Barney's Rubble

Spy Hunter

Doug Barney is fed up with spyware, and is determined that something must be done about it infiltrating our computers.

Something must be done about SpySheriff, SurfSidekick, Aurora and all the other foul varieties of spyware out there. Spyware is no longer low-level code that tracks our movements, serves up ads and steals our data. It has gotten even sneakier, embedding itself so deeply that sometimes we have to reformat to rid ourselves of its filth.

Not long ago, I wrote about Microsoft Windows AntiSpyware in a Redmond Report newsletter (sign up at Redmondmag.com). When I first used it, I got so few positives that I couldn't decide whether or not it was working. Just days after that Redmond Report item ran, my 9-year-old son Nick was hit with the most vicious attack I've ever seen.

I heard him complaining about tons of pop-ups, which is strange because the Google toolbar is generally effective. I got worried when Firefox was hit just as bad. When I looked into it, Nick's machine was a mess.

Doug Barney Pop-ups wouldn't stop popping: A legitimate-looking Microsoft error message warned that the machine was infected, and a huge pop-up conveniently offered to fix it with SpySheriff. SpySheriff masquerades as anti-spyware and even has a Web site where you could buy this garbage.

I tried to shut it down, but the Task Manager was disabled. The software had stolen my admin rights! Using Add/Remove took away SpySheriff, which had already installed itself. Seconds later, it was back—along with three or four other nasty new programs. Meanwhile, it installed a dozen or so shortcuts, including some that would make a porn star blush—all this on a 9-year-old's computer.

I loaded Windows AntiSpyware after the infestation and watched it battle. The Microsoft pop-ups telling me there was a problem were covered by the SpySheriff pop-ups, and on it went. I did some research on sites like bleeping computer.com and found removal instructions that asked me to load five more programs, boot into safe mode and manually remove a bunch of files. I took the easy route and did a total reinstall—losing bookmarks, screensavers and more in the process. SpySheriff somehow survived, but Windows Anti-Spyware found it quick enough to finally delete the beast.

Nick has another machine that was hit simultaneously by both SurfSidekick and Aurora, from the official-sounding ABI network. Aurora is almost impossible to excise. It survived a full sweep by four different anti-spyware programs, refused to be deleted by Add/Remove and has a Web-based uninstall that's an .EXE file. My guess is that you're installing something even worse by clicking this link.

These programs are not exactly hiding in the caves of Boro Boro, either. Most have Web sites, so why can't law enforcement track down the authors and prosecute them? If the laws aren't tough enough, make 'em tougher. What are these canal-water sucking spyware writers thinking anyway? Isn't the most effective spyware the most subtle? Thoughts? Send 'em to me at dbarney@redmondmag.com.

About the Author

Doug Barney is editor in chief of Redmond magazine and the VP, editorial director of Redmond Media Group.

comments powered by Disqus
Upcoming Events

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.