| Other > Viruses and worms |
| Questions regarding key logging software that was installed on a laptop |
| << < (4/7) > >> |
ahullsb:
(Continued)
00232552 application/winantivirus2006 HackTools No 0 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\wa6p_is1
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERzlwium
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERxkfrgl
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERwevwnm
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERvpcnfz
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERvilquo
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERuirrhg
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERswkbum
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERrrlibt
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERrgzndd
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERpfizni
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERpaqzdq
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERowkpgq
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERobbljy
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C�\WA6P\Quar\ERnigjjq
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERmokaas
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERmlrgoc
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERhmtajr
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\WA6P\Quar\ERfgqeqk
00366244 Application/NirCmd.A HackTools No 0 No No F:\Flash_Disinfector.exe[F:\Flash_Disinfector.exe][nircmd.exe]
00366244 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\erin marston\Desktop\Flash_Disinfector.exe[C:\Documents and Settings\erin marston\Desktop\Flash_Disinfector.exe][nircmd.exe]
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location ޥ
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description ޥ
;===============================================================================
=================================================================================
===================
184380 MEDIUM MS08-002 ޥ
184379 MEDIUM MS08-001 ޥ
182048 HIGH MS07-069 ޥ
182046 HIGH MS07-067 ޥ
182043 HIGH MS07-064 ޥ
179553 HIGH MS07-061 ޥ
176382 HIGH MS07-057 ޥ
176383 HIGH MS07-058 ޥ
170911 HIGH MS07-050 ޥ
170907 HIGH MS07-046 ޥ
170906 HIGH MS07-045 ޥ
170904 HIGH MS07-043 ޥ
164915 HIGH MS07-035 ޥ
164913 HIGH MS07-033 ޥ
164911 HIGH MS07-031 ޥ
160623 HIGH MS07-027 ޥ
;===============================================================================
=================================================================================
===================
I hope that clears things up a bit. After running move it again I was hoping this computer looks clean now? Sorry again for the confusion.
|
wyrmrider:
first we had symantic
now antivir?
did you ever run a symantec or antivir scan?
remember what I said about removing symantec
goes ditto for antivir
http://www.avira.com/en/support/antivir_removal_tool.html
after removing Symantec and Antivir run this
http://dl.antivir.de/down/windows/registrycleaner_en.zip
you can run ccleaner to remove the cookies which clutter up your posts
you are still finding malware
MBAM got rid of the 2006 infection
I need to see another AV scan like kaspersky
run superantispyware and/or Spybot search and destroy scans then post up a new HJT be sure to close all browser windows
do not worry about restore points now
|
ahullsb:
first we had symantic
now antivir?
did you ever run a symantec or antivir scan?
remember what I said about removing symantec
goes ditto for antivir
http://www.avira.com/en/support/antivir_removal_tool.html
after removing Symantec and Antivir run this
http://dl.antivir.de/down/windows/registrycleaner_en.zip
you can run ccleaner to remove the cookies which clutter up your posts
you are still finding malware
MBAM got rid of the 2006 infection
I need to see another AV scan like kaspersky
run superantispyware and/or Spybot search and destroy scans then post up a new HJT be sure to close all browser windows
do not worry about restore points now
She didn't think she had any antivirus program when I installed Avira. I want to install Avast for her because I have recently switched to it on my own machine and like it. I will use avira's uninstall link you recommended and run cc cleaner for her as well. I have run scans with Avira and it did not find anything. What malware is still appearing? Is it the tracking cookies from the last log that you are referring to? I will have access to her computer tomorrow so I will run a kaspersky scan as well, then post that log. Then I will run superantispyware as well if that is what you recommend. I was originally going to install spyware guard and spyware blaster for her, should I use superantispyware instead?
|
wyrmrider:
ok clean install of avast
run both the avira uninstall tool and the antivir registry cleaner
super anti spy is a on demand checker/ scanner- like Spybot scanner and MBAM in the free version
I was looking at the winantivirus2006
ccleaner should clean up the tracking cookies- not to worry
SAS and Spybot scans will find them too- -just get them out of the way so they do not clutter up your posts
I just want to make sure nothing else got installed along with winantivirus2006
put in spywareblaster
spywareguard not necessary now- we can talk about that kind of thing later
(how much memory and how fast a system does she have?)
did you run that free kelogger tool that I linked to?
there are two types of keyloggers, the "hook" kind (most of them) and the Kernel type- the real nasties
did you check for rootkits?
Post up a fresh hjt at the end of the day
I'm hoping that one of the HJT experts will look at
|
ahullsb:
Thank you for the advice. I will do as you instructed. Unfortunately I will not be able to get her computer until tomorrow. I wanted to let you know that so you aren't checking this thread today/tonight. I have spyware guard and spyware blaster on my own machine, I'd be curious whether I too should get rid of either of them, or use superantispyware instead. For reference I use Comodo (with the malware scanner...oops), although I am about to switch to online armour. I'm using Avast antivirus. Spywareblaster and Spyware Guard are also on my machine. Any advise on whether adding superantispyware would cause conflicts with these other programs would be appreciated, and if so, which from the above list I should remove. I accidentally installed the full version of Comodo with the malware portion and then installed Avast. I realize the possibility of conflicting software now, and that is why I am going to switch Comodo to something that is strictly a firewall. Would it have caused problems with the other software when I installed them, or will switching the firewall program be sufficient to correct the problem?
|
| Navigation |
| Message Index |
| Next page |
| Previous page |