Spyware battle

I had a really big fight against spyware yesterday. Recently, my boss had complained about sluggish performance on his office computer, and processes that started on its own and really annoying pop-up windows. When I was first approached with this scenario, I just told him in plain text. You are infected with the plague of the web; spyware. So what to do!? Well, here comes our good friend Ad-Aware in. It’s just like a virus scanner, but it scans for malicious programs running that virus detectors doesn’t scan for, but might do just as much damage.

The first scan revealed that the computer was infected with quite a list of different types of spyware. Some where key loggers, some where usage statistics gatherers, some were drone like processes, just waiting to be used in a coordinated DDoS attack. After three scans, and the removal of more persistent spyware the computer still showed signs of being infected, even though Ad-Aware was saying everything was fine. So I started to dig a little, and by a sign of good luck, the process that caused this havoc crashed, leaving a dialog that revealed my the name of the executable. I tried to delete the file, but that of course was impossible at first, since the file was in use by the system. So I had to dive into the system registry, and see what trails it had there, and of course to remove its startup presence in the system. So after having cleaned up the registry by hand, I was ready to reboot. The computer rebooted, and I was finally able to remove the persistent little bastard that caused the havoc on my bosses computer. Nothing like playing a digital Sherlock Holmes.

But what was really good about this whole thing was that I learned something new, I learned my boss to enforce a little more aware surfing pattern, he will now use Ad-Aware on a weekly basis to scan his computer along with his already existing anti virus solution. But, the best thing is of course, that I made him ditch Internet Explorer and move over to Firefox! Yet another follower added to the loyal user base of the best browser on earth! Go Firefox!

Spyware battle
Tagged on:                                         

Leave a Reply