From: <>
| I've found the key logger that's been at my system for awhile now.
| I suspect the poison ivy Trojan. Many programs can not detect it.
| I tried installing avira that's supposedly one of the programs that can detect.
| Luckily I kept trend running as attempted to install avira. Because 1st thing
| it tried doing was replace the system file setup.exe.
| Neither here nor there, but I find anything replacing system files as
| suspicious.
| Anyway's it's using taskmger.exe and creating a text taskmger file showing
| 245kb of keys I've pressed, telling me it's throwing these packets out very
| often.
| Since I just had an identity theft incident [in California], everything adds
| up.
| But sfc can not scan taskmger.exe. It comes up with 'Windows Resource
| Protection could not perform the requested operation.'
| I doubt replacing taskmgr will cure the problem. I don't happen to have a spare
| taskmger.exe laying around.
| Trend micro, Mcaffee, and symantec have nothing on this Trojan. Simple way to
| check if you're infected [using Firefox] is see if 1 or more instances off FF
| [or IE] is in your task manager at boot up. Has your mouse gone south ? things
| really sluggish ? Those are my symptoms.
| So while I figure out where this thing is hiding, and how to kill it, how do I
| get another copy of taskmgr ?
| --
| more pix @
http://members.toast.net/cbminfo/index.html
Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en...HJTInstall.exe
Then post the contents of the HJT log in your post in one of the below expert forums...
{ Please - Do NOT post the HJT Log here ! }
Forums where you can get expert advice for HiJack This! (HJT) Logs.
NOTE: Registration is REQUIRED in any of the below before posting a log
Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0
Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/i...hp?showforum=7
Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/...splay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malwa..._Here-f37.html
http://gladiator-antivirus.com/forum...?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/...p?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV -
http://www.pctipp.ch/downloads/dl/35905.asp
Similar Threads
Linear Mode
