[pchelpers] Re: Fw: Re: Process Management Utility

• From: John Durham <john.modec@xxxxxxxxxx>
• To: pchelpers@xxxxxxxxxxxxx
• Date: Thu, 31 May 2007 11:04:34 +1200

kathleen lacey wrote:
> Hi Everyone. I downloaded the free a-squared. It took 2 hours to scan the
> Deep Scan. It seemed to get stuck on several files. maybe PC-Cillin Security
> was interfering, cause it runs on my pc in the background all the time.
> A-Squared found 13 , 10 were tracking cookies, and the other 4 are these...
> 
> Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run -->
> reminder  detected: Trace.Registry.FTPAttack
Look here for info on FTPAttack:
http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453088724
> C:\hp\bin\KillWind.exe  detected: Riskware.RiskTool.Win32.PsKill.p
Killwind is discussed here:
http://www2.geek.com/discus/messages/37/5213.html?1144994284
> C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\runner.exe
Runner might be OK- see here:
http://www.fbmsoftware.com/spyware-net/process/runner_exe/1040/
>  detected: Adware.BackWeb.a
> C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe detected:
> Adware.BackWeb.a
Backweb may be suspicious. Please see my comments on Spywareblaster. 
Info on backweb may be found here:
http://www.emsisoft.com/en/malware/?Adware.BackWeb.a
> My questions ... Is the FTPAttack a Trojan?
Yes.
> and KillWind is something from HP, my hardware. I not longer am under
> warrantee, so can i delete it? I put everthing in quarantine, till i had
> time to research what to do. Also should i turn off System Restore and
> re-DeepScan?
> Thanks for the help.
> Kathleen
One other thing: If you have SpywareBlaster, it may have added this key 
to registry so as to block any nasty activity. Please keep 
SpywareBlaster up to date to protect from this stuff (it turns the 
activate bit off for bad entries to stop them operating).
-- 
Regards, John Durham <http://modecideas.com/contact.html?sig>
Fax/Phone 64 4 5286786
Award winning web site at http://modecideas.com?sig
Server hosted on Redhat Centos 4.2
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Good advice is like good paint- it only works if applied.


-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

• References:
  • [pchelpers] Fw: Re: Process Management Utility
    • From: Pen Pal
  • [pchelpers] Re: Fw: Re: Process Management Utility
    • From: kathleen lacey

Other related posts:

• » [pchelpers] Fw: Re: Process Management Utility
• » [pchelpers] Re: Fw: Re: Process Management Utility
• » [pchelpers] Re: Fw: Re: Process Management Utility
• » [pchelpers] Re: Fw: Re: Process Management Utility
• » [pchelpers] Re: Fw: Re: Process Management Utility

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription