1. Tipping 2014 Winners

    Third place: Chopper69 ( $150 + Platinum)
    Second place: scottsdale pies ($350 + Platinum)
    First place: muttley45 on 150 points ($500 + Platinum)

    A special mention goes to BIG DADDY, Fabregas, Reardo and Woodie99 who tied for 4th place on 146 points!

    See you in 2015! BigFooty's Draft Tipping 2014 will be announced in a timely manner.

Getting rid of spyware

Discussion in 'Computers and Technology' started by Scottroo, Aug 10, 2004.

Put it out there
  1. sblack

    sblack #shady

    Brisbane Lions
    Other teams:
    Sixers, Eagles, Man Utd, Georgetown
    Joined:
    Apr 07
    Posts:
    17,320
    Location:
    Sydney
    What is it that keeps popping up? And have you punched it into a search engine to check the severity of it?

    Run Malwarebytes and see what it says

    (Log in to remove this ad.)

  2. Juddy88

    Juddy88 Club Legend

    West Coast
    Other teams:
    Tottenham, East Perth
    Joined:
    Apr 07
    Posts:
    10,501
    Location:
    West Coast
    Recently picked up a trojan in a scan in an application (not on this comp, on a separate one) I'd already launched. Initially it wouldn't let me delete it but my antivirus put the file in to the virus vault. I've ran plenty of scans, spybot, malwarebytes, Rkill in safe mode, combofix, and nothing has come up.

    Is it gone? Anything else I should do?
  3. Upton Sinclair

    Upton Sinclair Account Cancelled by User

    Collingwood
    Other teams:
    Joined:
    Jul 11
    Posts:
    5,453
    To everyone with malware: download ComboFix, get log, post on BleepingComputer...

    Rinse and repeat....
  4. Donners

    Donners Moderator

    Sydney
    Other teams:
    Rushden & Diamonds FC (RIP :( )
    Joined:
    Sep 02
    Posts:
    3,907
    Location:
    Vic
    I was just casually browsing the Internet (legit sites too, mind you) when my browser abruptly crashed. That being nothing unusual, I thought nothing of it - until two other things crashed.

    Then one of those nasty ransomware messages popped up (ie. Your computer has been locked by the Australian Federal Police and you must pay a fine of $100 to unlock it, etc). There was no way around it through Task Manager or logging out.

    Thankfully I had read about those, so I restarted in safe mode and loaded up system restore - only for the computer to abruptly restart. Sneaky! I restarted in safe mode with command prompts, and thankfully was able to run system restore that way, and kill off the bastard.

    Looking through the event log was quite terrifying. My anti-virus was going utterly berserk, taking out eight trojans in a matter of seconds (one of them must have dropped/downloaded a bunch), including some pretty nasty ones. Then one of them managed to switch it off, as well as taking out my firewall, minimising my browser's security settings and fiddling with a whole bunch of other things before launching the ransomware interface.

    I still have no idea how it happened, given that I was browsing popular and legit sites which have not caused me problems before or since, but it was quite an experience.
  5. The Passenger

    The Passenger Mr. Mojo Risin'

    West Coast
    Other teams:
    Pittsburgh Penguins, Dallas Cowboys
    Joined:
    Mar 03
    Posts:
    23,399
    Location:
    The City of Light
    you've probably had some sort of java plug in issue. even if it isn't this advice should be heeded by all:

    https://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

    unless you have a compelling reason to running a java plug in, then you should have it disabled at the moment. in fact i can't think of one reason to have the java plug ins running right now. maybe enable them temporarily when you need to do something but that would be it. there have been some serious security issues discovered in the past month. i'm not 100% sure if it affects older versions, but it all came to a head when oracle released java 7 update 10 in early to mid january.

    if you do need to run a java applet permanently, then most likely your a developer of some sort so you should know of the security risks. if not, then what i would recommend is to have two profiles with chrome or firefox. one for your regular browsing and one for your secure browsing such as banking, e-mails etc,. with your secure profile ONLY visit the sites that you need to, and ALWAYS close your regular profile whilst on those sites.

    i don't run any java plug ins (java is the number one cause of internet infections every single year) so i haven't followed it too closely... so i may not be 100% accurate here but my understanding is what was discovered was that it was possible to run java plug ins automatically, getting around the user setting "ask before running plug ins". so someone could write a malicious applet such as a keylogger, inject it into a legitimate looking site and have it run automatically when you open that page. so whilst you continue to have that page open the applet is logging your keystrokes. that was my understanding of the main flaw that was found.

    Donners you may have been browsing what you thought were legit web sites, but it isn't out of the realms of possibility that they were temporarily compromised or something like that.

    going a bit further, i don't see much of a reason why anyone should have java on their computer at all. i'd recommend, uninstalling and only reinstall (which is easy to do) if something stops running. the whole java platform has fallen to shit in recent years. android is about the only thing keeping it relevant at the moment imo (and it's a pretty handy trump card to be fair). if you do need to have java on your computer, make sure you have java 7 update 13 or java 6 update 39.

    someone might ask about android now because it's pretty much based on java which is true. as at this moment though there doesn't appear to be any major security holes on the android. the reason for this is because android uses a virtual machine called Dalvik to process java files. Computers use a virtual machine called the Java Machine Virtual (original), and it's the JVM that is compromised at the moment.

