Well I just got done spending about 2 hours (including wait time and researching) cleaning some god damn spyware of my roomates computer.

My roomate isn't a computer nerd, but he does know how to use a system. He knows not to install things that show up online, not to run things you get via email, and not to click on popups. Basically, he has common sense.

Well despite all that he managed to get some spyware... not because of anything he did, but because of something microsoft didn't do. He simply went to a page, and it had a pop up that took advantage of an IE exploit, that allowed a really nasty piece of spyware to be installed on his computer.

This thing did the common change start page of IE + create random web popups. But it also did something MUCH more anoying, that I have been seeing in spyware.

That being, it purposely does things to make itself near imposible to get rid of (especially for the average user). This one did a ton of crap... all because of how much of a POS Windows is. Windows is crap because it gives normal software more control than I have.

For instance, this stuff imbeded it self in the registry so it would always start with the computer (software shouldn't be able to decide that for itself). But not only that, it made it so it would have a random name of the file it was using, and change that value in the registry. Thus changing it there did nothing. You had to delete the file. Well it because of the random name, you can't just search google and find out exactly what it is and how to remove it, or how to look for it. It takes some real internet sluthing skills to track this down. So, with it always runing, and changing itself, you have to find which file it is, and remove it before it morphs again.

Well that would seem easy, except the damn thing also registers itself as a system file. Not just something with a .dll that is normally hidden, but a true system file that has an option to show them, that few people have hidden. Well no software should have that power either. I want someone from Microsoft to tell me how the fuck a program that does nothing but steal info from me, create popups, change my settings and fuck things up is a 'critical system program'

To make things worse, this thing also caused random errors in things you would do to remove the bastard. Going to windows update would crash the system. Runing spybot, ad-aware and anything else would also not finish and have serious problems. This thing purposly disabled that stuff. It shouldn't have the power to disable other programs, if it wants to fuck with something it shouldn't be allowed to fuck with anything but itself.

So just how bad does MS handle that? Well, for those of you who don't know, the kernel is the CORE part of an operating system. The lowest level and most critcal things are kept there... it should be protected above all. Well what did this shit do? Check this out. This is a REAL, UNEDITED screen shot:

http://www.mines.edu/students/p/pfchrist/error.jpg

How the fuck did a program have the power to get the kernel to crash itself... that is just insane.

So, this thing would run in the background, preventing itself from becoming removed (can't delete things in use). Crashing all things that might be used to fix it, and constantly trying to hide itself.

So what happened? I tried everything I could think of (which is a lot figuring i've been doing stuff like this for 7-8 years) and still had trouble removing it. Ended up finding a program that was specifically designed to kill this sucker. The main thing that helped us find it, was that it set the homepage to about:blank every time it ran. Well there is a program someone wrote called about:blaster that removes the thing. Since the filenames that it installs and runs under are random, it has to do a search to find them. Well it found the randomly named files, and removed them, and also others, which had fun names with things like 'java' and 'iexplorer' to make them look more official.

Well that thing said it got rid of everything, and we thought we had the damn thing taken care of. But now the fucker came back. We ran that program, ran another called CWShredder.exe, spybot, ad-aware, norton and windows update (again).

This shit pisses me off to no end. Software shouldn't have this much control. In my opinion it's just common sense to have software follow these conditions:

1) Software shouldn't be allowed to fuck anything up but itself, ie shouldn't be able to crash other programs or hardware
2) Software shouldn't be able to change my settings. They are MY settings, set to MY preferences. I don't want that shit making MY decisions
3) Software shouldn't be able to hide from me and make itself hard to remove. If it has enough power to keep it on the system, something is wrong with the system. I should have the ability to take crap off.

Microsoft Windows has got to be the biggest security and privacy problem the world has ever seen.

Also makers of shit like this need to be punished. They are right up there with thieves in my book. They need to be firebombed and or shot, with their fingers cut off so they can't write any more code. The line between spyware and virii is growning thiner and thiner with each new MS security flaw found.....

People keep bitching at Bush for taking away their rights and freedom, they need to be bitching at Bill....

