| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 101520 | 2009-07-17 18:05:00 | Hijackthis log question. | AntiVirMan (15107) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 792589 | 2009-07-17 23:44:00 | Thanks - doing it now. Back much later Thanks again |
AntiVirMan (15107) | ||
| 792590 | 2009-07-17 23:54:00 | That app, Scanner results : 79% Scanner(30/38) found malware! Time : 2009/06/05 05:31:50 (BST) Thats the online scan at www.virscan.org All false positives you reckon? However, www.virustotal.com File procexp.exe received on 2009.07.16 17:08:01 (UTC) Current status: finished Result: 0/41 (0.00%) Odd how two such similar sites csn be so different, as I think they use some of the same detection engines. Regards, AVM |
AntiVirMan (15107) | ||
| 792591 | 2009-07-18 00:05:00 | It'll be a false +. I doubt it'd be on the MS site if it were malware. Uninstall Mcafee and install something better (Avast Home - free), or NOD32 (if you want to pay for it) | Speedy Gonzales (78) | ||
| 792592 | 2009-07-18 02:19:00 | Run this and It will show me if the logger is hidding . . . . . . . . Download OTL to your desktop . . geekstogo . com/OTL . exe" target="_blank">oldtimer . geekstogo . com Double click on the icon to run it . Make sure all other windows are closed and to let it run uninterrupted . When the window appears, underneath Output at the top change it to Minimal Output . Check the boxes beside LOP Check and Purity Check . Under Custom Scan copy and paste the red text from the code box . netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %systemroot%\System32\antiwpa . dll %systemroot%\SYSTEM32\wpa . dll %systemroot%\setup\scripts\biestart . exe %systemroot%\system32\drivers\royal . sys %systemroot%\system32\oobe\AntiWPA_Crypt . dll %TEMP%\antiwpa_crypt . dll %TEMP%\antiwpa . dll /s %PROGRAMFILES%\antiwpa . dll /s %systemroot%\system32\crypt . dll %TEMP%\crypt . dll %SYSTEMDRIVE%\* . %SYSTEMDRIVE%\* . * %PROGRAMFILES%\* . Click the Run Scan button . Do not change any settings unless otherwise told to do so . The scan wont take long . When the scan completes, it will open two notepad windows . OTListIt . Txt and Extras . Txt . These are saved in the same location as OTL . Please copy the contents of these files and post them with your next reply . |
Pancake (6359) | ||
| 792593 | 2009-07-18 20:20:00 | Hi Old Timer, I have tried, a good few times now, to post the results of the OTL log here. For some reason, when I preview it, it seems to take forever and then loads up a blank page, with the message 'done' in the bottom left hand corner, just above the taskbar. Maybe it's because the message is so large, that it times out or something, or is just too large for a post. So, I'm not too sure what I can do, apart from maybe email it to you? Thanks again and best wishes, AntiVirMan |
AntiVirMan (15107) | ||
| 792594 | 2009-07-18 20:36:00 | Hi SG Here a link, where you can see what processes are running on my system, plus also some screenshots of the monitoring process of SafeSpace, showing the keylogging activity. It's normally much higher, but I've been copying and pasting now, instead of entering text directly. s754.photobucket.com - (6 images). The one, possibly superfluous image there, is the 'Keylogger' shot, that shows no activity, but I thought that it illustrated the point that it is occuring. Thanks and best wishes, AntiVirMan |
AntiVirMan (15107) | ||
| 792595 | 2009-07-18 21:52:00 | Well since I have no idea what safespace is, does since I've never used or heard of it. A series of numbers tells me anything. Get rid of Mcafee, and use something better. Then scan the whole hdd. We could be here all year trying to figure out whether you've got a keylogger or not. But there's nothing so far (that I can see). |
Speedy Gonzales (78) | ||
| 792596 | 2009-07-18 23:43:00 | If the message is large,post it in two or three pieces. | Pancake (6359) | ||
| 792597 | 2009-07-20 07:53:00 | Hi, SG - I did post the URL to SafeSpace, it's a virtual sandbox app. Pancake - If I get any more problems, I'll do that. But thanks guys, I think the matter is now resolved, up to a point, and seems to be okay, now that I don't have to worry about keylogging anymore. Regards, AntiVirMan |
AntiVirMan (15107) | ||
| 1 2 3 | |||||