Adware, spyware -- How to stop this crap

vanity

[no nau]

My computer is infested with this crap and I can't get rid of it. None of the free services can solve the problem, and I might even pay for such a service, except that all of them seem to be just folks willingly to take advantage of you and charge you more money, and possibly infect you more. Has anyone here seen this? How should I and anyone else deal with this?

[ThePythonicCow]

So far I hate Ubuntu. You can’t log in as root

That's a configuration option that you can change.

Unfortunately, I don't have any Ubuntu systems at hand, so I can't be precise on this. On SUSE systems, it's on the Administration Settings -> Security and Users -> User Management screen, where, for any user, one can disable login or not.

Aha ... here's how to find the instructions to do this. Just do a Google.com search for " how to login as root on ubuntu", and the first few hits will each give you specific instructions (and associated warnings of the risks involved.)

Linux (and before that Unix) systems really are capable of a wide variety of security configuration models, and it really is just a routine configuration change to change the model to one you like, if the defaults aren't as you like them.

As systems such as Ubuntu have gained wider use, we've been tightening up the default security configuration, because an increasing percentage of users are better off that way. The only time they need root permission is when doing something like installing software or managing their disk devices, and the GUI administrative screens will prompt them for a password as needed for that.

This is quite distinct from Windows desktop which, despite adding the appearance of multiple login support, is quite incapable of running a reasonably tight multi-user configuration, with carefully isolated and minimized permissions to each program, using a security model that has been a well designed part of the system, for over thirty years now.

[JDoutrider]

Kaspersky... The best!

I also use Webroot Spy Sweeper with it. NO Problemos!!!

[ViLaLuz]

Make sure Mcafee isn’t charging your credit card every year automatically, for an update without your authorization. They tried to pull that garbage with me. They suck.

[conservatism_IS_compassion]

See my post #40. Mac has its fair share of problems. Most people don’t know it though.

. . . which puts me in mind of the braggart who was always talking about what a great shot he was. Finally his friends got him out to a duck blind, and when a duck flew over they told him to let fly. He fired - and the duck continued on its way unperturbed. The hunter muttered, "Fly, darn you! Fly with your heart shot out!"

Apparently all us Mac users "have our hearts shot out" - but we're still flying along undisturbed.

[advance_copy]

For fun, here's the 1978 Microsoft staff photo from Wikipedia (Bill Gates is bottom left):



After thirty years, Microsoft still makes the best software. And, therefore, the most expensive software. And, therefore, the software that is most targeted by malware.

One thing is sure, all of those people in the picture are very rich, more than just about anybody.

[ops33]

Your advise is very good and simple. Try as much as I can, I still can’t get my sister to stop forwarding all the cutsey images and videos she gets from her friends. I tell her that’s the way spyware and viruses get spread, she just doesn’t pay any attention to what I say. When I told her that I routinely delete her email without opening it she becomes offended. I’d hate to see how much crap is on her computer.

[Mad Dawgg]

"My computer is infested with this crap and I can't get rid of it. None of the free services can solve the problem, and I might even pay for such a service, except that all of them seem to be just folks willingly to take advantage of you and charge you more money, and possibly infect you more. Has anyone here seen this? How should I and anyone else deal with this?"

My ISP provides this: CA Internet Security Suite 2007 3-User w/$6,500 Identity Theft and Virus Protection at no charge for all of my Computers!

Check with your ISP and I bet they have something similar.

[hiredhand]

Don't take it personally. I didn't say that Mac was or wasn't susceptible to Adware specifically. I was only pointing out that Mac operating systems have had their fair share of problems along with all the rest.

You probably wouldn't know this because my interactions with Mac users indicate that they live in a bubble, and because Apple isn't exactly forthright with timely notification about deficiencies in the products.

Here's ONE - http://www.securityfocus.com/bid/24856

I'm not your personal security consultant, so you'll have to find the rest on your own, and if I were you I'd get to work because I've got a folder full of them that all apply to OSX.

Things are very much different in the Windows world. Like you, I pretty much refuse to use their dreadful products except when it's simply unavoidable.

[hiredhand]

Really? Get on your Ubuntu box and do this -

sudo bash
(authenticate)
passwd root
(set root's password).

Problem solved.

Ubuntu expects you to go through sudo for everything. What I just wrote above is in their FAQ. RTFM. :-)

[hiredhand]

I wasn't SPECIFICALLY talking about Adware on Mac operating systems. I should have made this clear initially. The CERT and ISAC bulletins that I have now are all with respect to commercially sold software products.

I was merely trying to make the point that Mac suffers from its own fair share of problems, and just because the instance of vulnerability rate is low, doesn't mean it's not there, or shouldn't be accounted for.

[hiredhand]

OpenBSD has an excellend track record for security. I haven't kept up with in the past 18 months or so, but as I remember they hadn't had a major release go out the door with a local root exploit in several years.

If not for their pactching/updating system, we'd use it in our enterprise. I tried to justify it once, and I simply couldn't bring that sort of burden on a production team. I use it at home though, and have two firewalls running "pf". One is transparent (NO IP addresses at all!) and one does NAT/PAT. They both run like a charm. I never touch them except to log IDS data (snort) and pf logs.

