Last week I spent an entire afternoon trying to track down what I thought was a spyware infection on my laptop. Since I do some part time work purging other peoples computer of spyware I thought I was somewhat embarrassed to have succumbed to it in the first place, but it was far worse that after hours of scanning, poking around, and Googling to the ends of the earth I still couldn't figure it out.
For the record I use Microsoft's Anti-spyware Beta product to keep stuff off my machine because its the best free product there is. They may eventually charge for it but not yet. It also has the best realtime defense against spyware monitoring a whole raft of system settings that others don't. However for removal of spyware I generally resort to Webroot's SpySweeper that detects stuff other programs don't find. What I usually do is download the free trial, run it and then uninstall it. For whatever reason they don't seem to mind this usage pattern and I have recommended the pay version to lots of customers.
Anyway a couple of weeks ago I closed a Mozilla Firefox window only to see, horror of horrors, a pop-under window right there in front of me. Pop-unders and there pop-up brethren used to be the scourge of my and most peoples web browsing existence, but since I switched to Mozilla a few years back I haven't seen any. So the pop-under leering at me now was a shock. I knew the only explanation could be spyware lurking on my machine and surreptitiously commanding Firefox to open windows without my permission.
But after the aforementioned afternoon of looking for spyware I found nothing. The URL from whence the popup came, or claimed to come, z1.adserver.com, produced plenty of hits on Google but all of them seemed to be related to spyware I didn't have. I was eventually beginning to believe I had been infected by some completely new strain of spyware that had managed to get around Microsoft's realtime protection and was undetectable by the latest and greatest scanner. Harrumph.
Then I started to wonder if I could catch the spyware in action telling Firefox to create the popup window - that would allow me look at all the running processes and figure out what it was and remove it. So I looked around for information on configuring Firefox's popup-blocker and then Eureka!. Searching for pop-under and Firefox lead me to a page that described a recent scourge that even afflicts Firefox: the Flash activated pop-under and pop-up. Apparently people have started putting Flash and other plugin content on pages that can create a secondary window and that is not normally blocked by Firefox.
However it turns out there is a hidden option privacy.popups.disable_from_plugins that can be set to make Firefox stop popups originating from plugins. Yay! I enabled that and now for the last week I haven't seen a single pop-under. Apparently this hidden option may soon be put into the may Firefox configuration UI but why on earth isn't it there now and more importantly the default action?
Still it's a relief to find I didn't have spyware on my machine after all (it makes me extremely nervous to think about it) but frustrating that it took so long to figure out what was going on. At least next time I see this problem on someone else's machine I'll know much quicker that reality isn't really on the blink and the fix is simple.
Labels
advertising
(1)
android
(6)
android g1 tmobile
(1)
apple
(6)
att
(1)
banking
(1)
bluray
(1)
business
(1)
computer
(1)
energy
(1)
fail
(1)
finance
(1)
firefox
(1)
flash
(1)
flying
(1)
g1
(3)
g33
(1)
google
(3)
googletv
(1)
gps
(1)
hardware
(1)
hdtv
(1)
internet
(1)
ipad
(1)
iphone
(2)
itunes
(1)
mac
(3)
microsoft
(3)
mobile
(2)
music
(1)
nagios
(1)
netflix
(1)
osx
(1)
pc
(1)
phones
(1)
privacy
(1)
recommended
(1)
science
(1)
security
(2)
software
(2)
sprint
(1)
symbian
(1)
tmobile
(4)
tmobile g1 android
(1)
toshiba
(1)
tv
(3)
twitter
(1)
ubuntu
(1)
web
(1)
wifi
(1)
windows
(3)
xp
(1)
Blog Archive
Followers
Pages
0 comments:
Post a Comment