Wednesday, August 10, 2005

Waterpark visits and keylogger ID theft Hell....

I was reading Keeper's blog today. He has been blogging about the trials of finding swim-shoes this late into the season (been there-done that) and moved on to his adventure at Splashtown, a local waterpark here in North Houston. So the times I've gone I've always been stumped on what (bare-minumum) to take into the waterpark, and how to hold onto it when your there....

In Houston, you have to drive everywhere, even to get to the waterparks. Yes we do have public Metro transportation (buses) and a Metro light-rail train that has a vehicle crash count--so far--that just reached it's 100 collision today. (Houston drivers can be dense.) But really, you have to drive everywhere to get anywhere here in Houston. Oops, I'm going off on a tangent!

So you have to take (1) your car key since you want to lock your car up. If you are a guy, next we have to settle with what to do about the wallet. Leave it locked in the car--I guess? An uncomfortable decision at best. Maybe your drivers license (2) can come with you. If it's in good shape, the plastic cover should keep it protected. Credit/debit card (3)? And (4), cash.

What do you put them in now? I picked up a waterproof bag at Academy once. (I've seen the "torpedo-tubes" you can seal up and put around your next, but they look clunky and uncomfortable.) The waterproof bag idea worked medium well. Everything was damp (cash was soaked) but the key/cards were ok. I guess you could get a locker, but I don't trust them with anything so valuable. What do you do? What is your plan when you visit a water park. Ladies? Any suggestions from your side?

This keylogger/spyware identity theft issue is getting worse and worse. If you don't know what I am talking about, read this for an intro. Sunbelt Software now has some more results on their initial analysis posted on their blog site. Susie at Spyware Warrior has some good tips on a response if you think you got infected with this bad-puppy. They report they are working on a standalone scanner for it. I hope they get one out fast. From the Sunbelt blog site:


– It’s footprint is extremely small — about 26k.

– It seems related to the CoolWebSearch gang, but that is still not certain.

– It is related to the Dumador/Nibu family of trojans. The keylogger executable is winldra.exe.

– It runs under Internet Explorer (IE), so it is generally undetectable by a software or hardware firewall. So much for my ranting about the need to run a software firewall.

– It turns off the Windows firewall.

– It steals data in the IE Protected Storage area.

– It steals data from the Windows clipboard

– It steals logins and passwords from a number of programs, including WebMoney, Far Manager and Total Commander.

– It modifies the host file to stop access to Trend Micro,,, Etrust/Computer Associates, AVP, Kaspersky, F-secure, etc.

Please, please, please! Run an anti-virus program on your pc and keep the DAT files up to date. Run at least one anti-spyware scanner on your pc. Run a firewall on your pc (besides the XP one!). There are LOTS of great free ones. Yes there are others besides the ones I linked to. Just pick some and stick with them! Use them! Ignorance is not bliss on the internet, it is $$$EXPENSIVE$$$. Good luck.

See you in the skies.

No comments: