ok
that problem is over;
I wrote before that LAN works properly since I deleted advkeylog, but no - I still loose connection...
kind regards
Type: Posts; User: royakai; Keyword(s):
ok
that problem is over;
I wrote before that LAN works properly since I deleted advkeylog, but no - I still loose connection...
kind regards
cheers
royakai
sounds like that... so, who could did it? I bought PC in October (wasn't new), and problem appeared first in the middle of January when PCGuard informed me many times that an advanced KEYLOGGER tries...
...
ok, that problem is over... nor PCG neither AdAware see it any longer...
thanks a lot for your time
do you have any comments?
I hope that it was helpful for other users. However, I...
wow!
probably I've done it!!!
I denied system control over ThreadingModel (Apartment), and Default (imcui.dll), and allowed Administrator and user to set control over it, and...
I deleted it...
[QUOTE=LonnyRJones]What process do you suspect ?
alg.exe - it was installed during the same time when I started to see the first informations that 'advanced KEYLOGGER' want to go through...
...
........................................................................................................
That's it:
03/04/2006 8:15:05.01
[SC] EnumQueryServicesStatus:OpenService FAILED...
Originally Posted by LonnyRJones
These are what it created for me, Are you comfortable working in the registry ?
HKEY_CLASSES_ROOT\CLSID\{DEE6806C-FB33-D04C-E1C6-8DA9B2204850}...
I have some suspicious, but no proof...
which process should I kill, because that is what blocks to delete it, I think?
There are no files showed above in my computer even I use mode that shows hidden files...
I cannot to simply delete this:
HKEY_CLASSES_ROOT\CLSID\{DEE6806C-FB33-D04C-E1C6-8DA9B2204850} -...
There are no files showed above in my computer even I use mode that shows hidden files...
I cannot to simply delete this:
HKEY_CLASSES_ROOT\CLSID\{DEE6806C-FB33-D04C-E1C6-8DA9B2204850} -...
in addition:
that's the last adaware report... the keylog was quarantined both by adaware and PCGuard, but PCG couldn't delete it after. AdAware is a free version, and dosen't fix such a problem so.
yes it is... it's name is 'Apartment' and enclosed in HKEY_CLASSES_ROOT: CLSID\... under ServerImpro32 folder;
by the way - I'm not sure that the keylog in report is the same that the one I'm...
Logfile of HijackThis v1.99.1
Scan saved at 02:25:53, on 01/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:...
just to resolve a problem... tashi wrote that it would be good to show my report here, so I'm doing now...
check the attachements
thanks for reply - that's the report
by the way - I check for updates almost every day and use advanced mode
in addition:
I have found advanced keylogger using PCGuard and AdAwareSE but the anti-s have troubles to rid it off. I know where is it placed but traditional tool like "delete" doesn't work;
I...