The joys of spyware. In the last week or so it has been discovered that the infamous coolwebsearch has been traced to identy theft. Apparently this sucker has a keylogger (but not a regular logger, a smart logger), among other things, that captures info on your pc and sends it to a remote server. It all comes down to identity theft apparently. Also, the thing that makes it so elusive, is that its a pain to remove. Some antispyware apps won't even find it in a scan. However, when all else fails, safe mode to the rescue and if you follow thg link, trendmicro will provide you with a nifty little app to scan your system speficially for coolwebseach and remove the bugger. Below, a cut and paste quote: "It's a little Trojan that sits there and [reads data stored in] the Protected Storage area," he says. Windows XP uses the Protected Storage area to record sensitive information, such as your browser's AutoComplete histories for URLs, passwords that you instruct IE to save and enter automatically, and data you submit to Web sites on SSL-protected forms. The Trojan horse reads this information--including "search terms, stuff you enter in forms, passwords, everything you enter at a bank," according to Eric Sites, Sunbelt's vice president of research and development--and then forwards the data to the server. This is no mere keylogger, Sites adds. "A normal keylogger records anything that is on your computer. This thing attacks anything that you filled out in Web forms, so it has your credit card number, the expiration date, the security code, [and] your address; and it tracks every Web address that [you've entered] a username and password [into]." To remove and check for coolwebsearch on your system, go to the following link http://www.trendmicro.com/cwshredder/ For more details, follow the links below ( i strongly suggest reading them): http://www.eweek.com/article2/0,1895,1845248,00.asp http://sunbeltblog.blogspot.com/ http://pcworld.com/news/article/0,aid,122176,00.asp http://pcworld.com/news/article/0,aid,122149,00.asp Now general steps to protect oneself: -install a firewall (zonealarm or sygate) both free -install adaware and update it regularily -install spybot and update regularily -this is where i'm biased, stop uing IE and start using Firefox or Opera! -Check out pcworld and pcmag, they have some very good reviews of spyware removers. Webroot and Counterspy come highly recommended. ( i use them both) -This should cover you for now. One of these will not protect your system, you have to use a combination of whats listed. Lastly, if all else fails, boot into safe mode and go to work. Knoc
Re: Spyware. thats crazy. and thats something you see on all computers. (those that dont put much thought into security). and on a semi related note; i was looking through my system processes, and found something called conime.exe running. it wasnt taking up any resources but it turned out to be some trojan or backdoor app. i havent seen it again since i've ended it, but now im scared. anyone know anything about this?
Re: Spyware. coolwebsearch is not that new though, i helped to wipe its spyware out of my cousin's computer few months ago. hah, i know conime.exe is running on my system but i never suspected it's a trojan backdoor, thanks for mentioning
Re: Spyware. Yes, i agree, coolwebsearch isn't new. I've cleaned a few systems with it. But the intersting thing is that its not just simple spyware! Chances are that if you find something like that on your system there dank, symantec will possibly have a tool to remove it. Sometimes a hit or miss, but always good to check out their latest news on these things. Also, dank, did your reboot your system to see if its still there? You can also check to the startup processes to see if its in there, as sometimes i find those buggers in there on my cousins system. (on a side note, damn family always calling on the comp literate relatives to help with their system!!!..hhah) Knoc
Re: Spyware. oh..after doing some more research, i realized ive skipped over this part, "Note! If your system is using a non western language this can be a legitimate entry." now they're just screwing with us
Re: Spyware. hmmm.......i suggest use ad-aware this is the best spyware program http://www.lavasoft.de/ on the side, products. Click on ad-aware personal
Re: Spyware. having multiple protection programs installed can create conflicts between them, i already have spybot s&d and avg installed, if i install adaware and zonalarm will it create conflicts? just asking, better to be safe than sorry i guess.
Re: Spyware. My advice: - Firefox > IE - Alt + F4 to close pop-ups or Ctrl + F4 if in Firefox - Watch the links you click on (ie. dont click on a link ending in .exe <_< ) - And of course stop looking at porn/hentai oh and i just noticed we got new sets of emotions -clapclap -worship Edit - bleh i liked the old worship/bowdown it looked funnier
Re: Spyware. to add to that: -firefox along with the addon pop up blocker -Adaware -Spybot -Microsoft Antispyware -Spyware spyblaster -Spyguard -Some sort of bundled Internet Security App -Firewall! -Webroot Spysweeper!
