Trojans and Backdoors

Discussion in 'malware problems & news' started by patches 10, Mar 28, 2005.

Thread Status:
Not open for further replies.
  1. patches 10

    patches 10 Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    3
    I found some commercial spyware named "Active Keyloger" and also known as "System Monitor" on my computer. They are "Winsoul" products.

    I am absolutely the only person with physical access to my computer. They therefore had to be put into my computer by remote access or by the intruder having gained previous remote access before putting the spyware into my computer.

    It is very impooirtant tht I be able to find out when theis spyware was put into my computer and to be able to trace it to the IP address of the computer the intruder was using or to the intruder himself. There are no boyfriends or husbands involved. I can get no information from Winsoul. How can I find out when the spyware was put in my computer and by whom. MSN Spysweeper has quartined the program, but I cannot delete it until I get the above information. I am running Windows 98, Ad-aware, AVG, SpyBot and MSN Spysweeper.

    Is there a good free or oni8ne spy detector program that detects commercial spyware?

    Thanks !!!
    Patches 10
     
  2. dog

    dog Guest

    Hi Patches, ;)

    Welcome to Wilders'

    I've moved your post to the Trojans and Backdoors Forum, where your problem will receive better attention.

    Regards,

    Steve
     
  3. patches 10

    patches 10 Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    3
    Other Security Issues

    I am suppose to have MSN as my Isp. Instead I have "uunet" and everything has to be filtered through its address, 198.6.100.98DNS.

    I checked the hosts file to see if MSN has been blocked. I found something called "arc msn". Does anyone know why and how my ISP was changed; anything about the 198..address or what "arc msn means?

    I have found commercial spyware on my computer and question whether these things are related.

    I am running Windows 98, MSN Spysweeper, SpyBot, Ad-aware, AVG and a registery cleaner. I need to know if the 198 address is related to the spyware, not just how to get rid of it. I need to know if "arc msn" in my hosts file is disabling my msn isp and allowing everything to go through the 198 address. Microsoft and MSN are no help.

    Thanks!!!
    patches 10
     
  4. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi patches 10, and welcome to the forum.

    I have merged the post you made in the 'Test Forum' with this thread so we do not have two threads going at once on similiar issues. The questions you have asked in your second post above may be related to your first questions, but for now let's stay in one thread until we can help you resolve your first questions. ;)

    Maybe to help us clarify exactly what it is you are asking - are you saying you cannot delete the keylogger, or that you don't want to delete it until you can find out what information it has logged?

    For some references and removal instructions:
    Computer Associates - http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453077694
    Symantec - http://www.sarc.com/avcenter/venc/data/pf/spyware.activelogger.html

    Regards,

    snap
     
  5. patches 10

    patches 10 Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    3
    Dear Snap:
    Thank you for putting my question into the correct catagory. I didn't want to delete the Winsoul spyware until I found out when it was put in my computer and some way to trace it, possibly by some id on the spyware, back to the installer. It is very important that I get this information.

    I have also found "AtHoc". Is that used like a keyloger or for running malicious codes?

    Thank you for the help!!! I need all the help I can get!!!!
    patches 10
     
Loading...
Thread Status:
Not open for further replies.