Follow the Money; or, why does my computer keep getting infested with spyware?

[EDIT] This particular post has generated a very large amount of email, and apparently is being read by a large number of people infected with VX2. As a result, I’ve edited it, to clean up typos and to add additional information about the exploits used, the way VX2 works, and the sources of the spyware scourge. New information is identified with [EDIT].

If you’re reading this post and you’re on a Windows computer, the odds are overwhelming–between 80% and 90%–that you are infected with at least one virus or spyware program, and the odds are very high that you’re infected with dozens or hundreds.

Yes, you. Even if you are technically literate, you have a firewall, and you never download suspicious attachments, you are almost certainly infected. There is lots and lots and lots of money in computer viruses and spyware, especially the variety that makes popup ads appear on your machine. The question I’ve always had, though, is who’s making all this money by infecting your computer?

A couple nights ago, Shelly’s computer became infected. Shelly’s technically savvy, the apartment we live in is on a closed private network with a hardware firewall between us and the Internet, and she also runs a software firewall on her computer, and she still became infected nonetheless.

I spent about six hours removing the infection, and also tracking down the source of the infection, and painstakingly backtracking all the popup ads that the adware displayed on her computer. My goal: Follow the money. Discover where the infection came from, and who was making money from it. The results were, to say the least, interesting.

If you don’t care about stuff like this, you can skip the rest of this message. If you’re curious about the mechanisms by which spyware and viruses work, who is responsible for them, why they’re so common, how they spread, and most important, who makes money by creating and releasing them: read on!