topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday March 29, 2024, 3:00 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Patriciann [ switch to compact view ]

Pages: [1]
1
 >:( I got taken in by this 'bugger' also.  


I wanted to read a Google Book off line and downloaded a Good Book reader and it changed my home page to ‘arccosine.com’ which gave me a ‘Google Search’ screen ‘look-a-like’  I changed my homepage back to Google search and then discovered my wireless internet connection had been changed from ‘public’ to ‘home’ creating an unsecured internet connection.  I switched it back to ‘public’ and went looking into my ‘Services’ to see if anything ‘popped’ out at me as unusual.  I don’t know enough about how computers work but am trying to learn.  

I downloaded an application called ‘GooReader’ and think this may be where the ‘infection’ came from as it offered several services I have never even heard of before and I did not opt into any of them.  By the time I was finished with the screens they presented offering all of these unwanted services I began to notice ‘changes’ made to my computer.  The name of signer on this ‘GooReader’ is “Solimba Aplcaciones SL” The time stamp is Wednesday March 12, 2012.  I have searched for this in my registry – no show.  I have searched for this in my installed programs – no show.  When I clicked on the application again it let me know it was already installed and asked if I want it to reinstall.  I closed the dialog box and decided this is ‘bad news’.  Can someone guide me through the process of figuring this out?  I ran McAfree and it showed all clear.  

Two individual ‘Diagnostic System Host’ (WdiSystemHost) are listed in ‘Services’ – One has me locked completely out and one I can modify.
I downloaded the ‘SvchostAnalyzer’ from A&M Neuber Software and it gave two warning instances as follows:
Process: svchost.exe
ID: 1900
File Access is denied, Run program as Administrator!
Group: No Microsoft file
Services: 0

The second instance which showed up later appearing along with this one:
Process: svchost.exe
ID: 8664
File Access is denied, Run program as Administrator!
Group: No Microsoft file
Services: 0

How can I investigate if someone has ‘remote’ use of my computer?  What are the steps I need to follow to track this down?  Or what should I be looking for?
DcomLaunch has me frozen out.  

I don’t know enough about this subject to be of much good at tracking down what damage may have been done and what was ‘snagged’ from my computer and perhaps ‘sent’ to some unknown person.  Just very creepy and it takes a real CREEP to do this to people.  Time for me to learn what these JERKS are doing to us and how to intervene for our protection.  

Pages: [1]