Other > Viruses and worms |
Questions regarding key logging software that was installed on a laptop |
<< < (4/7) > >> |
ahullsb:
(Continued) 00232552 application/winantivirus2006 HackTools No 0 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\wa6p_is1 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERzlwium 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERxkfrgl 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERwevwnm 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERvpcnfz 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERvilquo 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERuirrhg 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERswkbum 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERrrlibt 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERrgzndd 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERpfizni 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERpaqzdq 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERowkpgq 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERobbljy 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C\WA6P\Quar\ERnigjjq 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERmokaas 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERmlrgoc 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERhmtajr 00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERfgqeqk 00366244 Application/NirCmd.A HackTools No 0 No No F:\Flash_Disinfector.exe[F:\Flash_Disinfector.exe][nircmd.exe] 00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\erin marston\Desktop\Flash_Disinfector.exe[C:\Documents and Settings\erin marston\Desktop\Flash_Disinfector.exe][nircmd.exe] ;=============================================================================== ================================================================================= =================== SUSPECTS Sent Location ޥ ;=============================================================================== ================================================================================= =================== ;=============================================================================== ================================================================================= =================== VULNERABILITIES Id Severity Description ޥ ;=============================================================================== ================================================================================= =================== 184380 MEDIUM MS08-002 ޥ 184379 MEDIUM MS08-001 ޥ 182048 HIGH MS07-069 ޥ 182046 HIGH MS07-067 ޥ 182043 HIGH MS07-064 ޥ 179553 HIGH MS07-061 ޥ 176382 HIGH MS07-057 ޥ 176383 HIGH MS07-058 ޥ 170911 HIGH MS07-050 ޥ 170907 HIGH MS07-046 ޥ 170906 HIGH MS07-045 ޥ 170904 HIGH MS07-043 ޥ 164915 HIGH MS07-035 ޥ 164913 HIGH MS07-033 ޥ 164911 HIGH MS07-031 ޥ 160623 HIGH MS07-027 ޥ ;=============================================================================== ================================================================================= =================== I hope that clears things up a bit. After running move it again I was hoping this computer looks clean now? Sorry again for the confusion. |
wyrmrider:
first we had symantic now antivir? did you ever run a symantec or antivir scan? remember what I said about removing symantec goes ditto for antivir http://www.avira.com/en/support/antivir_removal_tool.html after removing Symantec and Antivir run this http://dl.antivir.de/down/windows/registrycleaner_en.zip you can run ccleaner to remove the cookies which clutter up your posts you are still finding malware MBAM got rid of the 2006 infection I need to see another AV scan like kaspersky run superantispyware and/or Spybot search and destroy scans then post up a new HJT be sure to close all browser windows do not worry about restore points now |
ahullsb:
first we had symantic now antivir? did you ever run a symantec or antivir scan? remember what I said about removing symantec goes ditto for antivir http://www.avira.com/en/support/antivir_removal_tool.html after removing Symantec and Antivir run this http://dl.antivir.de/down/windows/registrycleaner_en.zip you can run ccleaner to remove the cookies which clutter up your posts you are still finding malware MBAM got rid of the 2006 infection I need to see another AV scan like kaspersky run superantispyware and/or Spybot search and destroy scans then post up a new HJT be sure to close all browser windows do not worry about restore points now She didn't think she had any antivirus program when I installed Avira. I want to install Avast for her because I have recently switched to it on my own machine and like it. I will use avira's uninstall link you recommended and run cc cleaner for her as well. I have run scans with Avira and it did not find anything. What malware is still appearing? Is it the tracking cookies from the last log that you are referring to? I will have access to her computer tomorrow so I will run a kaspersky scan as well, then post that log. Then I will run superantispyware as well if that is what you recommend. I was originally going to install spyware guard and spyware blaster for her, should I use superantispyware instead? |
wyrmrider:
ok clean install of avast run both the avira uninstall tool and the antivir registry cleaner super anti spy is a on demand checker/ scanner- like Spybot scanner and MBAM in the free version I was looking at the winantivirus2006 ccleaner should clean up the tracking cookies- not to worry SAS and Spybot scans will find them too- -just get them out of the way so they do not clutter up your posts I just want to make sure nothing else got installed along with winantivirus2006 put in spywareblaster spywareguard not necessary now- we can talk about that kind of thing later (how much memory and how fast a system does she have?) did you run that free kelogger tool that I linked to? there are two types of keyloggers, the "hook" kind (most of them) and the Kernel type- the real nasties did you check for rootkits? Post up a fresh hjt at the end of the day I'm hoping that one of the HJT experts will look at |
ahullsb:
Thank you for the advice. I will do as you instructed. Unfortunately I will not be able to get her computer until tomorrow. I wanted to let you know that so you aren't checking this thread today/tonight. I have spyware guard and spyware blaster on my own machine, I'd be curious whether I too should get rid of either of them, or use superantispyware instead. For reference I use Comodo (with the malware scanner...oops), although I am about to switch to online armour. I'm using Avast antivirus. Spywareblaster and Spyware Guard are also on my machine. Any advise on whether adding superantispyware would cause conflicts with these other programs would be appreciated, and if so, which from the above list I should remove. I accidentally installed the full version of Comodo with the malware portion and then installed Avast. I realize the possibility of conflicting software now, and that is why I am going to switch Comodo to something that is strictly a firewall. Would it have caused problems with the other software when I installed them, or will switching the firewall program be sufficient to correct the problem? |
Navigation |
Message Index |
Next page |
Previous page |