I pit Malware/Spyware!

I recently got a job as one of the technical support people at university. Basically, people call or walk in (often with their laptops in tow), and we give them computer assistance. It seems that every single one of them, to a greater or lesser extent, is completely infested with malware. By now, we even have our more infamous individual pieces such as WebRebates or Bargain Buddy (I’m beginning to wonder if I would be wrong in sending the entire campus an e-mail, imploring them to never ever download a piece of software with the word “Buddy” in its name). So far, our record is over 3,000 pieces of software on one machine! :eek:

Though most of it goes away when Spybot or Ad-Aware, some of it keeps bouncing back, deciding that we must really not have wanted to delete them. I especially love the search toolbars that beg and plead to spare their lives, as they really aren’t spyware just because they came onto your machine uninvited and started changing things. Or even worse, the spyware that shows advertisements for freaking spyware removal tools! I’m sure there isn’t any conflict of interest there. And to top it all off, it isn’t even justifiable on grounds that “they deserve it, because they installed KaZaA, Bearshare, and a bunch of other P2P programs.” The vast majority that I’ve seen so far doesn’t come bundled with other software, prefering instead to sneak in through darker methods, and avoid paying anyone a comission.

Moreso than the spyware, I pit the psychopathic authors of this junk. Never once have they remotely considered the possible ethical issues in a profession where the number one goal is preventing the user from getting rid of your software at all costs, and making sure it’s as easy to silently install as possible. I hope each one of them gets their own little special hell, eternally dedicated to removing every spyware program that they have ever written from an infinite number of computers, where whenever one of them spawns a pop-up, they’re dipped in the boiling lava, all while hearing Bonzi Buddy, 24 hours a day, in a loud, screeching voice, inform them of all the special offers that they are missing.

We’ve almost given up our policy of not trying to criticize their software choices, and instead just installing Mozilla on whomever walks in with a spyware problem. My god, this junk is worse than viruses. At least those authors don’t have the audacity to think they’re merely honest buisnessmen. Moreover, viruses don’t have this tendency to invite all their friends to a new computer they just infected. In fact, other than that, the two genres of software are remarkably similar.

What I can’t understand is how anyone could put together a business model that is based upon hijacking someone’s computer and expecting/hoping that they will actually buy their products.

Are people really this dumb?

Not as much. Often people don’t know that the spyware is coming from their computer, and not the page that their browsing. I’ve seen a lot of spyware that will make certain words into links to affiliated sites. Other spyware seems to make a buisness model of simply selling user information for marketing purposes or whatever. Still more get their money by simply stealing comissions from Amazon referrals (they alter it to look like they did the refering), or by hacking any ads the user clicks on, to give the authors credit for the click-through.

You’re probably right. Still, it’s such a sleazy way of doing business, that it seems to me (as someone who “does business” in a legitimate manner) that it would be difficult to gain support from investors/banks/etc. with such a model. As soon as you (the random computer user) discovers the manner of solicitation, you would (hopefully) immediately stop using any products from those backers, and tell all your friends how these people (and their associates) are conducting their business. The potential backlash is just too great.

Of course, there are always folks to be fooled – which is why it’s so important to spread the word about the “tactics” of the spyware/adware assholes…(as you are doing…)

You can get rid of some of the more stubborn stuff, but you must have enough courage or anger to directly change your registry file. A lot of it hides in there. Make a backup and a boot disk first.

Are there any movements to try and get this stuff outlawed? I don’t see how this shit is any different from viruses. It’s vandalism, pure and simple.

Outlawed where? If you make it illegal in the US, the spyware writers will move their base of operations somewhere else and install it from there.

They’re usually masterful at hiding.

Don’t forget Gator, GAIN, or (according to the IT folks here) any software that claims to “accelerate download speeds” or makes any reference to Marketscore Internet Accelerator .

Since these computer owners are at the university, that means they seek to become more learned. You can start by instructing them that net surfing is akin to sex in that if you stick your browser in the wrong spot, you may come away with something nasty. They should be running Spybot S&D, Adaware, and/or any of the other good programs before coming to you for assistance, IMHO.

Walking in and having you fix things, without their becoming aware of bad surfing habits, is an incomplete equation.

Were I in your shoes, I’d draft an advisory to all students before they hit campus, explaining the problem, and directing them to download and install appropriate software, view and print the registry, and create backup/boot diskettes. Furthermore, I’d include a list of URLs to avoid. My 2¢.

When I worked for the University of Pittsburgh’s Computing Services and Systems Development, one of the things that we did was create a software toolkit CD that contained things like licensed (through academic affiliate programs) anti-viral software and freeware items that could be used to guard against malicious software. We had them made up rather cheaply, and distributed them from all of our campus computing labs.

Perhaps this is another avenue that your university could look into.

To DancesWithCats – We do have an advisory people look at on their Opening Days CD, as well as printed information, which, along with most of the literature we pass out, is promptly ignored. When they do come to us for assistance, we install Ad-Aware and Spybot, and instruct them to run and update the programs about once a week. Also, we offer to install and setup Mozilla for them (our alternative browser of choice). Besides instructing them to never install things they see pop-up without asking for them, to make sure not to download P2P software (by far the biggest offender), and instructions about the reasons to use Custom installs, it’s a tricky problem to avoid.

Whoa! I just finished writing my own thread on this very topic when I cam accross this one.

I’d say it’s high time for a little vigilante justice. Anyone want to join me?


The big difference is that the vast majority of spyware has your permission to install itself on your computer. That’s right, you wanted that game, or that music sharing program, or that screen saver so bad, that when the little box popped up and said “Do you agree to the following terms of use?”, you just couldn’t click on “I Agree” fast enough, without reading the 5,000 words of fine print, somewhere in which was buried the phrase, “You agree to allow any kind of third party marketing software to be installed on your computer”. So whose fault is it?

I agree.


Do you read the 5000 word disclaimers? If so, you’re the first person I 've ever heard admit it.

AS soon as I grab my pitchfork and my torch, I’m there!

And a huge amount installs without permission when you visit a Web page. CoolWebSearch inserts itself into your system through a known security hole in Microsoft’s Java client. This is a damned worm, NOT something I unknowingly invited into my system.

When I first got high-speed internet, my computer got so clogged with spyware I couldn’t open Internet Explorer without hanging the system. I cleaned it up and changed all my IE security settings to the strictest possible. After about a week of having to click “No” six times every time I loaded a new page, and still receiving some spyware anyway, I got sick of it and switched to Mozilla. Spyware troubles solved. Microsoft may not be writing the spyware, but they bear a large part of the responsibility for its spread because of how they designed IE.

A person who would create or distribute spyware would probably steal anything he could hide in his coat if you invited him into your house. This is the kind of mentality we’re dealing with.