    That's not to say Dalvik is completely secure, I'm sure there are some exploits out there that are unknown at the moment.
  6. The Passenger

    The Passenger Mr. Mojo Risin'

    West Coast
    Other teams:
    Pittsburgh Penguins, Dallas Cowboys
    Joined:
    Mar 03
    Posts:
    23,399
    Location:
    The City of Light
  7. Donners

    Donners Moderator

    Sydney
    Other teams:
    Rushden & Diamonds FC (RIP :( )
    Joined:
    Sep 02
    Posts:
    3,907
    Location:
    Vic
    There was a zero-day Java exploit which was noticed in mid-January and my issue was on the morning of 19 January, so it fits. I'm mostly using my iPad for browsing these days; it's not the first time I've had issues.
  8. The Passenger

    The Passenger Mr. Mojo Risin'

    West Coast
    Other teams:
    Pittsburgh Penguins, Dallas Cowboys
    Joined:
    Mar 03
    Posts:
    23,399
    Location:
    The City of Light
    almost certainly that is the case man. this java thing is bad. oracle have pretty much ****** up java.
  9. efbe

    efbe Draftee

    Sydney
    Other teams:
    Joined:
    Mar 14
    Posts:
    2
    Linux is the answer, you will never have Malware or any virus problems again...
    Try Zorin OS, Linux Mint or Ubuntu. If your not into heavy gaming, then Linux will suit your needs without the fear of viruses.
  10. 4realinmel

    4realinmel Draftee

    Carlton
    Other teams:
    Joined:
    Mar 14
    Posts:
    28
    get rid of windows is what you need to do....
    The Passenger and MadMac like this.
  11. The Passenger

    The Passenger Mr. Mojo Risin'

    West Coast
    Other teams:
    Pittsburgh Penguins, Dallas Cowboys
    Joined:
    Mar 03
    Posts:
    23,399
    Location:
    The City of Light
    Mint is sweet.

    Currently using Fedora 19 at work for a project and that's pretty good. Had to dual boot onto my laptop so I can use that too and the laptop is running considerably slower since installing it, even when I'm using Mint. The machine is on the back end of it's life though.

    (Log in to remove this ad.)

  12. I hate trolls

    I hate trolls Draftee

    North Melbourne
    Other teams:
    Joined:
    Apr 14
    Posts:
    30
    Make sure you have an awesome anti virus software program because if you don't you're in trouble with trojans and other things that go wrong with your computer.
    What I have on my computer is Kaspersky 2014 internet security. It's great because it protects you for 2 years.
  13. Big Sauce 21

    Big Sauce 21 All Australian

    Brisbane Lions
    Other teams:
    Joined:
    Oct 13
    Posts:
    3,062
    Location:
    Brisbane
    Every time I come onto Bigfooty i'm getting popups with my blocker on and Security active.
  14. Xtreme

    Xtreme Club Legend

    Hawthorn Hawthorn - 2013 Premiers
    Other teams:
    Joined:
    Jul 06
    Posts:
    9,495
    Location:
    Melbourne
    I logged on to Skype and someone NOT on my contact list was instant messaging me like they were already on it, acting like they knew me AND then tried to get me to click on a website link. After a brief conversation (in a nutshell i said that unless they can verify that they know me the conversation is stopping now), i blocked and then clicked on the "report" button.

    The skype account i was on has not been hijacked and taken over (that i know of anyway), i changed the password to that and the other websites i was using at the time. I deleted the saved password history that my browser had and changed the passwords to my important accounts (e-mail, several forums, internet banking etc).

    Clearly my computer is compromised in some way but without knowing, i'm actually going to the effort of backing up the important stuff (music, movies, photos - not all of it is porn!) and then will format and reinstall windows. To add to the paranoia i am also going to change the password to my router and SSID password in case the mystery person now knows what it is.

    I don't remember what the site url is now, but it was some social network link (not twitter or fb), i looked up the address and did a whois on the domain and such, it's registered to someone in Texas that used a yahoo address to register the domain, the domain itself expires in November. Strangely enough i googled a few of those sites that give a ranking or say whether a site is safe or not. Most of the sites i ran the url through said the site was safe, only one gave it a bad rating. The Alexa traffic for it is another reason for me to think it was a phishing scam - the Alexa traffic for it doesn't match up, obviously only a few hundred people are dumb enough to click on it each day...................... but there was something like 80,000 visitors over the last month.

    Am i over reacting or doing the right thing in formatting my pc and starting again ?
  15. Kidd Vicious

    Kidd Vicious Tyson Chandler Parsons

    North Melbourne
    Other teams:
    Joined:
    Sep 04
    Posts:
    16,408
    Location:
    Here
    Im a complete noob at this. Had to get a new harddrive so everything was wiped. Ive got windows 7.

    At the moment Ive got malwarebytes anti-malware.

    DO I need to get an anti-virus or will the malware byte program cover it?

    Do I need to get a firewall?