OT: Spyware alert:

Hey all you TwinkieTown bloggers. I know you frequent the StarTribune Twins blogs. I have temporarily suspended that practice myself because there is a rogue ad network for those blogs in particular that puts spyware on my machine. And I advise you to do the same.

The StarTribune actually ran a story about how it had hundreds of complaints from visitors about a malware attack. I can't find it because I would have to go to the to do so, risking further infection. The story never said the problem was fixed. I have since discovered that it is not fixed. That the particular piece of malware that sparked the complaints is no longer being spread by But other spyware is. Let me explain by telling the story.

Rogue Antivirus Malware

I have been inundated with spyware this past month and more. It started with the Rogue Antivirus, a very nasty piece of code that is managed by the Russian Mob to scam people into giving the Mob their credit card info. The malware spoofs itself as a trusted peice of antivirus software form Microsoft. If you don't buy the software but shut your computer down immeditaely, you can escape major damage. You do have to bring your system in for repair. But you can save your stat and applications. If you buy the software, the Mob will take your credit card number and start using it until you cancel it. Meanwhile, the code shuts your computer down and erases critical parts of your operating system so it will no longer boot up.

This is one that can only be removed by deleting particular files spread around your hard drive, deleting particular tracking cookies from your browser, and fixing the registry. I took it to BestBuy, just because the alternative was to go to send it to my company IT department and get my hard drive wiped.

The GeekSquad guy at Best Buy said they had thousands of cases of that malware in the Twins Cities area in one week. While I waited for the paperwork, a half dozen cases came in with the very same problem. One couple in line in particular said, "All we do is go to news sites like the" Anyway, the day I put my $200 down on the table and got the machine back from BestBuy, the Strib ran a story about a malware attack from one of its ad networks. At the time, I thought it was an interesting coincidence, but I didn't think this was proof that the Strib was the source.

Fake Windows Update Trojan Horse

About a week after getting my machine cleaned out, I got another piece of spyware, this time it was the Fake Windows Updater Trojan Horse, that again hides as an XP program which asks if you want to install available updates and restart your computer. It will even hide in your Shut Down screen as the default option. If you're not careful to select "Shut Down" rather than "Install Upgrades and Shut Down," you're hosed.

At this point, I installed Spyware Doctor to clean my machine myself (another $40, BTW). When I ran the Inlligent scan, it found 39 infections from this particular piece of malware. Obviously, I was visiting a site that routinely downloaded spyware on my PC. Outside of my corporate site, I don't regularly go anywhere but Twitter, Facebook, LinkesIN,  Twins blogs, news sites, Google, and So it had to be one of these sites.

One of the features of Spyware Doctor is a Spyware Blocker. When a piece of spyware is trying to install itself on your computer, it brings up a dialog that asks whether you want to block it or not. I always block, of course. Here it became clear what the source of the spyware is. Every time I went to Howard's, Joe C.'s or Lavell's blogs, I had to block the attempt to load spyware.

Now I don't think Spyware Doctor is perfect, because I just scanned my PC and I now have the same piece of malware again on my system. I will perform a complete scan (as opposed to an Intelligent scan) and have it removed. But, in the meantime, I will not visit

Boycott the

It is beyond belief that a major news site would be so desperate that it would do business with ad networks known to distribute spyware. And it is shocking that after it discovered this problem and published a story about it, it continued to work with the network. Not only will this hurt its traffic (I can only hope). But it could make it libel for a class-action law suit. The information is public at this point. There are thousands of people who are out hundreds of dollars because they trusted the Some of these people had to cancel their credit cards and get new operating systems and applications.

At the very least, we should boycott the until they publicly apologize and prove that they no longer work with the offending ad network. Howard, I'm sorry. I love your content. But you gotta talk to the ad folks and get this stuff cleaned up




Log In Sign Up

Log In Sign Up

Please choose a new SB Nation username and password

As part of the new SB Nation launch, prior users will need to choose a permanent username, along with a new password.

Your username will be used to login to SB Nation going forward.

I already have a Vox Media account!

Verify Vox Media account

Please login to your Vox Media account. This account will be linked to your previously existing Eater account.

Please choose a new SB Nation username and password

As part of the new SB Nation launch, prior MT authors will need to choose a new username and password.

Your username will be used to login to SB Nation going forward.

Forgot password?

We'll email you a reset link.

If you signed up using a 3rd party account like Facebook or Twitter, please login with it instead.

Forgot password?

Try another email?

Almost done,

By becoming a registered user, you are also agreeing to our Terms and confirming that you have read our Privacy Policy.

Join Twinkie Town

You must be a member of Twinkie Town to participate.

We have our own Community Guidelines at Twinkie Town. You should read them.

Join Twinkie Town

You must be a member of Twinkie Town to participate.

We have our own Community Guidelines at Twinkie Town. You should read them.




Choose an available username to complete sign up.

In order to provide our users with a better overall experience, we ask for more information from Facebook when using it to login so that we can learn more about our audience and provide you with the best possible experience. We do not store specific user data and the sharing of it is not required to login with Facebook.