Blankety blank doggone blank blankety blanks!! Friggin malware.

[Brad Johnson]

Spent the morning fighting a malware problem on my home machine. 

The lovely folks at Registry Defender need a few body parts placed in a vise.  What an invasive piece of crap.  It just showed up one day, popping up to say 'Hi!' every few minutes.  McAffee apparently doesn't see it at all.  Ad-Aware Pro saw it but wouldn't or couldn't delete it.  Malwarebytes wouldn't even install (the .exe file mysteriously kept "disappearing").  I finally got a random-name MWB executable to stay put and left it running right before lunch.  I'm headed home to check on it now.

I'm seriously thinking about sending the sorry SOBs at Registry Defender a bill for my time and for reimbursment on the additional software (I occasionally bill by the hour and can legitimately hit them for lost time).  When I get back to the office I'm going to search for a few legal precedents, or maybe some applicable statues, that I can throw into the nasty-gram for good measure.  DTPA and a few selected interstate commerce provisions are the first two that come to mind, but I'm sure there are more.

Sorry sonsaleaches.  Hate 'em.

Brad

[Balog]

Was it something you DL'ed on purpose, or just picked up along the way?

[Brad Johnson]

Just popped up one day, literally.  I was sitting at the computer (on APS, by the way) and started getting the "Your computer may not be protected! Download THIS!" popups.

Looks like Malwarebytes took care of it, though.  It found three seperate trojans, all having multiple embeddings.  One was instance was embedded square in the middle of Ad-Aware.  I suppose I shouldn't be surprised at that, though.  I ran the fix routine, rebooted as instructed, then rebooted again to Safe Mode and am running MWB one more time just to see if anything else pops up.

Brad

[Brad Johnson]

Well, well...

Mawarebytes found and instance of Hijack on my office machine. Nuked that sucker right off, though.

Brad

[RocketMan]

Well, well...

Mawarebytes found and instance of Hijack on my office machine. Nuked that sucker right off, though.

Brad

It wasn't a false positive on Trend Micro's "HijackThis", was it?  HijackThis is a legitimate anti-malware program that is quite handy.

[Jim147]

Let us know how billing them goes for you.

I stopped working on computers and I'm getting a couple a week in right now with different names of the same crapware.

jim

[Brad Johnson]

Did some searches and the ONLY way to contact them is via e-mail, and from their web page (which is loaded with all kinds of piggy-backed crap).

Malwarebytes did the job, though.  I'm usually leery of any kind of freeware, especially for stuff like this.  But the program comes highly recommend via a ton of positive web mentions and seemed to work just as advertised.

Brad

[Jim147]

You know I find it kind of strange that everyone I have talked with one of these crapware programs has been blaming Microsoft or Norton or who ever they are paying for antivirus. One of them even downloads everything he comes across online. But none of them want to take the time to learn about their systems or the real software that is avalible out there. Like Malwarebytes.

I prefer everyone be as selfsuffecent as posible. But then again I need to make a buck somewhere.

jim

[Brad Johnson]

One of them even downloads everything he comes across online. But none of them want to take the time to learn about their systems or the real software that is avalible out there.

Or to school themselves on the semantics of what is, and isn't a valid email.

Brad

[T.O.M.]

I've had that one hit me a few times.  The IT guys warned me that the newest game in town is to hijack a link on Yahoo or Google home pages.  You hit the link, and you get where you wanted to go, but also pick up a present along the way.  My last one came from a hijacked Sports Illustrated link.  It was a fun one.  Not only did I get the security warnings and threats, with the "must buy our protection" pop ups, I then started with the hardcore p0rn pop-ups to make me want to buy the protection.  Malwarebytes did the trick.  Although, I'm dealing with a new one now.  It's a new one, which is avoiding all of the detectors (Ad-aware, malwarebuytes, etc.).  Although, this one is pretty lame.  If I use a search engine, and click on a link I get as a result, it re-directs me to somewhere else, most often a company offering domain registry, items for sale, or (I love this one) the FBI home page.

[Brad Johnson]

If I use a search engine, and click on a link I get as a result, it re-directs me to somewhere else, most often a company offering domain registry, items for sale, or (I love this one) the FBI home page.

Irony can be pretty ironic sometimes.

Brad