Down with Spyware!
Spyware sucks. I hate this stuff. I have been doing everything I can on the network where I am employed to thwart spyware, malware, and any other group that remotely resembles their ilk. The latest little bug that is being disseminated through the world is getting in under the radar on most, if not all, of the spyware detection and cleaning programs on the market. This piece of hack software has an issue when you uninstall it with the Microsoft AntiSpyware Beta tool; namely it kills off one or more of the Microsoft network services, rendering your machine cut off from the network. Nice.The problems I’m seeing with every single one of these so called “anti-spyware” programs is that they all seem to use some sort of definition file. Simplistically described, this ‘definition file’ is simply a list of known bad files that infect PCs with malware. The problem with this is that new software is put out by these jerks on a regular basis and is often ahead of the definitions when they hit the net. Once infected, some of this crap is incredibly hard to get rid of and then leaves damage behind when you do! Why can’t some of the brilliant software coders that haven’t been drawn to the dark side create a piece of software that acts more like a virus detection application? That way if one of these rogue pieces of techno trash manages to get to your PC and begin an unwanted installation, it would be detected, quarantined, and destroyed like its viral counterparts. Yes, there are still definitions required for this type of software but they would be designed to detect behavior instead of solely looking for known bad files in an intensive scan of your hard drive.
Not that I think the number of viruses that get through are acceptable, but there are fewer virus strains that get through than spyware. Imagine if we would only have to deal with spyware at the same rate that we deal with viruses. Come on you trippy high-power coders out there! Let’s get with the program (pardon the pun) and kill this stupid spyware crap!!!
posted by Bonzai @ 2:46 PM
3 Comments:
Was it WINSOCK, I found out a thrid realease of the same beta fixed that issue....
When I cleaned out Steve Greenland's machine a coupe of weeks ago, it took 3 passes, a startup scan, with over 3 different programs, then after too many IE crashes, I made him uninstall every ActiveX known to man, that was accepted as trusted by IE... I agree, programs that get affected by this type of malware, really need to be able to detect it itself, and not trust any new code unless prompted...
No, it wasn't WINSOCK, it was a new critter that was only about 36 hours old. All you can do is either track it down manually, wait for the next definitions update for your favorite utility, and pray that the next update includes your bug in the definitions!
There is another one we saw when we were tracking this one down. They get around definition files by creating a "custom" installer for every file downloaded and then it hides in the system files. Every download has a randomized executable name rendering definition files obsolete.
They should shoot these people.
Randomly.
With little bullets for a slow death!
Post a Comment
<< Home