April 26, 2005
PCWorld.com at Yahoo - First Look: Symantec's So-So Spyware Protection: "Like previous versions of Norton Internet Security, 2005 is meant to be an all-inclusive security package for Windows 2000 and XP computers that includes necessities such as a firewall and antivirus protection in addition to its brand-new spyware detection app. As a result it's a big program, and a big download. The 33MB download installs approximately 314MB of files, 11 services, 3 startup items, 2 toolbars, and 2 BHOs (Browser Helper Objects), all of which results in 8 additional processes running in memory on the PC, which made my test system noticeably less responsive."
Sigh... Symantec? Norton? If you're willing to go through the hassle of removing all Symantec product from your system, try Panda or CA's eTrust EZ Antivirus. Anything but Symantec!
April 24, 2005
Beloit Riverfront 2005
View Guestbook
Photos: 10
Created: Jan 16, 2005
Scenes From Home
View Guestbook
Photos: 4
Created: Jan 16, 2005
Christmas in Galena
View Guestbook
Photos: 11
Created: Jan 16, 2005
Beloit Riverfront 2004
View Guestbook
Photos: 9
Created: Apr 24, 2005
April 22, 2005
Threatchaos.com: Cool Web Search: The Ebola of Adware:
Yesterday I promised to reveal the most prevalent adware on the Internet. It will come as no surprise that it is Cool Web Search. Of course there are many versions of this nasty piece of work.
Here is the break down from the most recent Webroot Spy Audit results. Out of 1.49 million machines:
Version -- Number of machines
CoolWWW -- 227,513
CWS AboutBlank -- 187,246
CWS sp.html hijack -- 7,439
CWS_AnalyzeIE -- 7,569
CWS_Cassandra -- 6,860
CWS_Directwebsearch Hijacker -- 9,904
CWS_Ehttp Hijacker -- 16,978
CWS_Hputi -- 9,130
CWS_iesprt -- 5,616
CWS_mailhook -- 5,203
CWS_NS3 -- 167,897
CWS_NS3 Hijacker -- 57,123
CWS_xplugin -- 9,732
Total CWS -- 718,210
Half of all machines on the Internet are infected with Cool Web Search! Yesterday I used some data that is available on revenue generating capability of adware to project what each of the adware vendors are doing in terms of annual revenue. If I were to use the same numbers to calculate CWS's revenue it would be well over $200 million. It is hard to imagine an illicit group of hackers garnering that sort of revenue. I suspect that CWS is much worse at maintaining consistent revenue per infection because it is the Ebola of the Internet. It is so malicious that it tends to break the ability of a machine to browse effectively and therefore limits the number of ads and click-throughs that can be generated. Like Ebola, it kills its host before it can be productive.
Webroot's advanced research lab has access to huge volumes of data on adware, system monitors, Trojans and cookies. The data is used to come up with the Top Ten Threats list.
I took some time this past week to dig into the numbers a little more deeply. Now, a word of caution: these results are from the spy audit that Webroot conducts along with Earthlink and reports every quarter. The data does not come from installed versions of Spy Sweeper. (Think about it, if you have Spy Sweeper installed you don?t have any of these threats, right?)
Here are the raw numbers for the number 2 through 7 most prevalent pieces of adware we found:
Gator (GAIN) - 215,866
180search Assistant - 203,707
BlazeFind - 178,230
ISTbar/AUpdate - 159,137
Transponder (vx2) - 158,505
Internet Optimizer - 154,901
These results are from 1.49 million machines scanned.
So, if this were a market research report Claria (GAIN) and 180Solutions (180search Assistant) could each claim a presence on 15% of machines scanned. If we take the leap and assume that the sample is representative of the Internet in total we can estimate how many machines have each of these products installed on them. Using the reported number of active Internet users from the same time frame, 265 million, we get the following number of installs for each of these products:
Gator (GAIN) - 38,400,000
180search Assistant - 36,200,000
BlazeFind - 31,700,000
ISTbar/AUpdate - 28,300,000
Transponder (vx2) - 28,200,000
Internet Optimizer - 27,500,000
April 18, 2005
One year ago this week (April 19 to be precise), the FTC hosted its Spyware Workshop: ... Unfortunately, the most significant developments in the year since the FTC workshop are all bad news for internet users.
