Re: Did I install a keylogger, or something else?
From: Chuck (none_at_example.net)
Date: 04/20/05
- Next message: garydorman8618_at_sbcglobal.net: "Help! An internet server has been installed on my machine!"
- Previous message: Chuck: "Re: Help, my computer will not run anti-spyware"
- In reply to: :): "Did I install a keylogger, or something else?"
- Next in thread: : ): "Re: Did I install a keylogger, or something else?"
- Reply: : ): "Re: Did I install a keylogger, or something else?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 20 Apr 2005 10:31:04 -0500
On Tue, 19 Apr 2005 08:43:20 -0400, ":)" <":)"@lalaland> wrote:
>Hi,
>
>I downloaded a program (.exe) from Ares P2P.
>
>When I tried to install it, a black screen appeared, disappeared, then
>nothing else happened. No program appears to have been installed.
>
>I'm using MSXPHome, and have DSL. Nothing appears on a Norton's virus
>scan, nor as spyware. Could they detect a keylogger that I installed
>myself? Could it have been another spy program? Do autodialers work
>through DSL connections?
>
>How do I know what type of program was installed?
>
>Please answer locally on this NG. My email is obviously fake.
>
>Thanks for any assistance.
>
>: )
Norton isn't the only security tool that you may need here, nor is it always the
best. Try a few more scanners first.
A-Squared <http://www.emsisoft.com/en/software/free/>
Ewido <http://www.ewido.net/en/?>
Trojan Hunter <http://www.misec.net/trojanhunter/>
Next, try one or more of these free online virus scans, which should complement
NAV:
<http://www.bitdefender.com/scan/license.php>
<http://www.pandasoftware.com/activescan>
<http://www.ravantivirus.com/scan/>
<http://housecall.trendmicro.com/housecall/start_corp.asp>
Now check for, and learn to defend against, non-viral malware.
Start by downloading each of the following additional free tools - and download
each specific product from each link as listed:
AdAware <http://www.lavasoftusa.com/>
CWShredder <http://www.intermute.com/spysubtract/cwshredder_download.html>
HijackThis <http://www.tomcoyote.com/hjt/>
LSP-Fix <http://www.cexx.org/lspfix.htm>
WinsockXPFix <http://www.spychecker.com/program/winsockxpfix.html>
Spybot S&D <http://www.safer-networking.org/index.php?page=download>
Stinger <http://us.mcafee.com/virusInfo/default.asp?id=stinger>
TrendMicro Sysclean <http://www.ik-cs.com/got-a-virus.htm>
Create a separate folder for HijackThis, such as C:\HijackThis - copy the
downloaded file there. Create a separate folder for the TrendMicro files, such
as C:\TrendMicro - copy the downloaded files there (unzipped if necessary).
AdAware, CWShredder, and Spybot S&D have install routines - run them. The other
downloaded programs can be copied into, and run from, any convenient folder.
First, close all Internet Explorer and Outlook windows.
Run Stinger. Have it remove all problems found.
Run CWShredder. Have it fix all problems found.
Empty your temporary files folders:
- "C:\WINDOWS\Temp"
- "C:\Documents and Settings\(Username)\Local Settings\Temporary Internet
Files".
Next, disable System Restore.
<http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm>
Boot your computer into Safe Mode.
http://support.microsoft.com/?id=315222
Run SysClean per instructions. Delete any infections found. Reboot your
computer, and re enable System Restore.
Next, run AdAware. First update it, configure for full scan
(<http://forums.spywareinfo.com/index.php?showtopic=11150>), then scan. When
scanning finishes, remove all Critical Objects found.
Next, run Spybot S&D. First update it, then run a scan. Trust Spybot, and
delete everything ("Fix Problems") that is displayed in Red.
Then, run HijackThis ("Scan"). Do NOT make any changes immediately. Save the
HJT Log.
<http://forums.spywareinfo.com/index.php?showtopic=227>
Finally, have your HJT log interpreted by experts at one or more of the
following security forums (and please post a link to your forum posts, here):
Aumha: <http://forum.aumha.org/index.php>
Net-Integration: <http://forums.net-integration.net/>
Spyware Info: <http://forums.spywareinfo.com/>
Spyware Warrior: <http://spywarewarrior.com/index.php>
Tom Coyote: <http://forums.tomcoyote.org/>
If removal of any spyware affects your ability to access the internet (some
spyware builds itself into the network software, and its removal may damage your
network), run LSP-Fix and / or WinsockXPFIx.
-- Cheers, Chuck Paranoia comes from experience - and is not necessarily a bad thing. My email is AT DOT actual address pchuck sonic net.
- Next message: garydorman8618_at_sbcglobal.net: "Help! An internet server has been installed on my machine!"
- Previous message: Chuck: "Re: Help, my computer will not run anti-spyware"
- In reply to: :): "Did I install a keylogger, or something else?"
- Next in thread: : ): "Re: Did I install a keylogger, or something else?"
- Reply: : ): "Re: Did I install a keylogger, or something else?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
