[DeTomaso] Car Domain: AYOR

[ProvaMo.com]

Listers,

I went to "Car Domain" recently, and toured the deTomaso listings.
(Most cars are already in the Registry, so really nothing new there, but...)

When I viewed one of two pages, I was quickly supplied with Advertisement/virus
activity (not pop-ups but files downloading.

I know it came from this source, unequivocally. 

I had isolated the affected computer from my network, disconnected from my ISP (pulled
the data cable), and shut down the computer within seconds.  I could even hear one of
my hard disks with TONS of read/write activity.

I have a suite of "defense" tools, consisting of AVG 
SuperAntiSpyware, Adaware, Spybot, Search & Destroy, Spyware Blaster,
to name a few.

What this virus did was to place itself in many locations on my hard disks, then
occasionally pop up a full screen ad window, which I could not navigate around.
(Selling anti-Virus products, a common ploy). 

SuperAntiSpyware would locate the offender(s) and indicate that it removed them (all).
But after scanning, removal, and re-booting it would (partially ?) return.

It was Spybot that fully removed the hostile software. (So they get a donation.)

(I run the LATEST free versions.)

I've been quiet (offline) as I repeatedly run my defense suites on every device in my
network (16+ devices...).

So take this as a reminder/suggestion to insure you have the latest protection, and
run the scans frequently.  Don't trust ANY source!

I was lucky (no strike that, it was not luck, but preparation) that kept me from any
real damage.

As Car Domain allows anyone to upload files (pictures) I knew there was some risk.  
It is not Car Domain's fault, but I did send them information.  That is just the
nature of the beast when you allow the random public to upload files
(and thus the reason the DeTomaso Registry no longer allows public uploading.)

Chuck