Spyware?

Discussion in 'Computer Security' started by Mr.Cheeks, Nov 20, 2006.

  1. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    You know in Matrix, Neo is asleep and his monitor comes on and say Wake up Neo, then follow the rabbit, knock knock, guess what! same thing to me... ...well, instead of the writing, my monitor comes on and what i see?

    pr0n pop ups! dating ones, and the usual nonsense.

    damnit! i've been infected!

    this is the first time i've been infected since 2002, and why? i let my cousin use my computer whilst i was out. :dry

    i haven't had a proper look at it yet, but i checked;

    msconfig, looked in start-up, and nothing suspect there, whats disabled, is what i have disabled.
    looked in services, same again, nothing suspect there, whats disabled, is what i have disabled.
    add/remove prog - nothing suspect there

    IIRC there seems to be a few instances svchost loaded and smss in the process under task manager, which seem dubious.

    system restore is a quick fix, but i want to get this shi7 out of my system.

    i have AVG, and adaware spyware killer. so is there anything particular i should do when i get my @55 at home?
     
  2. AJ

    AJ 01000001 01100100 01101101 01101001 01101110 Administrator

    6,897
    182
    221
    Off the top of my head Spybot, Hijackthis and a full AV scan would be my first port of call.
     
    Certifications: MCSE, MCSA (messaging), ITIL Foundation v3
    WIP: Breathing in and out, but not out and in, that's just wrong
  3. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    i was thinking the same minus HiJack - i've heard about it, but what is it.
     
  4. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    HijackThis is really a reporting tool as well as a malware removal tool. However - it requires considerable expertise to use.

    Best way is to go to the Castlecops site - follow their malware removal proceedures and then run HijackThis and post the result on the forums there.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  5. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Try sys restore in safe mode first, might save you some time 8)
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  6. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    even if i try sys restore, then the crap will be inactive, but still in the system. i cant risk infecting my work's lappy, so i rather do it the longer way - may decide a format and reinstall if im still not happy. damn that cousin of mine! :cussing
     
  7. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    It *should* remove it, a format is the most sucure way of removing the syware but obviously takes longer. You should have *words* with your cousin! hee hee! :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  8. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    that little brat gone back to Manchester last night. i aint seen him for months, come to my place, an causes havok and pi55es off again :twisted:
     
  9. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Might be worth checking the Intenet History folder, you might find some 'interesting' material :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  10. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    cant, automatically clears. but i know he's been a naughty boy, he forgot to delete the movies from the desktop that he's been downloading :ohmy
     
  11. twizzle

    twizzle Gigabyte Poster

    1,842
    43
    104
    First rule of using someone else PC... ALways clear up the porn afterwards!!!
     
    Certifications: Comptia A+, N+, MS 70-271, 70-272
    WIP: Being a BILB,

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.