1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spyware?

Discussion in 'Computer Security' started by Mr.Cheeks, Nov 20, 2006.

  1. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,369
    85
    190
    You know in Matrix, Neo is asleep and his monitor comes on and say Wake up Neo, then follow the rabbit, knock knock, guess what! same thing to me... ...well, instead of the writing, my monitor comes on and what i see?

    pr0n pop ups! dating ones, and the usual nonsense.

    damnit! i've been infected!

    this is the first time i've been infected since 2002, and why? i let my cousin use my computer whilst i was out. :dry

    i haven't had a proper look at it yet, but i checked;

    msconfig, looked in start-up, and nothing suspect there, whats disabled, is what i have disabled.
    looked in services, same again, nothing suspect there, whats disabled, is what i have disabled.
    add/remove prog - nothing suspect there

    IIRC there seems to be a few instances svchost loaded and smss in the process under task manager, which seem dubious.

    system restore is a quick fix, but i want to get this shi7 out of my system.

    i have AVG, and adaware spyware killer. so is there anything particular i should do when i get my @55 at home?
     
  2. AJ

    AJ Administrator Administrator

    6,771
    102
    221
    Off the top of my head Spybot, Hijackthis and a full AV scan would be my first port of call.
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Looking at doing ..................
  3. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,369
    85
    190
    i was thinking the same minus HiJack - i've heard about it, but what is it.
     
  4. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    HijackThis is really a reporting tool as well as a malware removal tool. However - it requires considerable expertise to use.

    Best way is to go to the Castlecops site - follow their malware removal proceedures and then run HijackThis and post the result on the forums there.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  5. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    Try sys restore in safe mode first, might save you some time 8)
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  6. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,369
    85
    190
    even if i try sys restore, then the crap will be inactive, but still in the system. i cant risk infecting my work's lappy, so i rather do it the longer way - may decide a format and reinstall if im still not happy. damn that cousin of mine! :cussing
     
  7. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    It *should* remove it, a format is the most sucure way of removing the syware but obviously takes longer. You should have *words* with your cousin! hee hee! :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  8. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,369
    85
    190
    that little brat gone back to Manchester last night. i aint seen him for months, come to my place, an causes havok and pi55es off again :twisted:
     
  9. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    Might be worth checking the Intenet History folder, you might find some 'interesting' material :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  10. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,369
    85
    190
    cant, automatically clears. but i know he's been a naughty boy, he forgot to delete the movies from the desktop that he's been downloading :ohmy
     
  11. twizzle

    twizzle Gigabyte Poster

    1,838
    33
    104
    First rule of using someone else PC... ALways clear up the porn afterwards!!!
     
    Certifications: Comptia A+, N+, MS 70-271, 70-272
    WIP: Being a BILB,

Share This Page

Loading...