RipSting,
It sounds like you may have gotten hit by CoolWebSearch, a very clever series of trojans. You might try CWSshredder, you can find it at:
http://www.spywareinfo.com/~merijn/index.html
IIRC hijack This can also be found there, hopefully one of them can help. CWS is particularly hard to remove, and Spybot, Adaware, and Pest Patrol can’t get rid of it. There’s dozens of variant’s, the author of CWSshredder is giving up on trying to keep up with it.
Sbaz says:
Once I saw a page that documented security holes in various software, and Linux had many, many flaws. It's open source and there are probably tons of those little holes out for the finding. Usually major Windows viruses/trojans won't affect you if you have updated regularly
Sounds like you read the Forrester Report, which has been contested by Security experts. It doesn’t take into account the severity of the exploits, and when it count’s Windows Exploits it only counts the ones in the OS (including IE) but when it counts Linux exploits it counts dozens of seperate packages, most of which are NOT installed on most Linux boxes.
Linux fixes critical exploits at a higher priority than non critical exploits. Severe exploits in Linux are almost always fixed the day they are discovered, while with Windows you will wait a couple weeks for the fix to be developed, then wait longer untill the fix is available since MS is on a monthly release plan. A fix is only usefull if you can get it.
Since 1998 Windows/IE has had AT LEAST 8 critical vulnerabilities at any given time. The latest exploit (the Russian one involving exploited II2 servers infecting visitors using IE) takes advantage of “non-critical” (according to MS) exploits, some of which have been known for OVER 4 YEARS and STILL aren’t fixed. MS calls them non-critical because by themselves non can do any real damage. Used together they can open your Windows PC to remote takeover.
While XP Pro (but NOT WP Home) has the ability to use “advanced” file permissions (standard on *nix) they are not enabled by default, and won’t be even with SP2. Setting them up is beyond the ability of most users.
This means anyone (or any malware) that gets into a Windows box will own the entire PC. With Linux, even if something gets in, it has very limited access to anything beyond the users Home directory. Other users, and the OS itself will remain unaffected. Windows, even with advanced file permissions, isn’t really capable of fully separating user space from local space.
An exploit that affects one XP box will affect ALL XP boxes (unless a boatload of extra, third party, security sofware is installed. An Exploit that affexts one Linux distro doesn’t ussually affect other distros. A vulnerability in Red Hat probably won’t affect me, since I’m using Gentoo.
PS, congrats on the switch to Firefox. I have a hard time getting people to try it, but everyone I’ve convinced to try it likes it better than IE (and is suprised at how much better it is) Most don’t consider security (the fools) but the Pop-up blocking alone (not to mention tabbed browsing) makes their day!
No, Linux isn’t bulletproof. It’s not even the most secure OS, BSD has it beat. It is more secureable than Windows, though. Certainly more secure “out-of-the-box” After all, the US National Security Agency even developed it’s own Linux kernel (Selinux, available to all and open source), Windows won’t ever have that.
Tommy