Free Republic
Browse · Search
Topics · Post Article

Skip to comments.

PestPatrol Shares Spyware Lessons ( Company will offer database of known... free.)
PCWorld ^ | Wednesday, June 30, 2004 | Emily Kumler, Medill News Service

Posted on 06/30/2004 10:27:16 PM PDT by Ernest_at_the_Beach

Combating spyware is PestPatrol's job, but this week the company expanded from simply selling anti-spyware software to educating the public about the threat. PestPatrol is now offering its immense database of known spyware threats to the public, free of charge.


"We believe we've created the world's largest database of known spyware," says David Stag PestPatrol's cofounder. "For each threat, we develop detailed background information on their behavior, their prevalence, and removal strategies."

Protecting PCs

The database is available to the public at

At the site, visitors can find step-by-step instructions on how to protect themselves, including tips on how to use a hosts file to block ads, how to block pornography, and how to clear a hijacked page.

Spyware is an increasing threat to all computer users. It contaminates PCs with annoying pop-up ads or more dangerous keystroke loggers, which can result in stolen passwords leading to identity theft. Consumers are often unaware that their machines are infected. The two most common signs of a contaminated machine are a noticeably slower Internet connection and pop-up ads that reappear every time the machine is powered on.

Gathering Information

PestPatrol realized that the best way to stop spyware from spreading is to educate the public. The company has compiled a large database on spyware trends because it has been gathering information on malicious code for four years, since it first introduced its anti-spyware software to the market.

Its online library includes more than 21,000 types of pests lurking in the cyberworld. While the company sells its anti-spyware software, the site features free advice on how to delete the infectious programs and prevent future attacks.

The team responsible for gathering spyware data at the PestPatrol Center for Pest Research has developed automated monitoring software that identifies new threats, enabling team members to react to new types of spyware quickly. The team can quickly post information regarding the threat (and ways to counter it) on the site.

Congress currently is working out the kinks in new legislation outlawing spyware.

TOPICS: Extended News; Miscellaneous; News/Current Events; Technical
KEYWORDS: malware; spyware
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-76 next last

1 posted on 06/30/2004 10:27:17 PM PDT by Ernest_at_the_Beach
[ Post Reply | Private Reply | View Replies]

To: Ernest_at_the_Beach


2 posted on 06/30/2004 10:28:26 PM PDT by Brad’s Gramma (God Bless America)
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe; ShadowAce; rdb; NormsRevenge; Grampa Dave; blam; Dog; Cap Huff; Howlin; McGavin999; ...
Spybot is another package in the arena.
3 posted on 06/30/2004 10:30:31 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach
List of threads turned up by search with phrase 'spyware':


MSN Spyware? ^

      Posted by OldCorps
On News/Activism ^ 02/27/2004 9:47:06 AM PST with 62 comments

Self ^ | Feb 27, 2004 | self
Opera is Spyware!? ^
      Posted by ShadowAce
On News/Activism ^ 04/22/2003 11:38:23 AM PDT with 45 comments

The Inquirer ^ | 21 April 2003 | Andrew Busigin
NewsMax installs Spyware ^
      Posted by MineralMan
On News/Activism ^ 04/16/2004 1:45:56 PM PDT with 44 comments

Self | 4/16/04 | MineralMan
Tenacious Spyware Problem (Vanity) ^
      Posted by Born Conservative
On News/Activism ^ 06/16/2004 10:42:22 AM PDT with 105 comments

6/16/04 | Me, Myself, and I
computer questions: ethernet, spyware, viruses ^
      Posted by Commie Basher
On General Interest (Chat) ^ 09/21/2003 5:30:26 AM PDT with 86 comments

Programs: 'Spyware' Can Shatter Privacy, Trust  ^
      Posted by Leroy S. Mort
On News/Activism ^ 10/05/2003 8:20:05 AM PDT with 3 comments

Reuters ^ | October 5, 2003 | Gene Emery
Dell Policy Forbids Spyware Removal Support ^
      Posted by Born Conservative
On News/Activism ^ 12/04/2003 4:43:21 AM PST with 37 comments

Spyware Weekly Newsletter ^ | 12/2/2003
Drudge Site Ripe with Computer Slowing Spyware ^
      Posted by BJungNan
On News/Activism ^ 09/21/2003 2:59:04 PM PDT with 101 comments

AdAware ^ | September 21, 2003 | BJungNan
Patriotism? No, just more pop-ups (Spyware alert!) ^
      Posted by finnman69
On News/Activism ^ 05/21/2003 7:36:22 AM PDT with 27 comments

msnbc ^ | 5/20/03 | Bob Sullivan
'Spyware' would be tricky to outlaw, group says  ^
      Posted by steppenwolffe
On News/Activism ^ 11/19/2003 10:04:50 AM PST with 9 comments

cnn ^ | 11-19-03
Spyware cures may cause more harm than good ^
      Posted by justlurking
On News/Activism ^ 02/05/2004 7:40:54 AM PST with 151 comments

C/Net ^ | 2/4/2004 | John Borland
Got to Drudge website: get hit with spyware ^
      Posted by Grig
On General Interest (Chat) ^ 02/19/2004 9:51:55 AM PST with 35 comments

Message To Spyware: Get Off Our Private Property ^
      Posted by j_tull
On News/Activism ^ 04/10/2004 5:37:46 AM PDT with 29 comments

Tech News World ^ | Gene J. Koprowski
'Pop-up' firm seeks to block spyware act  ^
      Posted by Excuse_My_Bellicosity
On News/Activism ^ 06/11/2004 1:33:41 PM PDT with 65 comments

Salt Lake Tribune ^ | 6/11/2004 | Glen Warchol
Spyware slowing computer - ad aware fixed it (not a commercial) ^
      Posted by BJungNan
On News/Activism ^ 09/01/2003 8:22:33 PM PDT with 32 comments

Lavasoft and me ^ | Me
Heads Up! Someone is posting xupitor spyware link; Don't open it! ^
      Posted by FBD
On News/Activism ^ 01/27/2003 8:09:44 AM PST with 100 comments

1/27/2003 | self
Antispyware vendors come under fire (spyware alert from American Cnet News)  ^
      Posted by gdyniawitawa
On News/Activism ^ 02/11/2004 4:50:06 PM PST with 13 comments

cnet news ^ | Last modified: February 11, 2004, 11:08 AM PST | Staff Writer, CNET
PestPatrol Shares Spyware Lessons ( Company will offer database of known... free.) ^
      Posted by Ernest_at_the_Beach
On News/Activism ^ 06/30/2004 10:27:16 PM PDT with 2 comments

PCWorld ^ | Wednesday, June 30, 2004 | Emily Kumler, Medill News Service
Unlikely German Leads the War Against Spyware -- Spybot Seatch & Destroy Created by Anarchist ^
      Posted by TroutStalker
On News/Activism ^ 09/25/2003 5:56:33 AM PDT with 8 comments

The Wall Street Journal ^ | Thursday, September 25, 2003 | James R. Hagerty and Annick Moes
See you later, anti-Gators? (Gator forces sites NOT to call it spyware) ^
      Posted by mhking
On News/Activism ^ 10/23/2003 10:01:42 AM PDT with 56 comments

CNet ^ | 10.22.03 | Paul Festa
Tech?:Did I get spyware from Google or somewhere else that affects my Google results? ^
      Posted by finnman69
On News/Activism ^ 05/06/2004 1:33:27 PM PDT with 91 comments

finnman69 | 5/4/4 | finnman69

4 posted on 06/30/2004 10:35:44 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 3 | View Replies]


5 posted on 06/30/2004 10:38:08 PM PDT by jokar (On line data base
[ Post Reply | Private Reply | To 1 | View Replies]

To: All
Additional recent threads:


New Microsoft IE Malware ^

6 posted on 06/30/2004 10:40:47 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: All

Internet Attack Exploits Microsoft Software Flaws ( Internet Explorer vulnerable )

7 posted on 06/30/2004 10:45:15 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Ernest_at_the_Beach

Spybot Search and Destroy


SpywareBlaster 3.1

I have both and are finding them both useful, and have not had any problems.

But as with any software, read about it ( see above links), then download and run it at your own risk.

8 posted on 06/30/2004 10:48:01 PM PDT by FairOpinion (If you are not voting for Bush, you are voting for the terrorists.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach

That first link was dead - here it is:
MSN Spyware?

9 posted on 06/30/2004 10:50:13 PM PDT by backhoe ("It's so easy to spend someone else's money." [ My Dad, circa 1958])
[ Post Reply | Private Reply | To 6 | View Replies]

To: backhoe


I think I missed the one that checked out the registry.

10 posted on 06/30/2004 10:53:34 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: FairOpinion
You need this also, Browser Helper Objects (BHO) scanning tool

See post #6!

And you can examine your cookies with Karen's Cookie Viewer

I think I erased my tracks to where I found that.

What a circus this spyware crap is turning into!!!

11 posted on 06/30/2004 10:58:30 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: All
BTW, here's the best forum I found so far:

SWI Forums

12 posted on 06/30/2004 11:01:10 PM PDT by backhoe (-30-)
[ Post Reply | Private Reply | To 4 | View Replies]

To: FairOpinion

Anyone have problems with spybot not updating ? Never sems to be an update for that search and destroy thang.........???

Stay safe !

13 posted on 06/30/2004 11:06:10 PM PDT by Squantos (Be polite. Be professional. But, have a plan to kill everyone you meet.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Born Conservative; COEXERJ145; CyberCowboy777; Musket; JLO; Publius6961; Ulysses; meadsjn; ...

Hugh Ping!

14 posted on 06/30/2004 11:08:15 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Squantos

Check out the tool referenced in post # 6 to fight the NEWEST nasty.

It does not exploit a flaw in Windows it exploits a FEATURE.......

15 posted on 06/30/2004 11:11:59 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Ernest_at_the_Beach

I use Pestpatrol, along with the others listed here, actually I filled in my security holes through suggestions on FR, so a big thanks to those who offer help to Freepers.

If anyone here is very fimilar with pestpatrol, I have a question I can't answer, the pestpatrol cookies screen, will erase the selected (or unselected) cookies, but those continue to reside on my computer. What's going on with that, does pestpatrol disable them but leave them in the computer, or am I missing something?

16 posted on 06/30/2004 11:14:42 PM PDT by JerseyHighlander
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach
While we are sharing tips on how to get rid of this nasty garbage, here's a copy of the best email I got during the last outbreak, regarding various information... the links are invaluable:

To recipients of emails with the subject line:  {Spam?} Re: {Spam?} RE: {Spam?} {Virus?} {Spam?} Check this out kid!!!

Okay, since all of you are sending ME stuff, I will send back to you some answers and cures.  So far I have received more than four dozen of your emails complaining about me and the others of you sending a virus.

Here is my analysis of what is happening and what you, each of you, can do about it.

First of all, do not send anything to cis-announce or cis-outgoing or any variation thereof.  Those might be their entire mailing list!  So let's not perpetuate this thing.  I am sending this email to all parties, including the firms named herein, and including an office in Homeland Security which is one of the senders to me!

It is possible that this particular virus is adding the word {Spam?} to its outgoing mail because I received from CIS their regular mailing with their regular subject line, but that word in brackets had been added at the beginning of the subject line.

Obviously, we are under attack from a virus, a Hungarian virus called Worm.Zafi.B.  Right now, this particular virus is the most "widespread email worm at the moment" and you can read the whole story which came out just about an hour ago: This is truly an international virus, as described here in the Virus Encyclopedia: Down toward the bottom you will find the text of the emails YOU got, along with the description of the attachment that was deleted (hopefully).  Note that I have received the original email with the attachment removed and replaced with text telling me what the virus is!  Here is that text:

This is a message from the MailScanner E-Mail Virus Protection Service
The original e-mail attachment "jennifer the wild girl xxx07.jpg.pif"
was believed to be infected by a virus and has been replaced by this warning
If you wish to receive a copy of the *infected* attachment, please
e-mail helpdesk and include the whole of this message
in your request. Alternatively, you can call them, with
the contents of this message to hand when you call.
At Sat Jun 12 17:19:29 2004 the virus scanner said:
   ClamAV: jennifer the wild girl xxx07.jpg.pif contains Worm.Zafi.B
   MailScanner: Shortcuts to MS-Dos programs are very dangerous in email (jennifer the wild girl xxx07.jpg.pif)
Note to Help Desk: Look on the MailScanner in /var/spool/MailScanner/quarantine/20040612 (message i5CLDxhq003158).
Mailscanner thanks transtec Computers for their support
Someone's computer is infected, and typically a virus will get into one person's computer, look around for email addresses, then send itself out to a whole bunch of the addresses it finds.

You cannot tell who really has the infected computer because the virus "spoofs" the sender's name, making it look like it is coming from someone else, NOT the person se computer is infected.  It will just pick at random one of those addresses that it found and use that as the "sender" and send itself to the other email addresses.  That is called "spoofing" which is quite commonly done by viruses.

An example:  Sharon's computer gets a virus which then sends itself to everyone in her address book but it looks like all those emails came from James!  Poor James doesn't even know this is happening until he starts getting those "bounced" emails saying that he is sending a virus.  He is innocent, does not have a virus, because all that is coming from Sharon's computer!  And Sharon has absolutely no clue that her computer is infected and doing all this.

Only by looking at the header of one of those spoofed emails very carefully can you get a hint of where it might be really coming from.  The following are two places where you can get a removal tool if you think you might be infected.

This is from
-- Update June 14th, 2004 03:01 PST --
The risk assessment of this threat has been raised to Medium due to increased prevalence.

If you think that you may be infected with this threat, and are unsure how to check your system, you may download the Stinger tool to scan your system and remove the virus if present.  This is not required for McAfee users as McAfee products are capable of detecting and removing the virus with the latest update. (see the removal instructions below for more information).

Note: Receiving an email alert stating that the virus came from your email address is not an indication that you are infected as the virus often forges the from address.
And this from
F-Secure provides the special disinfection utility to eliminate Zafi.B worm infection. You can download this utility from our ftp site:
Disinfection instructions can be found here:
I myself started getting these emails from "James Moore" on Saturday.  I have received several by now.  The header from one of the earlier ones is pasted below.  (It is NOT infected as it is a copy and paste rather than any kind of forwarding, which could perpetuate the virus.)

I have bolded some interesting lines.   The "return path" appears to be CIS.ORG.

A couple of other possibilities are these:  Numbers USA and The Social Contract are both clients of, which appears in the header.  Note that is another name for whetstonelogic which specializes in "political intelligence tools".  Take a look at the header below.

You will see which belongs to a law firm in Florida.  Did the emails originate there?  Or did they just go through their servers?  We don't know.  But in any case I sending all the these organizations a copy of this email.  Any one or all of the them might be infected and unknowingly sending out the virus to everyone else.

All of these organizations should check for viruses.  And so should you, the individuals that have received those emails from the "alleged" James Moore.

Here is the plan of action.  I am the webmaster for Terry Anderson and last fall I designed a page when we had another virus outbreak.  I called it "Got Virus?" and put up there the results of my research of what you can do to protect yourself and some free virus scans you can go to find out if you are infected.  Just finding those scan sites took a great deal of time, so all the work is already done -- all you have to do is run them on your own computers.  Everyone that receives this particular email should go to the following webpage and do your scans right away, and then at least once a week thereafter.  Bookmark the page and come back every week.  And update your Norton every day!  Including the special page that is updated more often than the "Live Update": I just ran all four scans and my computer is clean.

Also, make sure you have Norton Anti-virus and Zone Alarm (a free firewall).  The links are on the "Got Virus?" page.  There again, the link for Zone Alarm was hard to find on their website, so I saved you all that time by putting it there.

To summarize, it is imperative that all of these check for viruses and make sure that

        2.      Numbers USA
        3.      The Social Contract
        4.      Byrom, Miller & Coleman
        4.      Everyone else receiving this email

                        should immediately:

        A.      Get anti-virus if you don't have it.
        B.      Get Zone Alarm if you don't have it.
        C.      Set your "Scheduled Tasks" to update every day,
                        both Live Update and
        D.      Run all the scans on
        E.      Run #D at least once a week.

These things need to be done immediately because this virus is proliferating rapidly!  While I wrote I received two dozen more of the spoofed emails!

Good luck!  If you have questions, please don't hesitate to contact me.  We are all in this together, regarding immigration as well as these virii.


In the FWI department, AVG found a trojan that all other online scans had missed... a "schedA" hiding in that blasted index.dat file that microsoft squirrels away all over your drive... if you have tried to get rid of this space-hogging file, then you know that in normal mode you get an "access sharing violation" when you try to delete the bleeding thing. AVG sends it to their virus vault. You can then delete the folder it's in with no harm done.

Just on general principles, set your browser to "delete, empty, or flush" your "cache" or "temporary files" on closing, and use disc cleanup ( in System Tools ) and Defrag to flush most of this garbage and hopefully overwrite it.

17 posted on 06/30/2004 11:16:34 PM PDT by backhoe (-30-)
[ Post Reply | Private Reply | To 10 | View Replies]

To: backhoe
AVG is what?
18 posted on 06/30/2004 11:22:20 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: Ernest_at_the_Beach

This is excellent.

Spyware has become as much or more of a problem then viruses.

Well done to PestPatrol, they seem to have the most effective solution that I have found so far.

19 posted on 06/30/2004 11:25:33 PM PDT by sd-joe
[ Post Reply | Private Reply | To 1 | View Replies]

To: backhoe
Just on general principles, set your browser to "delete, empty, or flush" your "cache" or "temporary files" on closing, and use disc cleanup ( in System Tools ) and Defrag to flush most of this garbage and hopefully overwrite it.

Wonder how I do that with Firefox?

20 posted on 06/30/2004 11:25:41 PM PDT by Ernest_at_the_Beach (.)
[ Post Reply | Private Reply | To 17 | View Replies]

Navigation: use the links below to view more comments.
first 1-2021-4041-6061-76 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794 is powered by software copyright 2000-2008 John Robinson