I know, I hate windows more than I hate people who steal dogs. When will it all end?

cliffnotes?

Too long to read so late.

i read it.

spyware blows i agree.

Ohh yea... another thing that seriously pisses me off, is that the stuff this shit is advertising and trying to get me to buy is crap that blocks pop ups and removes spyware!!!

Give me a fucking brake. I know this HAS to be illegal. It's like the mafia getting 'protection' fees. It's like me drenching your car with bright lime green paint and then charging you to get rid of it. Fuck this shit... time for some action against these fuckers

Fuck this shit... time for some action against these fuckers

Install a decent browser with good pop up protection, stop using IE and be done with it.

Install a decent browser with good pop up protection, stop using IE and be done with it.

I do. My system is very very secure. I love Linux because software can't do any of the things I mentioned.

The problem is, not everyone can run Linux. When you are the 'computer guy' for friends, family, classmates, neighbors and everyone you come in contact with, you will still have to deal with this stuff. As I said in the post, this was my roomates computer. I can tell people to use firefox, but can't force them to. However, when ever I get called on to fix something like this (or anything else) I fix the computers up with spybot, avg, google toolbar (if they use ie) firefox, open office and other things.

So, I can use what software I want to prevent the problem on my machine, but I (and I imagine others in my position) still have to deal with it. Besides, the software isn't really the core problem, it's Windows that's the problem. The software wouldn't exist if MS had a better philosophy about their OS.

Yeah, I hate this shit too. My work PC recently got infected by a very persistent IE toolbar. I had all of the updates, current anti-virus definitions, and our internal spyware software, but it still got in. I don't even go to questionable websites while at work.

I can't imagine that it's legal in any way... you could easily make the case that it's an unauthorized intrusion, steals information, and has malicious intent. It is clearly spying on confidential corporate information. We could only hope for a wave of corporate lawsuits to help end this shit.

...
So, I can use what software I want to prevent the problem on my machine, but I (and I imagine others in my position) still have to deal with it. Besides, the software isn't really the core problem, it's Windows that's the problem. The software wouldn't exist if MS had a better philosophy about their OS.

So, are you trying to tell us that it's bad to do everything as the super-user? :rofl: I guess at least MS is starting to build some security between users, but I won't trust it any time soon. Don't really care for their million vulnerabilities that aren't patched yet either.

I hate MS so bad. :mad:

I had one of those toolbar things take over when i recovered my sys after the HD fail. Fresh install of windows didn't even get to update before a site took it over and installed that damn thing. Did the same thing with the random dll names and all that to make it a PITA to remove. I couldn't do it manually.

Did you get rid of yours yet? If not the only way I was able to clean mine was to get a program that was specifically designed to give you full control over the toolbars that show up. You just find the one that isn't suposed to be there and turn it off/remove it. I can probably find it again if you need it.

If you guys hate Microsoft products so badly...

www.mac.com

Do something about it and quit yer bitchin!

You get what you pay for and a computer that runs windows is cheap. If you convert over to OSX, You will not be disappointed. I still run windows though because I'm a cheap ass but in my classes I use a Mac and love it.

Yeah, I just had to find it all over the registry and get rid of that and it's DLLs. I was able to remove it from IE pretty easily in the registry, so it seemed to be inactive at least, but tracking down it's files was a bit more time consuming. They were well hidden too... I couldn't see them in Windows Explorer (even though it is set to show hidden and system files), so I had to use the command prompt.

If you guys hate Microsoft products so badly...

www.mac.com

Do something about it and quit yer bitchin!

You get what you pay for and a computer that runs windows is cheap. If you convert over to OSX, You will not be disappointed. I still run windows though because I'm a cheap ass but in my classes I use a Mac and love it.

www.Linux.org :)

We're only bitching about this because we have to deal with people who insist on running MS crapware, and I'm forced to do the same at work.

I've honistly never been on a computer that ran linux. How does it compare and how is its ease of use? I'm not a computer idiot by any means but I still have alot to learn.

That same shit happened to me. I tried everything I knew of to get rid of it and couldn't. I finally had to reformat my hd to get rid off all that shit. I don't understand how the can get away with taking over people's computers.

If you guys hate Microsoft products so badly...

www.mac.com

Do something about it and quit yer bitchin!

You get what you pay for and a computer that runs windows is cheap. If you convert over to OSX, You will not be disappointed. I still run windows though because I'm a cheap ass but in my classes I use a Mac and love it.

Oh wait..thats a GREAT solution! Maybe when the release some software that I actually want to use for that piece of shit system..I'd consider going to pay $4000 for a computer. Gotta be kidding here right?

There is a reason that apple has never caught on with the general public..and it only sits around in a few schools and studios...and its not the expense of them..believe me.

-Bedlam

I've honistly never been on a computer that ran linux. How does it compare and how is its ease of use? I'm not a computer idiot by any means but I still have alot to learn.

It's definately a programmer's OS, so it's not real user friendly for the masses, but it is gradually getting there. There are some distributions that are aimed at the average user, but I don't know if they are quite ready for prime time yet. But for me as a programmer, I find that I can do far more than I could with any other OS. It's also incredibly secure compared to Windows.

Edit: I actually like the MacOS very much, and think very highly of the original developers, but it is not without it's issues, nor is the company. I haven't used it much since System 7 though.

Of course Mac isn't without its issues, but I'm saying I've never had OSX crash on me, it works awesome with the image programs that I use with it and its actually becoming alot more compatible with windows and its programs. I believe our school has a Windows server that our Macs ran off of.

Just what programs do you use that you cannot use on mac...

What can you use after you get your system cleaned up.

I have it where I can block the cookies maunally when I go to different sites but I ditch IE Explorer for Firefox and I dont get all those random pop ups with Firefox but I still do get popups from IE even thogh i dont use it to get online. I must have some of the shit drilled down in my computer too. Also I notice that it disabled Windows Media Player which I have to reinstall and also my notepad does not work no more.

When I go to microsoft.com i cant d/l the updates unless i use IE and it will just automatically shut down that window when i try.

Any solutions? I know the local computer store can clean my computer for $40 but I hate spending that if I can do it myself.

I also use norton for virus protection and a few spyware removers, anything eles you guys use to secure the computer more?

Just what programs do you use that you cannot use on mac...

Doom 3, Far Cry, Painkiller, UT2004...windows media center.. ;)

It would take a really, really, long time for a comprehensive list..I'm an avid gamer.

I know there is that game where you slide the little chips around to make the apple logo tho...and tetris! cant forget that...

-Bedlam

I purchased some Linux software from them so I could recive the support when i was stuck in a "HUGE" learning proccess, and the learning curve is after 9 years in the windows enviroment, anyway..

I was setting up a cross domain email server running on a 2Ghz 512 Ram box for linux, seemed like a good platform for a small email server. My requirements were ease of use so that I could manage and maintain my companies users, maybe GUI based access..

The folks at Linux had the worst support I have ever encountered, they let some 13year old kid email me and said shit like..
"bro dude iss simple just download and install dude, not much else to it" after reading about 1 half sentance I called them fuckers up and they said they let the pubic handle their support questions..I was like FU I purchased it from you so "I" could recive support from "you" they said the support was handled by the public..

At that point I threw there shit in the trash can and installed Windwows Server 2000 with exchange and thats where it stands today.

You have a valid reason to hate MS, hell everyone does.. but you can not do business today without them, my customers do not use linux, so I can not use it as a platform to develop on..

Hell, I am a game player I would be sitting around for years with nothing new to play on a linux box with public support, thats why their software is FREE! have at it

You guys first need to identify what type of browser hijack you have, if it is Cool Search, then you need to use the CWShredder removal tool. Cool Search is a nasty hijacker and come in through MS java engine, you can only get it when you enable the java tools in a unpatched version of IE.

It places files in your windows directory, you can search by date/time and see that there is a sys.reg file that contain all the propper reg entries for your home page and search engine needs..

Instead of reinstalling the OS just use the propper tools to clean it.

I've said it before and I'll say it again: javascript is evil - turn it off.

