Quote:
Originally posted by bjorn:
quote:
I suggest you've already been compromised then [img]smile.gif[/img]
|
That's what i figured, dosen't bother me that much though, I never use IE. Someone suggested that I could get rid of the problem by using hijack this, is that true? [/QUOTE]HiJack This (HJT) is part of my toolset. It is, however, one of the last tools I pull out.
What I'd do is this:
1. On a separate machine, get current copies of Spybot S&D (
www.safer-networking.org), Ad-Aware (
www.lavasoft.de), and HJT (
www.merijn.org). For kicks, pick up a firewall like ZoneAlarm (
www.zonealarm.com) and anti-virus like AVG (
www.grisoft.com). You may also need to grab the latest update files from some of them.
2. Burn those all to a CD and bring them over to your compromised machine.
3. Disconnect that machine from the internet and start installing software. Ad-Aware and Spybot are the first two I'd install. After one installs, run it through to completion. Once one is complete, do the next one. Clean up what it tells you, googling on another machine if you have to.
4. Next I'd install the anti-virus and run it.
5. Now, firewall and set it up.
6. You should be ready to get to the internet now for a final check. Reconnect and go to Trend Micro (
www.trendmicro.com) for a full on-line scan. You'll need to do this in IE, as I recall... but go ahead. It's safe.
7. You should have a clean bill of health now, but run HJT to be sure. Google for the various executables and programs that it comes up with and check to see if they're malicious or not. I tend to trust castlecops and liutilities for the most part... other sites don't reassure me as much.
Now... after all that, it may still be compromised. You may need to turn off the system restore (done somewhere in properties for the computer), reboot into safe mode, repeat all seven steps, and *then* turn system restore back on. If you want, you can start out this way... no big deal.
After that... pop a brewski. It will be a long, long day.