Infected with spyware?

While browsing the other day I got caught up in pop-up hell and when one of those 'install software' ones came up I clicked yes in my panic. I don't know what it was but when I googled the name it came back with results that indicate its for trawling my pc for passwords and sending them somewhere, same with key presses. Is this possible?

I've run ad-aware but what else should I use? Is there also something that will tell me what each process is thats running?

Thanks!

Philip

This is a good one (just a wrapper for a lot of free spywarescanners)
http://www.hitmanpro.nl/

Sorry, couldn't find an english page for it.

Taskinfo is great for monitoring processes:
http://www.iarsn.com/taskinfo.html

Oh, and maybe try firefox next time instead of internet explorer, altough it won't protect you from clicking yes to installing:
http://www.mozilla.org/

"HijackThis" is good but doesn't really identify spyware. It points out all the things in your system that could be spyware. It will pick up things like "Google's Toolbar" for example which is prefectly fine.

You really need to know what you're doing. If you run a scan, I can let you know what looks suss at least.

If you know what you installed, there's probably a howto on how to (hmm...) get rid of it.

And yes, although AdAware is a good start, it certainly doesn't find everything.

This FAQ is very good. It's a bit out of date but still very helpful. I personally use SpyBot, AD-Aware SE, Microsoft AntiSpyware and HiJackThis.

If you're really worried then the only solution is to wipe clean and then just reinstall keeping only your documents. The documents you'll probably have to scan anyway just in case of nasty macro/whatever viruses.

As mentioned, SpyBot is great, then possibly the MS product (although manually review everything because I got a lot of false positives).

Then go here and download and play with these:
http://www.sysinternals.com/ntw2k/utilities.shtml

Filemon: Monitors file access. Play with the filtering to reduce the output.

Process Explorer: Excellent process monitoring tool.

TCPView: Basically tells you what processes are listening on ports and sending/receiving traffic.

Autoruns: Lists all entries in Windows where a process can automatically start up.

RootkitRevealer: Possibly try this, but it's probably not necessary for simple malware.

--
Gareth

Ditto on Process Explorer. I use that all the time. Task Manager's got nothing on that program.

I'll have to check out their other software. I've been to their site dozens of times to download Process Explorer, but never looked at their other stuff. It sounds good.

Process explorer is great especially in win98 when you dont even have a task manger.

I just got rid of New dot new . Argh

<Ahnuld voice> "Dooo it! Dooo it naaow!"

The SysInternals tools are awesome. ProcessExplorer's ability to show which processes are linked to which DLLs really helps.

The latest versions of HiJack This also have a process explorer that is helpful. I'm not even sure if the program cleans spyware, but it sure can detect it.

I would suggest installing the MVPS Host File when you are done, and updating it weekly at least. It prevents your computer from even THINKING about talking to malicious websites.

Yes, than Mozilla and SpySweeper (which I still think is plotting to take over the world, but that's another story).

Good luck, you can do it, unless its a rootkit, in which case SysInternal's Root Kit Revealer may help, though I haven't tried.