Graham_Powell
asked on
Keylogger.cone - Registry updates on system startup (Win2K Prof)
Hi, I'm trying to find a way to remove whatever software is adding keylogger.cone.trojan entries to my Win 2000 Pro registry each time my machine is started. I have up to date Symantic anti virus/firewall running which does not detect anything with a full system scan, PC Tools SpyDoctor detects the registry entries and removes them but does not detect program that keeps putting them back... I've run the McAfee Stinger as well! Any thoughts on what I can do?
Regards
Graham
Regards
Graham
ASKER
Hi SheharyaarSaahil,
Here is the link to the Hijack Log file - It has found some nasties and I'd appreciate your thoughts. The registry entries are the ones found by PC Tools, Spydoctor but I don't know what is putting them there!
G
http://www.hijackthis.de/logfiles/ef711b43ab68752aaabf4daad983329a.html
Here is the link to the Hijack Log file - It has found some nasties and I'd appreciate your thoughts. The registry entries are the ones found by PC Tools, Spydoctor but I don't know what is putting them there!
G
http://www.hijackthis.de/logfiles/ef711b43ab68752aaabf4daad983329a.html
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
well ross has already covered it all :)
im just listening to hear the results from u =)
im just listening to hear the results from u =)
Try using Hijackthis now.... may be it can pick up that running process which others tools are failing to catch !! :)
Download HijackThis v1.98.2 from here, run it and Save the LOG file:
http://tools.radiosplace.com/HijackThis.exe
Then Post that log at this site >> http://www.hijackthis.de/index.php?langselect=english
and it will automatically analyse it for u,,, Fix everything which it labels as Nasty :)
To Fix, check the lines and click on Fix Checked !!
CAUTION: Before fixing the entries in hijackthis, make sure that they are really Nasty and can be deleted, better u first research for it on Google and then when u will confirm that they shud be deleted, Fix them. And whenever u run Hijackthis, run it from a New folder on ur desktop, so that in case of any problem, u can take advantages of its created backups of fixed items. And in case if u still face problems in dealing with it, just analyse ur log at the above site, and then scroll down where u will see a Save Analyse button, hit it and it will save ur Log Analysation, then copy the link of that page and paste it here, and we will check it for u :)