If you guys hate Microsoft products so badly...

www.mac.com

Do something about it and quit yer bitchin!

You get what you pay for and a computer that runs windows is cheap. If you convert over to OSX, You will not be disappointed. I still run windows though because I'm a cheap ass but in my classes I use a Mac and love it.

I would run OSX if I had the hardware to run it. I also probably wouldn't buy a desktop that would. However, if I was going to buy a laptop (and had the money to do so) it would be a Mac. However, for desktops it's just not as pratical as I need.

I don't think you get what you pay for, using that logic Linux should suck ass, but it doesn't.

Once again, this is not MY system. This is the system of someone I know. I use much of my time helping people (friends, family, neighbors) with their computer problems. I can't make everyone I come in contact with go out and buy a mac, or run linux, or do something like that. The reason this get's to me so much, is because I am the one that deals with these problems. It happens on their system, but they have no where near the skills to be able to deal with it. So I volunteer my time to help them, so they don't have to go out and pay $100s to get it fixed somewhere.

Also, I should point out that I don't hate Microsoft. I hate Windows. The things that Microsoft develops and releases towards developers are awesome. It's the stuff the send out to normal users that blow (ie windows, IE and MS Office). .NET, MSDN, C#, DirectX and Visual Studio are some of the best tools that I have ever seen/used. They are all also complete spawns from MS.

What I don't understand is, that Microsoft has plenty of talent there, they also have a huge bank account, and the abililty to make some very bug free software (ie Age of Empires), but their OS is so sub par. Macintosh made an excelent move using BSD code in OSX. They now have a very nice system. But, Microsoft still tries to do everything their way, when there is better stuff availible. They have made some progress (XP >> ME), but still have a ways to go.

You guys first need to identify what type of browser hijack you have, if it is Cool Search, then you need to use the CWShredder removal tool. Cool Search is a nasty hijacker and come in through MS java engine, you can only get it when you enable the java tools in a unpatched version of IE.

It places files in your windows directory, you can search by date/time and see that there is a sys.reg file that contain all the propper reg entries for your home page and search engine needs..

Instead of reinstalling the OS just use the propper tools to clean it.

From what I have found out, this is a popular Cool Search spin off. CWShredder didn't even detect it (and couldn't dl the updates because it seemed to be down). There was a program called about:blaster that was designed just for this problem, and it found what was causing it, but that only appeared to be the end cause. Removing those stoped the problem temporarily, but after a reboot or a little while, it came back (IE is now patched so it didn't just install again). We need to find out what is runing that is continually putting this on the system.

Have you tried hijackthis?

http://www.spychecker.com/program/hijackthis.html

I just installed Java to use open office. Will I be okay using Firefox?

Java is the devil in programmatical form

Java != javascript.

I happen to like Java, but Javascript is the cause of many problems. They share nothing in common but the name.

i think everyone at some point in time goes thru the "my friend/gf is a complete idiot and now i have to clean their shit up" phase. I went thru mine a couple of months ago. After wiping the ME system by installing winxp and limiting her access, it's a lot better. I was outraged when her stupid sister came over to use mapquest and wanted her to install stupid ass adware screensavers and shit like that on my comp. I told the bitch to fuck off and if she wants to fuck shit up then do it on her own, but i ain't gonna fix it for her next time.

Our roommate isn't stupid, he just got a nasty bug from a popup.

Our roommate isn't stupid, he just got a nasty bug from a popup.

And the reason he got it was because he was in Texas all sumer and his computer wasn't in use, thus didn't get the proper security updates.

If you havent already, run all your anti spyware programs in safe mode. Then permanently set your homepage to what you like by editing the registry.

Funny he hasnt replied to my comments yet..ah well.

-Bedlam

Doc - that was beautiful!

screw that just reformat.

i use avg antivirus and adaware with adwatch soon as i format and i never get spyware.

I think he's just going to switch to Windows XP.

I think he's just going to switch to Windows XP.

im in xp pro its just as bad.

Having to reformat just to get rid of spyware that force itself onto my computer is quite what I would call a nice 'feature' of the OS.