Hello,

Recently one of my roommates installed webwatcher on my laptop while I was away and got hold of my chatlogs and visited webpages (including my hi5 account :(:( )

I downloaded the spybot program and used it to detect and fix webwatcher, but am still suspicious and have some questions which I would love to have answered :

1) how can i ensure that the software no more monitors my laptop? I don't want my private data falling into someone else's hand and its very important to me.

2) Is there a method of ensuring that the program doesnt re-install again on my laptop? I don't like the idea of having 2 run a scan every day.

3) Spybot crashes a lot during scans, any tips on fixing that?

Thanks a lot ... your help is pretty appreciated :D

Hi muzzabra,

you can always do this (http://forums.spybot.info/showpost.php?p=304562&postcount=2). ;)

but ive already detected and removed the malware, and I accidentally deleted the log files :( ... plz dnt tell me everything is screwed :(:(:(:(

Hi muzzabra,

Calm down please. :) If you aren't sure whether your computer is free from Malware, although you have run some tools, you should open your own thread in the Malware Removal Forum.

Sometimes, Malware blocks Spybot or let it crash. So there is the possibility that there are some leavings...

Which Malware did Spybot and other tools find?

hey matt

Spybot detected webwatcher running in my system and I used it to fix the problem. However I can't be comfortable using the computer until I totally ensure everything is safe. After calming down :laugh: and reading the link u posted, I assume it will still be useful doing what you said there right? and only THEN posting something in the malware removal forum. Please guide me on the right track. Thanks a lot :D

Hello muzzabra,

Hello,
Recently one of my roommates installed webwatcher on my laptop while I was away

Have you put passwords on your laptop account/s so that people cannot gain physical access to them?

Hi muzzabra,



Please guide me on the right track.
Well, I would like you to read carefully the thread "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288) from tashi, especially prepare an HijackThis logfile.

After that, you can open your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) where an expert will help you as soon as possible. Therefore, click New thread in the upper left corner and add the HijackThis logfile. Moreover, you can add any information which is important in your eyes. :)

It doesn't sound like a Malware infection in my eyes, but if you want to make sure... do this... an alternative would be: You can your computer on your own with some Anti-Malware tools... ;)




Thanks a lot You're welcome. ;)
If you have any questions, please feel free to answer. :bigthumb:

hey tashi,



Have you put passwords on your laptop account/s so that people cannot gain physical access to them?


It's a lot more complicated than it seems. I can't put a password on the laptop and there are some days where I have to leave the laptop in the room, meaning the roommate can access my laptop anytime he wants. That's why I also want to make sure that even after the threat has been removed there is no way he can install anything on my laptop again.

Hi muzzabra,
It doesn't sound like a Malware infection in my eyes, but if you want to make sure... do this... an alternative would be: You can your computer on your own with some Anti-Malware tools... ;)


Well the thing is matt, he showed me some of my chatlogs, which is what really pisses me off, and also makes me confident that am infected with webwatch. Btw for the installation of webwatch, does the person need physical access to the computer, or network access is more than enough?

Thanks a lot again. I know I ask too many questions but please bear with me :sad:

I can't put a password on the laptop
WHAT ?? Why not? Can you please explain this? :blink: Which operating system do you use? I thought, that there's always the possibility to use passwords by following the path
Start > control center > user account. Moreover, you can create an restricted account there.


Well the thing is matt, he showed me some of my chatlogs, which is what really pisses me off, and also makes me confident that am infected with webwatch. Btw for the installation of webwatch, does the person need physical access to the computer, or network access is more than enough?
The person doesn't need internet/network access... if he had this program on an USB-stick for example... so he can switch on your computer and install it... from an USB-Stick or he uses internet or whatever.

Have you already decided, which why you want to go (according to make sure that you don't have any leavings of Malware onto your computer) ??

Make sure that this guy can't use your laptop anymore.

Keep us updated. :)

[QUOTE=Matt;307462]WHAT ?? Why not? Can you please explain this? :blink: Which operating system do you use? I thought, that there's always the possibility to use passwords by following the path
Start > control center > user account. Moreover, you can create an restricted account there.
[QUOTE]

ill elaborate further . I go to a boarding school, and are given one laptop per room for personal/educational use. Each room houses 3 students and hence the laptop I currently use is also used by two others, one of which is the guy spying one me. I can't prevent him from using the laptop and he happens to be a senior, so spying back on him is NOT a good idea. I know the situation is complicated, and I pretty much need your help. Am gooing to do what you told me to asap, and then we'll hopefully see how we cn prevent this from happening again !
Thanks again!

Hey guys,

I did what you all asked me to

http://forums.spybot.info/showthread.php?p=307506#post307506

:)

After doing a bit of research, I came up with a few suggestions on how to prevent the infection from happening again. To prevent installation through internet or network, I plan to keep using tea timer and the immunize function. To prevent the installation when my roommate has physical access to this laptop, I read something about adding entries into the host file. If I can add the webwatcher entry to the host file, I assume it'll stop webwatcher from connecting to the internet and sending my data ( as far as I know that's how webwatcher works) .

Another idea I came up with to prevent physical installation is the use of a software than can keep track of when windows was logged on . This way i can know when he used the laptop, run a scan to see if webwatcher is re-installed, and then fix the problem myself.

I know am really troubling you guys, but we all have a stage where we are inexperienced and need lots of help from more experienced members. So please bear with me, and thanks a lot again :)

Hey guys,

I did what you all asked me to

http://forums.spybot.info/showthread.php?p=307506#post307506

:)
That was a suggestion just to make sure, that you are really clean. If this laptop isn't your own, but for education, then I'm not sure, wheather a security expert will look into it. But let's see. Someone will answer definitively to you. :)

That was a suggestion just to make sure, that you are really clean. If this laptop isn't your own, but for education, then I'm not sure, wheather a security expert will look into it. But let's see. Someone will answer definitively to you. :)

Dont worry Matt. I'm not violating any laws or terms of use with my laptop. We are given freedom for using the laptop for both personal and educational purposes, and as long as we return them safely at the end of high school, everything is fine, since the IT department will format them :)