I still don’t know how but I got a keylogger malware on my computer. Apparently I’ve had “HellzLittleSpy” on my computer for maybe 2 weeks. Grr! So I’m off to change all my passwords and crap. Maybe I’ll still have to reinstall Windows too.<\/p>\n
I noticed that every evening around 7 or 8pm my computer got wonky. iexplore.exe would start and consume a lot of CPU (20-80%) for minutes at a time. I couldn’t “kill\/end process” iexplore.exe but I could “end process tree” it. But it would restart in a few seconds.<\/p>\n
Then my computer talked to me. A couple nights ago it said something in Japanese with an announcers voice. Last night there was a 5 second clip that sounded like a porn movie. First a few seconds of modern but cheesy “ba dum dum dum” on a Casio and then some “Oo, ahh!” noises. I went away from my computer for a few minutes last night and this website was showing in my browser: http:\/\/sms.7988.net\/goto?q=qm&company=9ying&9vuid=53662<\/a><\/p>\n To test a theory, I uninstalled Vuze\/Azureus last night and my computer flipped out. Now I can only boot in safe mode. I ran Spybot in safe mode and it found HellzLittleSpy. I had previously run Spybot but it hadn’t detected the malware.<\/p>\n Update<\/strong>: Spybot also found the following that is a keylogger. :-(<\/p>\n {F03BDE84-4DB2-4DAB-B350-B07E6B918021} () I still don’t know how but I got a keylogger malware on my computer. Apparently I’ve had “HellzLittleSpy” on my computer for maybe 2 weeks. Grr! So I’m off to change all my passwords and crap. Maybe I’ll still have to reinstall Windows too. I noticed that every evening around 7 or 8pm my computer […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-2498","post","type-post","status-publish","format-standard","hentry","category-geekery"],"_links":{"self":[{"href":"https:\/\/www.lee.org\/blog\/wp-json\/wp\/v2\/posts\/2498","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.lee.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lee.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lee.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lee.org\/blog\/wp-json\/wp\/v2\/comments?post=2498"}],"version-history":[{"count":0,"href":"https:\/\/www.lee.org\/blog\/wp-json\/wp\/v2\/posts\/2498\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.lee.org\/blog\/wp-json\/wp\/v2\/media?parent=2498"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lee.org\/blog\/wp-json\/wp\/v2\/categories?post=2498"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.lee.org\/blog\/wp-json\/wp\/v2\/tags?post=2498"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n location: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\
\n BHO name:
\n CLSID name:
\n Path: C:\\Program Files\\Internet Explorer\\
\n Long name: JvtnNt64.987
\n Short name:
\n Date (created): 12\/9\/2008 8:54:18 AM
\nDate (last access): 12\/9\/2008 11:01:10 AM
\n Date (last write): 12\/9\/2008 8:54:18 AM
\n Filesize: 49789
\n Attributes: hidden sysfile archive
\n MD5: 8D596C51291946C6D0AFAB926C21F801
\n CRC32: 02B3C9BE<\/p>\n","protected":false},"excerpt":{"rendered":"