouldn’t even be an issue.

4

I know where I get them from. Porn sites. When I visit them, I generally surf around, jumping from one site to another, following varous links, visiting these pages that just have links redirecting you to other pages with just links (I never understood the point of this, by the way), redirecting you to other pages with thumbnails and so on. I mean that I don’t check some specific site I know but rather visit a large number of different, random and unknown ones.
It actually rarely strikes my fancy to visit these sites, but each time, without failing, I got some viruses, spywares and other nasty stuff. Quite often, there’s one that can be identified, but not eradicated by available anti virus programms, and I’ve to use some dedicaced programm found on some specialized site, which could very well include nasty stuf itself, for all I know, or to format my hard drive to get rid of them. As far as I can tell, they often seem to be downloaded when you click on some thumbnail. Not to say that all such sites are nasty, (since Im sure the paying sites wouldn’t want to have their customers complain about this sort of things), but a good deal of the random, free ones that are online just to redirect you certainly are.
So, I can easily imagine that a person surfing for porn on a regular basis and not cleaning his computer afterwards would end up with hundreds of these.
As far as I know, I never got a virus in any other way (though I might not have noticed it, of course).

5

Many music lyric sites seem to have nasty infected code on them, in my experience. Occasionally I’ll Google for lyrics, follow a link, and my spyware detection software will go berserk. I don’t know if it’s the popup/banner ads which contain the stuff, or the site pages themselves. As someone above mentioned, I know of people who’ve gone to more “respectable” sites (including computer game magazine sites, etc.) and got something there.

6

Three cheers for clairobscur for admitting it first!

I figured porn would be a big culprit…and I also agree that alot of non-porn sites have it as well. The person I cleaned up last night is 13 and he knows better than to let me catch him surfing porn. I think he goes to alot of “kewl flash gamez” sites tho.

And fishbycicle - I take about 1/8 of the precaution you do and I am still ok.

7

I never go to porn sites, use Firefox, have the latest updated versions of Adaware and Spybot, and yet I still get them from time to time. Really bizarre, how widespread the nasties are now adays. Like ebay, the internet has really become a dirty thawing piece of raw pork.

8

Not having a firewall turned on can nail you. Several months ago, I reinstalled Windows XP SP1 on a new hard drive I had just purchased. I forgot to turn on the firewall, :smack: and had virus get into machine while I was downloading the updates from MS. Other sites have done test, the average time for a unfirewalled WindowsXP box to be hacked is around 20 minutes, just sitting there doing nothing while connected to the net. Good thing MS wised up and with SP2 had the firewall turned on by default.

9

So you can get a virus just by visiting a particular webpage? What sorts of viruses are these? I don’t think I’ve gotten one ever, but maybe I just never noticed. I’ve certainly visited some weird sites.

10

I still get a few bits of spyware, but not very many. I use Firefox unless I absolutely have to use IE, and I don’t use Outlook either. I’m not sure where the spyware comes from, though. Maybe some game sites? I don’t look at porn online, so I know it isn’t from there. The first of my friends to run Ad-Aware and Spybot found more than a thousand pieces of spyware on her computer. We looked at the results list in wonder.

I wonder what is the most spyware/malware one computer has had on it at one time.

11

You can get hit just by having a connection to the internet. You don’t even need to have any applications open for someone to be scanning IPs and find yours is an active one. Once they find active addresses, they start hammering away at them until they can worm (heh!) their way in through an active “service” running on your computer.

Services are the operation-system level things that run all the time. Some are vital parts of the system and can’t be shut off, so the virus and worm folks look at ways to sneak in through them.

12

Someone recently did an experiment to see how long an unprotected PC (no firewall or AV) would last after being connected to the internet.

The result? About 4 minutes.

13

Hww many who got nailed were running XP, NT or 2000 as an admin and how many as a limited account?

14

IIRC, they were running Win XP only (not sure which service pack).

15

I rarely get spyware or viruses, and always manage to clean them off. This while using Internet Explorer was my web browser. But I have had to clean spyware off hundreds of computers over the past year or two.

People get spyware because they download it. Prior to Windons XP SP2, this could be done without the user’s knowledge. Porn and lyrics sites have a lot of is, as does a lot of “free” software. I like to point out that, while there is plenty of good free software, any free software that shows up in an advertisement is spyware. (They’re paying for ads, so they have to get their money back somehow.)

Viruses usually are due to clicking on an attachment. Some viruses do take advantage of sercurity holes and spread very rapidly over the network, but these are relatively rare (but are a major problem when they do crop up). But the vast majority of viruses these days infect because someone has clicked on the attachment in the virus e-mail.

16

Yes, but did they just leave it sitting there with the administrator account and no password, or were they a limited used with a complex password?
Everyone at my joint including the network admin runs as a limited user. My problems are mostly with Win 98. We had a Win 2000 I forgot about during the virus attacck aimed at Win 2000. (I took all the other Win 2000 boxes into my office :slight_smile: )With automatic updates, anti virus and limited user, it came through ignored by me but unscathed.

17

No admin account, no password.

18

Of course, and that’s where your average guy needs updated antivirus.
But like Blue said, the Linux boxes I have that report such things show all sorts of bad folks trying to get in. I guess the difference matters mostly in whether you get nailed by “shooting the duck” or clicking on the “You go to illegal web sights”(sp) message from the FBI without an updated antivirus app, or hacked with an administrative account without a password.

19

OK. I’m going to correct my previous post. What I got while surfing were usually trojans, not viruses.

20

Many of the free music sharing programs are loaded with spyware. One recent build of **Kazaa ** was tested, and installed something like 28 different spyware and adware programs. And when you uninstall them, it only removes the application, but not the spyware.

Here is list of known file sharing programs that are infected.