vcant Posted September 2, 2003 Share Posted September 2, 2003 strange thing happened to me:i came to the office today, and on my computer, when i open IE it goes to www.surferbar.com, some kind of spyware thing...but when i left yesterday it was ok, noone had access to my computer, i have antivirus and im behind router, so there is no direct access to my computer. So how could that happen????? Link to comment Share on other sites More sharing options...
Tinker Posted September 2, 2003 Share Posted September 2, 2003 Sometimes those bad guys will not show up until the next time you start IE. Could be that during your last IE open period it popped itself onto you system and you did not see it until now.You got it changed back to your home page correct? Link to comment Share on other sites More sharing options...
vcant Posted September 2, 2003 Author Share Posted September 2, 2003 well, i had to run ad-aware with latest update in order to get rid of it, but it came back again, then i found this suspicious process called winsrv32.exe running, the file was placed in c:/program files/,antivirus didnt catch it, so its probably just spyware, i closed the proces and deleted the file. now im manually scanning the registry to find remaining parts of it.but my main question remains: HOW THE HELL DID THIS THING GET THERE IN THE FIRST PLACE i dont open any suspicios files... and as i said above, im quet well protected... Link to comment Share on other sites More sharing options...
vcant Posted September 2, 2003 Author Share Posted September 2, 2003 ok, i know how it got there, and a very clever way i must say:it came as a security key with an email suposed to be from Red Hat.when the email came, PGP that im running imported the key... Link to comment Share on other sites More sharing options...
Tinker Posted September 2, 2003 Share Posted September 2, 2003 You have to watch those bad boys every seconded........A buddy of mine accidentally clicked on a porn link that came up in one of those pop up attacks. He was trying to close the link and hit the wrong button. Anyway it made itself the home web page and placed changes in the registry in 4 or 5 different locations as well as a couple of program start ups.. He spent around 20 hours getting rid of each and every location that it had installed itself to...Glad you fount it.... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now