Life-Ruining Browser Hijackers

LehiNephi writes "If you're not diligent enough at whacking malware on your computer, you could end up in jail, whether or not you actually did something wrong. Hijacked browsers can not only annoy you with a never-ending string of pop-ups, they leave a less-than-virtuous browser history behind on your computer. This guy claims that some piece of malware hijacked his home page, opened an unstoppable chain of pop-ups, and filled his cache with porn. He now has to register as a sex offender, even though he denies that he did anything his computer says he did. Makes me glad for built in pop-up blocking in Mozilla."

Hate breaking it to you...

[Tuxedo+Jack]

But now the Transponder gang (ABetterInternet) are making .xpis to install their shit in Firefox/Mozilla.

And yes, CoolWebSearch is a goddamned pain to get rid of. New variants are immune to Merijn's CWShredder; they require specialized tools (pv.exe, TheKillBox) to remove, and some even require booting to a command line (nearly impossible in XP/2000).

One guy at my office accidentally got some CWS variants on his machine, and the IT department - myself included - went through the router logs (school district, have to keep the logs, state law here) to see where he got it. This resulted in his getting fired (free pr0n site, and yes, he was logged in as himself).

In short, these little bastards really _can_ ruin your life and your machine.

Re:stop this? me?

[Mr.Radar]

Spybot Search & Destroy (best and most up-to-date IMHO)
AdAware (the original big one, not as up-to-date as Spybot S&D, but it still catches stuff Spybot doesn't)
HijackThis (for the really nasty stuff that the others don't get, though this can mess up your computer if it isn't used properly)
SpywareBlaster (it isn't as good as the others mentioned, but it still couldn't hurt)

Re:stop this? me?

[IvyMike]

what's the best way to get rid of this crap?

• Ad-aware
• Spybot
• Cool Web Shredder Specific to CWS, but if you've got that, this is a necessity
• And while you're at it, for your own computer, don't forget the virus-checker, the hardware firewall, and maybe even the software firewall. Public computers are a Wretched Hive of Scum and Villainy, so if you're forced to use them, mentally adapt your practices to account for that. (Expect every virus/trojan/keycapture program written.)

And for the love of all that is holy, tell everybody you know to stop using IE. If you're the tech support guy for your friends and family, have them start using firefox. Because sooner or later, if you don't, they'll get CWS and you'll be at their house helping them for a LONG time.

Re:WARNING: Mozilla cannot protect you

[Ravadill]

This gets past the Mozilla/Firefox blocker by using target="_blank" which somehow bypasses it.

Add the following to your user.js to stop it:
// disable target="_blank" (open in same window):
user_pref("browser.block.target_new_wind ow", true);

Stolen from Texturizer.net:
http://texturizer.net/firefox/tip s.html#beh_blank

Re:Yeah, that's highly likely!

[jebell]

I am a lawyer, and a former prosecutor, to boot. I never worked in a sex crimes unit, but I thought I'd offer my thoughts:

I didn't see that this was a federal case, so the Justice Department probably wasn't involved. If I missed it, I'm sure someone will correct me, but I don't think the feds just go after a guy with a few pics on his computer. It's more likely local cops and prosecutors.

That said, generally prosecutors have to turn over exculpatory evidence. Prosecutors are not permitted to second-guess what's exculpatory and what's not. If they don't turn something over, the defense can ask the judge for a number of sanctions, the most extreme of which is a dismissal of the charges. No prosecutor I know of would risk that or risk being made a fool of in front of the judge. Naturally, there are going to be instances where the prosecutor doesn't turn something over because of an oversight and there are very rare cases where prosecutors intentionally withhold evidence.

One comment indicated that the prosecutors should be able to tell whether or not the pictures happened all at one time or spread out over a span of time. The prosecution is required to turn over the evidence only; not their intepretation of the evidence. So, they'd have to either (1) turn over a perfect copy of the hard drive; or (2) allow the defense to examine it. If they employ an expert, however, they'd be required to turn over his opinions and the bases for them.

Re:Yeah, that's highly likely!

[jebell]

Well, I hope he appeals. And gets access to his hard drive, so he can have his own experts analyze the data.

What's he going to appeal? It was a plea bargain; he gave up most of his appellate rights. The only thing that stands out in my mind is that he could file an appeal based on ineffective assistance of counsel. In my experience, though, he wouldn't be likely to do this for two reasons: (1) appeals are extremely expensive; and (2) a claim of ineffective assistance of counsel has to be predicated on some kind of extreme negligence or malpractice on the part of the attorney. Bad advice alone isn't enough to warrant a reversal of his conviction.

Re:Yeah, that's highly likely!

[jebell]

Ummmm... I don't think "contingency" means what you think it means. A contingent fee is a fee that is collected based on the amount of the award. The most common use of contingent fees is in personal injury cases; if you've ever watched TV, you know darn well that Dewey Cheatham and Howe doesn't cost you a cent until and unless you collect.

Furthermore, it's considered unethical (I know, I know, insert lawyer joke here) to collect a contingent fee in a criminal case. Why? Because then attorneys wouldn't take criminal cases they knew they would lose and poor Joe Child-Molester would never find competent counsel (contrary to popular belief, public defenders are only available to the indigent; most jurisdictions require a person seeking a public defender to disclose their financial information).

Re:Yeah, that's highly likely!

[jebell]

No problem; I enjoy contributing to conversations I have some knowledge about, instead of just pretending like I normally do. System-wide abuse is a lot less prevalent than it used to be. When I was a prosecutor (2000-2002), my jurisdiction had about 10 different police agencies that would submit cases to be prosecuted, in addition to some other specialized state agencies. For the most part, the police were pretty clean. A couple of the agencies had a reputation for shoddy police work, but nothing abusive. I learned pretty quickly which cops were honest and which weren't. Thankfully, there were only a few dishonest cops. A few more were just lazy, which can be just as bad as dishonest, but for the most part they did a good professional job.

Coincidentally, my father is a retired FBI agent. I've never dealt with the FBI in a professional setting, but I know a little of the history. The FBI under Hoover was used to keep track of all kinds of people that Hoover saw as a potential threat. Thus, the FBI investigated everyone from Martin Luther King, Jr. to Elvis Presley. They undoubtedly used means to discover information that, by today's standards, would be considered illegal and abusive. Most of the time, this would not be a problem for the FBI because the sanction for obtaining evidence illegally is to throw the evidence out. If they're just keeping tabs on you and you're never arrested, there's little chance that you'd ever know about it.

That said, the FBI was usually way ahead of its time when it came to ensuring that they got their man. For example, they were employing Miranda warnings long before the Supreme Court issed the Miranda v. Arizona decision, which required the police to read a defendant his rights before questioning him.

One of the really great contributions of the FBI is that, wherever they interacted with the local police, they would encourage the local cops to adopt the same practices. This ultimately led to the creation of the FBI National Academy, where local police forces send their cops for training on legal issues as well as investigation techniques.