Fscking adware/spyware

[greatbear]

I just spent the last couple hours hunting down and removing a pile of ad/spy/mal/scumware on this PC. I came back to my PC after showering and find a pile of dialog boxes wanting to install GAIN/Gator, CoolWebSearch, change my homepage, etc... you guessed it, all the nasties werre there. Thing is, I did not visit any websites known for that shit, only occasionally dealing with a stray popup that evades the blocker. Perhaps one of those contained the trigger. I watched as the programs 'mutated' and avoided the scanning tools. Between running Ad-Aware, Spybot Search and Destroy, killing files manually and isolating the PC from the LAN, I think I got it all.

I am not one who has an 'unsecured' PC. In fact, I run with rather strict settings to prevent this shit from occurring, and run various programs to block/scan and avoid these things. Still, it managed to come in.

I am pissed.

The purveyors of this trash should be forced to watch their children be molested by the entire membership of NAMBLA, their houses burned and their knees and ankles shattered with a 20 pound sledgehammer (I'll volunteer for the latter, I have the hammer).

Fuckers.

Comments

[hypertwink.livejournal.com]

I know. I used Spybot and AdAware when I cleaned my computer. It took me a weekend to do it, and I still go through it every 3-4 days to make sure,

[greatbearmd.livejournal.com]

Scan often, update religiously!

[madhugger.livejournal.com]

This past week was a big week for the spreading of such crap.
I was nailed by a couple parasites that ad-aware, hijack this and my virus scan missed entirely. Found a new ap that did a great job at searching the stuff down and destroying it. The real kicker was the invasion to my restore settings and anti-virus software (had to remove it and re-install it to take care of one bug).

I am with you wholeheartedly on the punishment for these muck dwelling bastards!

[greatbearmd.livejournal.com]

Sadly this is only going to get worse. It's a war zone on the desktop.

[quirkstreet.livejournal.com]

Yikes. That sucks. Glad you got it cleaned up. I just love how you titled the post "Fscking ..." Heh. I'm in at work early this morning doing Unixy stuff, it was a very appropriate post to read.

[greatbearmd.livejournal.com]

It's my way of flying under 'censorware' and giving a nod to all us geeks out there. ;)

[jrjarrett.livejournal.com]

There's a local radio show called "SoundBytes" up this way, and they talk about a website they've put together called "The Security Tango" (http://www.securitytango.com/).

It tells you what software you need and how to clean up your Windows computer. I think you seem pretty savvy about this stuff, but in case anyone reading this, or any one you know seems confused, send 'em here.

Thanks

[perkk.livejournal.com]

The site looks good. I routinely recommend the use of Antivirus, Antispam, Personal Firewall, and some form of Privacy Software. The only thing I would add to their list would be SpywareBlaster by Javacool Software (free). It's a good inoculation program for Internet Explorer and Firefox, disabling a lot of bad signed ActiveX controls and setting up a number of domains to not set cookies.

For removing badware (a superset of malware which includes adware) I sometimes use HijackThis which looks for all the ways to hook a system, short of replacing DLL's and patching executables (which Antivirus is good at finding).

If you must use IE, I generally recommend disabling 3^rd Party cookies, allow session cookies, set 1^st Party Cookies to prompt and manage manually. If you use Outlook, I recommend upgrading to Outlook 2003 and note the security features about not loading images in HTML emails and attachment blocking.

Re: Thanks

[jrjarrett.livejournal.com]

Hehe.

Well, for the most part, I don't worry because I use my Macs for my main machines, I have a hardware router with only a very few ports open, mostly to the Mac and my Sun, and I don't get email on my PC.

I still have Macafee and Adaware on my PC (adaware only ever finds cookies as badness).

[greatbearmd.livejournal.com]

It was how it suddenly showed up that got to me. Walk away from the PC for 20 minutes, come back and it's all there, staring me in the face and mutating and evading the entire time I am after the crap. This PC among several others sits behind a firewalled server. The old clunky server rarely gets affected, and this particular PC, which is actually the most heavily guarded, gets nailed. Arrrgh.

I guess I have to be even more diligent at updating all the sig and def files for various protections now. *sigh*

[musicmanchicago.livejournal.com]

I just got the hottest visual of oyu sweaty with a sledge hammer..... ;)

[greatbearmd.livejournal.com]

I used to have a shirtless pic of me splitting firewood with that sledgehammer. I'll see if I still have it. ;)

[musicmanchicago.livejournal.com]

hmmmm now that was an excellent welcome to the office!

[thegreenbear.livejournal.com]

Oh stop holding back... Tell us how ya REALLY feel about it!

And can I join the club?

[greatbearmd.livejournal.com]

Applications now being accepted!

[thegreenbear.livejournal.com]

WOO HOO!!! SIGN ME UP!!!