I clicked a link in IE and then wasted hours and hours tracking down and deleting all the cruft off my machine. Porn, executables, links, popups and it kept coming back again and again until I finally got rid of all the files and all the real apps which had been overwritten by malicious cruft. pstools, timestamps and checksums helped find it all.

I consider myself to be a sensible user and this is the first time in 20 years that a computer I was using was compromised (unless I was deliberately doing it for testing). It actually used an ADODB flaw to copy executables and so on and so forth and this flaw was in Outlook Express DLLs which were in the system32 directory but which Windows Update didn't update as I'd deleted Outlook Express from my machine! - go figure.

This was also the impetus to download and use Firefox which is a far superior browser and works for 99.99% of the sites I have used. It really did piss me off. :(

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/250/27017#27017