Annoying pop-up’s (CiD adware) and the security equilibrium

I believe I am careful when I am on the internet.

My personal laptop is almost a fortress regarding protecting me from internet scum, so I try to protect it x-fold via Microsoft Defender, Search & Destroy, Firewalls, protected host and configuration files, WPA network connections, virusscan software, no browser caching, phishing filters, etc, etc, etc. Being aware that there is always a loophole to enter this fort, a “port d’entree”, I am also very aware of what I am doing on the Internet, but alas, sometimes all precautions fail. If my precautions fail it is also, almost always, a very very nasty bug. A bug on which normal insect spray only causes it to evolve…

On the other hand, I , we have to do some work, so all these precautions are not (always) practical or very annoying and prevent me and you from working. If I am working with, let’s say application servers, these precautions can have strange side effects. I don’t like, what I call, paranoia systems/environments, where everything is controlled and my working progress is slowed down because of it. There is somewhere an equilibrium between the amount of security and functionality. If security is to tight, functionality diminishes and vice versa. Creativity is killed in the process or not, I have seen brilliant creativity of people in trying to circumvent security in such kind of very controlled secure environments. Old standalone windows commander executables where given a new start trying to avoid locked down Windows machines.

But anyway, I was bitten again. This time it was a very annoying pop-up that displayed commercial websites. Once in while one would pop-up without any reason while I was using Internet Explorer 7 (my alternative when my favorite Firefox browser doesn’t suffice). So I checked startup entries in my registry, Performed deep scan stuff via “Search & Destroy”, looked into malicious looking programs resident in memory, did a full heuristic scan via my virus scanner software. I tried Google to find something sounding like “pop-up / adware / removing / detecting / etc”, but this gives you zillions of other annoying Adware entries, more commercial sites to remove and sell you stuff.

At last I saw a starting point. Every pop-up Windows had a small title called “CiD”. So I looked it up via Google.Almost immediately I found what I needed to remove this annoying behavior and read other frustrated victims sharing the same fate (http://www.lavasoftsupport.com/index.php?showtopic=7569). Apparently this bug is really smart and avoids almost every detection. What annoys me most in all of this, is that I, apparently, somehow installed the bugger and I have now idea when I did it… Realizing that you can do nasty things nowadays, for instance via XMLHTTPRequest, I maybe was infected somehow via a website but the when eludes me…

Things we have to live with I guess. The more incentive for me to make the move (also on personal machines) to Linux or an operation system that is so obscure that people don’t bother to write nasty programs for… Maybe, just maybe, I should revive my old OS2 Warp software (that is obscure!).

Marco Gralike Written by: