The Time Has Come, the Walrus Said, to Talk of Many Things...
  Home  |  Archives  |  Music  |  Software  |  About  |  Contact
 | Community | 

 -273
 Ouranophobe
 Rubidium
 Mount Athos
 Minutia Press
 | NFL Picks | 

 Lucas: 165-91
 Chris: 160-96
 Sports Guy: 118-129-9
syndicate this page
 August 13, 2004 - 08:49 PM | chris
Spy vs. Spyware

I got an urgent message from my parents yesterday that their Internet Explorer could not follow links anymore, so I took the question to the most knowledgeable computer expert I know, Dr. Google. During my browsing, I went to click on a link and what should spawn directly beneath my mouse right before I click but one of those "Are you sure you want to install software by [insert spyware company here]?" dialog boxes. Unfortunately, the timing was such that my click got registered on the "Yes, of course I want your crappy spyware shit all over my machine, there aren't enough legitimate pop-up ads for me already" button, and it was off to the races.

Four installers immediately popped up in my status bar and every pop-up window in the entire history of the internet immediately spawned on my desktop, resulting in a crash of all legitimately-running programs. "Woohoo! We can finally get through the Google pop-up blocker!," the windows must've thought as they piled up higher and higher. "Your computer is infected with spyware, download this tool to remove it!," they would ironically yell, "and buy Super Viagra!"

After the dust settled and the windows stabilized, I removed all that I could from Add/Remove programs and ran the latest version of Ad-Aware and Spybot. They were able to blow away about 300 rogue registry keys, processes, and files, but were unable to do anything about my newest arch-nemesis: VX2.

VX2 is a particularly nasty little piece of code that comes in a number of variants. From what I've been able to read on the internet before being inundated with pop-ups again, if you try and unregister and remove the offending dll file (twaintec.dll, oh how I hate you Twain-tech Enterprises), it will apparently spawn a copy of itself under a different name. As such, the anti-spyware programs can remove the registry keys and processes that it spawns, but as soon as you reboot your computer they magically appear again.

Ad-aware has a plugin to remove it, but the latest variant has been able to defeat even that. If whoever wasted their time writing VX2 used their powers for good rather than evil, we could probably get rid of viruses, denial of service attacks, and disturbing fanfiction where science fiction characters have homosexual relations with each other in mere days.

After a good 3 hours of running anti-spyware software and mucking around in the registry, I finally defeated VX2. Whoever created this monster is a scourge upon this planet.



Comments

Yeah, VX2 is a nasty one. I've heard nothing but bad stories about it.

By the way, if you want, you can press criminal charges against the makers of VX2, because it was not unistallable, which is a no-no for non-OS software.

Posted by: Brian at August 16, 2004 9:29 AM

And you might want to bookmark this website, if you get it again:
http://www.spywareguide.com/product_show.php?id=25

Posted by: Brian at August 16, 2004 9:35 AM