"One aspect of these latest tests worth noting: the collection of spyware and adware used for this round of tests included some especially nasty software that proved difficult, if not next to impossible to remove for the anti-spyware scanners. In particular, the key processes for the following adware/spyware was not killable at all:
Do you run spyware removal tools or do you trust a blocker? Also, if you read that msg from DSLReports.com, you'll see that the one CD tried to install is one of the nastiest ones out there. And that's as of about 15 days ago.
On my home pc and the one at work I use Webroot Spy Sweeper. It seems to work pretty good for removing all of the spyware I have had the pleasure of coming across. With Cardomain though it has never been a problem. That sucks that you had a syware problem with them.
Wasn't so much a problem as an installation attempt. I never ever blindly click Yes on installation requests unless I know for sure that I want it installed. Also, I never click "Always trust so-and-so" even when I do approve installs. That's thanks to an incident last year where someone was able to trick Verisign into issuing him a certificate stating he was from Microsoft in order to get those who do always trust Microsoft to install his spyware without even seeing the pop-up requesting permission. Microsoft's solution to the problem: "Never click 'Always trust Microsoft' at installation requests." Talk about too little, too late to all the poor fools who already clicked it years earlier.
Sure enough when I read the installation request, I saw IBIS Websearch Tool and knew immediately it was up to no good. A quick Google and you saw what I found with respect to what the site was trying to install. Of course, knowing MS and MSIE, something else may have gotten through that I won't pick up until my next scan (or may never pick up).
That was just a spyware infestation attempt that was so lame it tripped a pop-up asking for approval! There's much more insidious stuff out there. I use Spyware Search & Destroy, btw.
If you use IE (like I do at work), perhaps you or someone else clicked to always trust Cardomain.com the first time you (or they) visited the site, thus giving them permanent permission to install whatever they want on your machine.... including this little gem.
As a net admin I get all of the exploit warnings mailed to me up to 20 times per day for all browsers, OS's and many software packages.
I have yet to see a browser or OS that did not have all kinds of exploits, you name it, it has it. URL spoofing is the most prevalent.
I use Spybot, the new Adaware SE, and Pest Patrol. If it gets by all of those, it really gets my attention. Pest patrol has the added benifit of active registry monitoring, memory monitoring, and keyboard logger checks.