There have been things in the last week that have honestly baffled me, that forced me to reimage my Operating System partitions; and there is my traditional warning about setting up Christmas Gift machines.
Issue #1: Total bafflement - and scary:
I flipped to Google for a simple search term:
"kelly add userpasswords2 to control panel"
And clicked on the first appropriate link. My screen filled with warnings from my Antivirus, my AdaWare SE, my Giant Antispyware, and SpyGaurd, just as it filled with thousands of offers for lots of things I did not ask for. In a second. None of this was from Kelly Theriot's site
By the time I was done clicking through this mess, I was despite everything seriously filled with pop-up adware crap.
All I can tell you is that I know a fair amount as to how-to identify and remove this malware, not as good as the real specialists in these things, but a fair amount as to how to remove problems like this.
And I did spend some time looking at what was going on using the many, many tools I have at my disposal.
My conclusion: the little elfs at the adware and spyware people have been very busy in preparation for the Christmas season. Nothing I saw matched any paradigm that I had seen, or that any of the traditional commercial and freeware tools were ready to handle.
I am confident the commercial and third-party community wil come through in the end with removal tools for this Christmas Surprise by the bad guys, but there is some very effective and resiliant stuff just introduced. It is decidedly non-trivial to remove. And it is both polymorphic and rebuilds itself, even as far as I can trace from System Restore archives when you use traditional removal methods.
I re-imaged. On alternate days of the week I use Acronis or Symantec Ghost 9 to image to different hard disks. But after trying manual steps, I just re-imaged from the morning prior to the Google click, and in eight minutes was done.
So: for an XMAS present ask for Symentic/Norton Ghost 9.0 (no earlier version acceptable), or Acronis True Image 8.0.x.
Issue #2: Christmas Gift Computers
In an article I read a month ago in the Washington Post, a non-firewalled computer exposed to the internet will become infected with a variant of blaster or sasser within 8 minutes of connecting to the internet.
If you buy a Christmas Computer, purchase one with XP SP2 preinstalled.
If you are building the gift, or the computer is not SP2, please enable the native firewall prior to connecting in any way to the internet.
I promise more instructions later, but my essential point: everyone with way too much time on their hands is off for the Christmas Holiday. This I think will be a particularly rough one as the Thanksgiving bump in issues has shown on many Forums. And there is some incredibly difficult to remove malware out there as a test.
Merry Christmas,
Bill Castner
Issue #1: Total bafflement - and scary:
I flipped to Google for a simple search term:
"kelly add userpasswords2 to control panel"
And clicked on the first appropriate link. My screen filled with warnings from my Antivirus, my AdaWare SE, my Giant Antispyware, and SpyGaurd, just as it filled with thousands of offers for lots of things I did not ask for. In a second. None of this was from Kelly Theriot's site
By the time I was done clicking through this mess, I was despite everything seriously filled with pop-up adware crap.
All I can tell you is that I know a fair amount as to how-to identify and remove this malware, not as good as the real specialists in these things, but a fair amount as to how to remove problems like this.
And I did spend some time looking at what was going on using the many, many tools I have at my disposal.
My conclusion: the little elfs at the adware and spyware people have been very busy in preparation for the Christmas season. Nothing I saw matched any paradigm that I had seen, or that any of the traditional commercial and freeware tools were ready to handle.
I am confident the commercial and third-party community wil come through in the end with removal tools for this Christmas Surprise by the bad guys, but there is some very effective and resiliant stuff just introduced. It is decidedly non-trivial to remove. And it is both polymorphic and rebuilds itself, even as far as I can trace from System Restore archives when you use traditional removal methods.
I re-imaged. On alternate days of the week I use Acronis or Symantec Ghost 9 to image to different hard disks. But after trying manual steps, I just re-imaged from the morning prior to the Google click, and in eight minutes was done.
So: for an XMAS present ask for Symentic/Norton Ghost 9.0 (no earlier version acceptable), or Acronis True Image 8.0.x.
Issue #2: Christmas Gift Computers
In an article I read a month ago in the Washington Post, a non-firewalled computer exposed to the internet will become infected with a variant of blaster or sasser within 8 minutes of connecting to the internet.
If you buy a Christmas Computer, purchase one with XP SP2 preinstalled.
If you are building the gift, or the computer is not SP2, please enable the native firewall prior to connecting in any way to the internet.
I promise more instructions later, but my essential point: everyone with way too much time on their hands is off for the Christmas Holiday. This I think will be a particularly rough one as the Thanksgiving bump in issues has shown on many Forums. And there is some incredibly difficult to remove malware out there as a test.
Merry Christmas,
Bill Castner