Hmmm... Eric's summary of the current state of things forgets to mention a recent survey indicating that 90% (9 in 10!) of PCs are infested with some kind of adware/malware/spyware.
I'm looking for a link to the news article... Ah... there it is!
Panda Software - Press release
Glendale, CA - March 29, 2005 - Spyware is one of the most common security risks and directly affects user privacy. What’s more, it is one of the main reasons why users call internal technical support centers in companies. The data is surprising: according to a recent report compiled by the companies Webroot and Earthlink, 9 in 10 computers have spyware installed. This means that 90 percent of computers are affected by this type of malware. What’s more, an average of 25 spyware programs were installed on the computers studied. Similarly, data collected by Panda Software’s free online antivirus solution, Panda ActiveScan -the new version of which also detects spyware-, shows that 84 percent of the malware installed on computers is spyware.
Shameless plug: We just got the latest version of Panda Anti-Virus/Anti-spy in stock at Staples. And it really is an excellent product that's worth checking out.
April 17, 2005
Yahoo! News - Symantec Hops Aboard Anti-Spyware Train:
"Taking a page out of rival Microsoft Corp.'s playbook, Symantec Corp. rolled out a free public beta of the new Norton Internet Security 2005 AntiSpyware Edition, adding spyware-detection capabilities to a product suite that already features virus protection, spam detection, intrusion protection and content filtering."
eWeek - Symantec Preps Anti-Spyware Launch as Revenue Climbs: Symantec Preps Anti-Spyware Launch as Revenue Climbs - By Mark Hachman - eWeek
"Executives at security solutions provider Symantec said they're confident that the company's business will continue to thrive in the face of Microsoft's Windows XP Service Pack 2, and they promised a comprehensive anti-spyware package in the next few weeks.
"In a conference call Wednesday announcing the company's earnings for the second fiscal quarter, executives said Symantec's revenues had increased dramatically from the same period last year, even lacking the presence of a big-name worm that would energize sales."
Symantec, Inc. - Announcement of Public Beta:
"Norton Internet Security™ 2005 AntiSpyware Edition provides essential protection from viruses, hackers, and privacy threats. This easy-to-use, integrated product includes virus protection, spyware removal, a firewall, intrusion prevention, privacy protection, spam detection, and content filtering.
"This edition includes powerful new Norton™ Spyware Protection (available for Windows® 2000 and Windows XP only), which automatically detects and removes both spyware and adware. Norton Spyware Protection even helps you identify adware that’s needed to run programs you want."
April 16, 2005
A discussion thread about using iTunes with MP3 players other than Apple iPods - Is Itunes compatible with any other MP3 Player? - by "TJ Talluto"
Simple explanation - with pictures! - on how spyware happens - Howstuffworks "How Spyware Works" . All-in-all How Stuff Works is an interesting web site with accessible, though sometimes dated, write-ups.
And for those who wonder why I am always saying that there's "no easy answer" to spyware/malware/adware problems... try following the Q and A in this solution discussion at Spywarewarrior Forum - Spyware Warrior :: View topic - hijacked and frustrated [VX2]-
Hi, My browser has been Hijacked. by malware I have run the ad-aware and system mechanic sypware keep coming up with the same malware and I cannot display any pages with my browser. I have verizon dsl they have not helped. running windows xp-2 and internet explorer. Looks like something about shopnav. If that helps any
Now... don't cheat yourself... scroll down and read the last post from spyware removal expert Blender. She has a neat summary, including links, on how to protect and immunize yourself to future spyware/malware/adware problems.