Solved how to remove invisible program Spy Cobra

[redcherry]

Hi,

my boyfriend has installed a program called Spy Cobra on my pc and i would like to know how to remove it as it doesnt show up in task manager. from what ive read its supposed to be undetected and isnt supposed to show up there..please help as it is invading my privacy and recording all my passwords and taking screen shots. i know this because i saw them on his pc. thank you!

 

[Brink]

Hello Redcherry,

It may be best to just do a clean reinstall of Windows 7 since there's no telling what else he may have done or installed on your PC. Afterwards, change all your passwords. I would also recommend to not let him back on your PC, and you might consider kicking him to the curb since that's a violation of your trust in him.

 

[redcherry]

i was thinking of doing a format to be sure its gone! thanks for reply! i am also worried about my phone is there a possibility its being monitored to?if so how would i know?

 

[Brink]

Could be if you think he would actually do that with your phone. I'm not an expert that can help with this, but you might see if the links below may help depending on what type of phone it is.

phone
http://lmgtfy.com/?q=check+to+see+if+phone+is+tapped

smartphone
http://lmgtfy.com/?q=check+to+see+if+smartphone+is+tapped

 

[bobkn]

i was thinking of doing a format to be sure its gone! thanks for reply! i am also worried about my phone is there a possibility its being monitored to?if so how would i know?

Are you in danger of physical abuse at your "boyfriend's" hands? I think that installing a keylogger like this is already a criminal offense. I hope that's the worst he's capable of.

 

[Neutron16]

Gmer is an application that detects and removes rootkits.


On gmer's website click on Download EXE button. Randomly named EXE version of this tool will be generated and downloaded (to prevent detection by file name).

In GMER's window click on Scan button.
Item red highlighted items are suspicious items.

 

[redcherry]

Thank you for your replies! I also believe it is a criminal offence too and am a bit worried what else he capable of..but were finished after this I can't trust him!

Neutron I will run gmer later this afternoon a nd can I post log file here as im not sure wat is safe to remove..I have been running lots of spy ware removal programs so for all I know I may have already removed it but I still notice my laptop is real slow and getting very hot even when I'm not doing anything the fan is constantly blowing nearly..

 

[Brink]

Sure you can upload the log file here if you like. If it's to large, then place in it a ZIP file instead.

Personally, I'd recommend a clean install to be safe though.

 

[redcherry]

i did scan but it didnt seem to find much..does that mean that maybe its already been removed by other scans ive done? anyway heres the log file..thanks

 

[HAVOC]

I would also recommend a clean install. Make sure you backup all your documents and pictures then wipe the HDD and start again.

 

[Hanna 1]

Hi redcherry
Beside advices mentioned above, try the following:

Virus Encyclopedia | Information | Evolution | Protection - Security Information - Panda Security

But at the end i am also with a clean install

 

[Tekno Venus]

If you want a step by step guide on a clean install read this: Clean Install Windows 7 - Windows 7 Forums

Stephen

 

[PooterMan]

Be aware that certain rootkit viruses can even survive reformatting a hard drive. In these cases the only 100% safe option is to replace the hard drive and reinstall Windows

 

[iozak]

The solution is use Process Explorer from Microsoft and look for Winlogon. Remove any entry after "," (comma).
This will prevent from auto starting...

Normally they are hidden from the user so go to c:\ click on View > Options > View > Show Hidden Files, Folders and drives and press OK

To remove the files use an anti virus or navigate to c:\program files\ and look for suspicious folder.

 

[scr]

Hello Redcherry,

It may be best to just do a clean reinstall of Windows 7 since there's no telling what else he may have done or installed on your PC. Afterwards, change all your passwords. I would also recommend to not let him back on your PC, and you might consider kicking him to the curb since that's a violation of your trust in him.

"Kicking" is the correct idea..."Curb" is the wrong place.

People and what they do never ceases to amaze me.