We've been leaning away from Red Hat and towards Debian and Ubuntu at work. Debian based OSes are just so much easier to set up and maintain. Red Hat gives me a headache every time I try to do something that's outside the realm of RPM, and then if we customize a Red Hat server, later there's always the chance that patching is going to change some aspect of the customization that we performed prior.

We had an instance not long ago where this happened. The default BIND 9.x installation on Red Hat expects that you're running the DNS server chrooted. But we are NOT. There was a BIND patch on this particular round, and it put the DNS server back to a chrooted environment. The guy patching didn't test far enough to discover that although the DNS server was running, it was fairly "brainless", and certainly had no knowledge of the dozen or so zones that we host. He did this at 0400, and by 0900 everybody was in a full blown panic, and he was unavailble by that time. I got to the bottom of it fairly fast once I was called, but still...this is the hazard of Red Hat and custom configs. :-)

...ah well. :-)

[hiredhand]

I swear...pissing off Mac users is like pissing off a damned bunch of democrats! I wish I'd never said ANYTHING!

[LeGrande]

You probably wouldn't know this because my interactions with Mac users indicate that they live in a bubble, and because Apple isn't exactly forthright with timely notification about deficiencies in the products. Here's ONE - http://www.securityfocus.com/bid/24856

It is interesting that your ONE example isn't about an apple product and can't affect the Mac system at all. Those exploits don't work on Mac's because buffer overflows don't compromise the system. All that they can accomplish is crashing the program and that gets the hackers nothing, zip, zero, nada.

I'm not your personal security consultant, so you'll have to find the rest on your own, and if I were you I'd get to work because I've got a folder full of them that all apply to OSX.

And strangely none of these 'exploits' ever seem to pan out. I bet you don't have a clue as to why, do you? It is primarily due to hooks that Windows put in its operating system to allow programmers more control. Take out the hooks and Windows would be half the way to a much more secure system. But then none of the old programs would work and people might look at better OS's. What's Microsoft supposed to do? LOL

[FreePaul]

I too have been using PC-Cillin for a long time. Mine is only on a few computers used by me and other family members. I have been happy with it until recently. After installing 2007 I had problems which I was able to resolve with the help of Trend Micro. After installing 2008 I have been having more problems and am trying to get help. As with most programs each new version tries to take over more of the computer. So far, among other problems, PC-Cillin tells me that I can’t run other programs that I have been running for years.

[AppyPappy]

What are you using now to get rid of it?

[dayglored]

> I wasn't SPECIFICALLY talking about Adware on Mac operating systems. I should have made this clear initially. The CERT and ISAC bulletins that I have now are all with respect to commercially sold software products.

Okay, then consider this analogy:

If I buy a car with a cassette player in the dash (an operating system with an API), and I obtain a cassette tape and plug it in (install a commercial application), and the cassette is flawed and jams (the application has a vulnerability), it's damn hard for me to lay that problem at the feet of the manufacturer of the car, or say that "the car has its fair share of problems" because of the flawed cassette. The cassette would have the same problem in any car, any player.

> I was merely trying to make the point that Mac suffers from its own fair share of problems, and just because the instance of vulnerability rate is low, doesn't mean it's not there, or shouldn't be accounted for.

Okay, I'll grant that nothing is perfect.

So where are the OS X exploits? The OS X viruses? The OS X botnets?

There are large money prizes (like $10,000) offered to anyone who can breach an OS X system, and the only way anybody has been able to do it is by "human engineering" -- convincing a live human being, at the console, to give root access. Well, d-uh. No one has been able to do it like it's done on Windows -- with no user interaction required.

Look, I'm not a Mac fanboi -- I'm a System Admin whose biggest daily worry is security. Every vulnerability is of interest and concern to me, regardless of platform. So far, I just don't see anything significant on the Mac side that's actually being exploited. And the vulns reported for the Mac all seem to be in applications, not the OS X operating system itself.

If you have specific evidence to the contrary, other than broadly saying "it's non-zero", I'm all ears. I'll ping Swordmaker on this, too, since he may know of something.

[dayglored]

> After thirty years, Microsoft still makes the best software. And, therefore, the most expensive software. And, therefore, the software that is most targeted by malware. One thing is sure, all of those people in the picture are very rich, more than just about anybody.

Well, you're 50% right:

1. Microsoft still makes the best software. Wrong (the most common, yes; best? no.)

2. The most expensive software. Wrong (Coverity, Adobe, RealView,...)

3. The software that is most targeted by malware. Right

4. All of those people in the picture are very rich. Right, as far as I know.

[robertpaulsen]

I can't get ccleaner to remove my History files, even though the box is checked. Granted, I can delete them manually or simply not keep a History file (select 0 days).

Any ideas?

[no nau]

Try “Hi-jack this” and “CCleaner” and “Spybot-search and Destroy”

Used them all. They detect the malware, but are unable to remove it.

[conservatism_IS_compassion]

I wish I'd never said ANYTHING!

I think it's a combination of two things which make us respond:

1. our pleasure at the historical fact that we have had no viri and no need to fuss with antiviral software since we stopped using Windows, and

2. our insecurity over the fact that nothing is 100% safe, and we could get badly burned. In consequence, whenever anyone suggests that the sky is falling on our Macs, we challenge that assertion vigorously. We know we would have to react if real Mac viri appeared in the wild.