Unbe-freaking-lievable.

Our computer got taken over by spyware last night. I can't believe how nasty this stuff is.

I logged in, and pretty quickly got some pop ups, which was an immediate warning sign. I checked the running processes, and saw something called "bargain.exe". Uh oh.

I run anti-spyware stuff, and it finds a lot of stuff and cleans it up. I then go to the Start menu, choose "run", and run "regedit". Nothing happens, but now the system is reinfected again.

I go and look in the Windows, System, and System32 directories, and see that the fuckers replaced regedit.exe, notepad.exe, wordpad.exe, and ping.exe with their own versions (presumeably that run/download something to reinfect the system).

Two spy-ware removal tools and several scans/reboots later, I think I've gotten all the bad stuff out. The only symptom left is that my Quick Launch toolbar is gone. I can re-enable it using the Taskbar properties page, but the change doesn't stick. I'm sure it's a registry setting somewhere, but I haven't found it yet. If worst comes to worst, I can do a System Restore from Sunday night. I actually tried this (fixed the Quick Launch problem), but for some reason the virus scanner didn't want to scan after doing that saying that the installation was messed up. Which doesn't make sense, since it was installed properly before Sunday.

I think I'll do the System Restore from Sunday and reinstall Norton to get that working. If the spyware has changed registry settings involving Taskbar toolbars, who knows what else is messed up. I think that's probably the safest route.

Bad, bad stuff, spyware. I simply can't believe that there are programmers who would create such beasts. Man, computer support business must be moving with all this shit out there. Diana and I are pretty savvy computer users, but one of us must have clicked in the wrong spot. I can't imagine that the general joe-schmoe windows user would have a chance once they were infected. Maybe I should look into that as a side business. I wonder how much money could be made from simply (Download spyware remover -> run spyware remover -> install pop-up stopper -> reboot). Hell, if I can remote-desktop in, I could do it all while in my underwear from home!