RSS Archive Contact Us Advertise

IT Management Begins With Security
SecurityProNews > News > Security News > The Horror Of Spyware
Search:
[ news_security_news ]

The Horror Of Spyware



David Utter
Staff Writer
2007-06-20

SecurityProNews: News RSS Feed Security News RSS Feed


Coding Horror's Jeff Atwood ventured onto the Internet in search of no-cd game patches for a fresh re-installation of Windows XP SP2, and got nailed by a drive-by malware installation.

By venturing online to websites for his desired game patches, before applying the host of Microsoft updates a fresh installation needs, Atwood exposed his PC to the sordid side of the Internet.

Atwood was victimized faster than you can say, "Hey buddy, wanna buy a Rolex?"

He recounted his tale on the Coding Horror blog that he pens. "I figured I'd save myself that work, and just pop into a few specific web sites for a few quick downloads. Couldn't hurt, right?"

"Let my mistake be a lesson to everyone reading this: never browse the web without the very latest version of your preferred web browser," he continued.

Then he decided to explore the malware problem further, this time from a default installation of the September 2001 version of XP, inside of a virtual machine.

A NAT router prevented any passive infection from taking place before Atwood began surfing.

As soon as he hit the GameCopyWorld website, it was game over for his virtual gaming machine:

This comes as a shock to me, because GameCopyWorld is recommended often in gaming forums. I consider(ed) it a reputable web site. I've never had a problem with the site before, because I usually surf with the latest updates. But the unpatched browser spyware infestation from visiting GCW-- just from visiting the web pages, even if you don't download a single thing-- is nearly immediate and completely devastating.
From there, Atwood turned to a series of Sysinternals applications to unhook the malware from the virtual PC.

His post showed how he stepped through processes and registry information to track down and clean the virtual machine of the spyware.

Some commenters on his story suggested the steps he took may not have been enough, if a rootkit had made it onto the system.

They said Rootkit Revealer should be run on such a system as well.

Tags: , ,


About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More news_security_news Articles

SecurityProNews: News RSS Feed Security News RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2009 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds