Swamppifi Posted January 19, 2015 Share Posted January 19, 2015 Just spent the last 24 hours regaining control over my browsers ( chrome / firefox) I downloaded a wma to mp3 conveter from the cnet.com site, when it started to install, I unticked all the extra crap they try to peddle in the fine print, but when it installed, it loaded this omi home pages and search engines, then load some kind of protection to lock it, disabled the task manager, and the usual tricks to make it hard to get rid of. It took some effort, but I have got rid of it, ran nortons rootkit checker and now all clear. They made it hard by the fact that they hid some exe files in the application data under the roaming tab. Just pissing me off that I can't download something from cnet.com without it trying to force stuff I don't want down my throat. and the sneaky way it was done. Lucky I had seamonkey as a backup, they didn't target it, so I could still browse without being rediected to their crappy sites. Enough of a rant...... Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted January 19, 2015 Share Posted January 19, 2015 I usually just spin up a VM for software like that. I typically avoid such odd crap, but create a VM and make a snapshot. Install/test whatever it is you want and then revert to snapshot. Side note, wma and mp3 are crappy formats now a days. Quote Link to comment Share on other sites More sharing options...
cooper Posted January 19, 2015 Share Posted January 19, 2015 Maybe the user you're typically running as shouldn't have the privilege to allow something to burrow down so deeply into your system? Quote Link to comment Share on other sites More sharing options...
i8igmac Posted January 19, 2015 Share Posted January 19, 2015 don't use the Administrator user... create a user account with less privileges, use this new account... If you can't remove a infection then just delete the account and create a new one. My dad brings me his computer saying its infected... its a quick fix Quote Link to comment Share on other sites More sharing options...
THCMinister Posted January 19, 2015 Share Posted January 19, 2015 But some techniques can use privilege escalation and bypass security. I have always like a vm route. Quote Link to comment Share on other sites More sharing options...
cooper Posted January 19, 2015 Share Posted January 19, 2015 There's always ways around stuff, but it's a barrier I doubt a lot of these crapware things are anticipating for. Quote Link to comment Share on other sites More sharing options...
i8igmac Posted January 19, 2015 Share Posted January 19, 2015 Its been A decade since I used windows as my daily operating system but I never ran into milware/viri I couldn't remove... antivirus software is crap from my experience... You should watch netstat -nb when installing newsoftware Quote Link to comment Share on other sites More sharing options...
Swamppifi Posted January 20, 2015 Author Share Posted January 20, 2015 I normally use my machine that has VMware on it to check out software I don't trust, but I was on my PC in the lounge room which is set up as music recording and 3d animation rig, I got complacent just trying to do a quick conversion of a music track to process, I normally don't do any browsing on that machine. It just annoys me all these search engines thinking they have the right to force me to use there services, at least I know how to remove it, but what about the general public, who don't have a clue how to fix it. there is no way I would ever think about using that search engine now, they have just waved a red flag at a bull.....an as for cnet.com.....they used to be good. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.