Oh, wait, I think to myself. That's not the Google toolbar. That's a new toolbar.

I didn't install any new toolbars.

Shit.

I found the culprit. It's a Windows Media file that was sent to me by a coworker. It was marked as .mpeg, but it was actually .wmv; Windows Media Player happily takes the file and plays it anyway, recognizing the internal file format and adjusting appropriately.

Convenient, yes. Felicitous? No.

There's been a lot of talk lately about hackers using DRM in Media Player files to force users' computers to auto-install spyware and trojans in the guise of being software to manage digital rights. It's not a theoretical attack, because it really happens, and tonight it happened to me.

Now I'm cleansing my system. A full virus scan on all drives (two physical, three logical), Ad-Aware and some manual investigation showing that not only a Browser Helper Object was installed, but also a trojan.

Sigh.

So... I've cleaned the trojan by hand, unregistered the toolbar, and once I can reboot I'll delete the toolbar's .dll file. Ad-Aware and the virus scanner will finish eventually, but that's why I'm waiting up at this awful hour.

This has redoubled my belief that Windows Media Player, Windows and DRM in general is worthless. I have a strong belief that I should have full control of my computer, and right now I am recovering from something that was caused by myself not having full control of the machine. To me, that's unacceptable. I really need to look into alternatives.

Still... I can't believe I let myself get taken by an attack like that. I just wonder if the other six people he sent the image to have a similar problem with their workstations at work.

restlessmind