WoW account hacked due to keylogger

Question

delliron 0 Newbie Poster

14 Years Ago

Ok, so, short version, my WoW account was hacked yesterday, and all my stuff was deleted. I uninstalled WoW, ran AVG virus scanner, and Advanced System Care scan, then I came here and ran the scans on the site, malewarebyte came up with 2, the rest negative, I just want to make sure that I'm completely keylogger and other nasty free, here's the results of the scans.
Malwarebytes' Anti-Malware 1.42
Database version: 3421
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12/24/2009 3:20:30 AM
mbam-log-2009-12-24 (03-20-30).txt

Scan type: Full Scan (C:\|)
Objects scanned: 153071
Time elapsed: 34 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ESET came up negative, I wasn't sure how to post the log from there.

C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Users\Brady\Desktop\windows-kb890830-v3.2.exe
c:\24d2fd2a5cd1f27068bc8210c6\mrtstub.exe
C:\Windows\system32\MRT.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\system32\conhost.exe
C:\Users\Brady\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SansaDispatch] c:\users\brady\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\users\brady\appdata\roaming\microsoft\windows\start menu\programs\startup\CurseClientStartup.ccip
StartupFolder: c:\users\brady\appdata\roaming\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\logitech webcam software\eReg.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
AppInit_DLLs: avgrsstx.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrw7x;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSwx.sys [2009-12-8 25608]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-12-8 161800]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2009-12-8 24856]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-8 360584]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-8 333192]
S1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-8 28424]
S2 avg9emc;AVG E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2009-12-8 906520]
S2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-12-8 285392]
S2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2009-12-8 2303680]
S2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2009-12-8 5832712]
S3 AVGIDSDriverw7x;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_win7\AVGIDSDriver.sys [2009-12-8 122376]
S3 AVGIDSFilterw7x;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_win7\AVGIDSFilter.sys [2009-12-8 30216]
S3 AVGIDSShimw7x;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_win7\AVGIDSShim.sys [2009-12-8 21208]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

=============== Created Last 30 ================

2009-12-24 15:51:20 0 d-----w- c:\program files\ESET
2009-12-24 15:22:39 0 d-----w- C:\24d2fd2a5cd1f27068bc8210c6
2009-12-24 04:16:41 0 d-----w- C:\World of Warcraft
2009-12-24 03:36:32 0 d-----w- c:\users\brady\appdata\roaming\Malwarebytes
2009-12-24 03:36:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-24 03:36:25 0 d-----w- c:\programdata\Malwarebytes
2009-12-24 03:36:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-24 03:36:22 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-21 07:28:42 0 d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-21 07:28:42 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-12-20 03:41:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-18 03:08:41 0 d-----w- c:\programdata\Hewlett-Packard
2009-12-15 06:37:48 0 d-----w- c:\program files\Ventrilo
2009-12-15 06:37:44 262 ----a-w- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-12-15 06:37:09 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-12-13 22:58:25 0 d-----w- c:\users\brady\appdata\roaming\SanDisk
2009-12-13 22:49:14 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-12-13 22:10:21 0 d-----w- c:\program files\Screen Movie Studio
2009-12-10 06:51:58 0 d-----w- c:\programdata\ATI
2009-12-10 06:48:23 0 d-----w- c:\program files\ATI Technologies
2009-12-10 06:48:21 0 d-----w- c:\program files\ATI
2009-12-10 06:46:37 0 d-----w- C:\ATI
2009-12-10 04:26:42 0 d-----w- c:\users\brady\appdata\roaming\TERMINAL Studio
2009-12-10 04:26:38 92216 ----a-w- c:\windows\system32\bass.dll
2009-12-10 04:26:38 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-12-10 04:26:38 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-12-10 04:26:38 0 d-----w- c:\program files\Free Fireplace 3D Screensaver
2009-12-10 04:26:17 0 d--h--w- C:\temp
2009-12-09 03:18:43 0 d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-12-08 23:00:14 257024 ----a-w- c:\windows\system32\msv1_0.dll
2009-12-08 22:59:48 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-08 22:59:28 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-08 22:55:34 713888 ----a-w- c:\windows\system32\PerfStringBackup.INI
2009-12-08 22:55:12 0 d-----w- c:\windows\system32\wbem\Performance
2009-12-08 22:45:42 0 ----a-w- c:\windows\ativpsrm.bin
2009-12-08 22:45:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-12-08 22:42:50 0 d-----w- c:\windows\Panther
2009-12-08 22:42:37 8192 --sha-r- C:\BOOTSECT.BAK
2009-12-08 22:42:36 383562 --sha-r- C:\bootmgr
2009-12-08 22:42:35 0 d-sh--w- C:\Boot
2009-12-08 22:13:21 0 d-----w- c:\users\brady\appdata\roaming\IObit
2009-12-08 22:13:20 0 d-----w- c:\program files\IObit
2009-12-08 21:52:14 0 d-----w- c:\programdata\Blizzard
2009-12-08 21:51:31 0 d--h--w- C:\$AVG
2009-12-08 21:51:30 25608 ----a-w- c:\windows\system32\drivers\AVGIDSwx.sys
2009-12-08 21:51:30 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-08 21:51:29 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-12-08 21:51:28 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-08 21:51:23 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-08 21:51:21 0 d-----w- c:\windows\system32\drivers\Avg
2009-12-08 21:50:51 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys
2009-12-08 21:50:51 0 d-----w- c:\program files\AVG
2009-12-08 21:50:45 0 d-----w- c:\programdata\avg9
2009-12-08 21:46:21 0 d-----w- c:\users\brady\Tracing
2009-12-08 21:43:37 0 d-----w- c:\program files\Microsoft
2009-12-08 21:43:19 0 d-----w- c:\program files\Windows Live SkyDrive
2009-12-08 21:42:30 0 d-----w- c:\windows\PCHEALTH
2009-12-08 21:38:08 0 d-----w- c:\program files\common files\Windows Live
2009-12-08 20:16:34 0 d-----w- c:\program files\common files\Blizzard Entertainment
2009-12-08 20:07:22 0 d-----w- c:\programdata\LogiShrd
2009-12-08 20:06:42 0 d-sh--w- c:\windows\Installer

==================== Find3M ====================

2009-09-30 03:58:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-30 03:56:14 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2009-09-30 03:55:56 348160 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-30 03:55:42 274432 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-30 03:55:34 12288 ----a-w- c:\windows\system32\atimuixx.dll
2009-09-30 03:55:26 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-30 03:55:14 278528 ----a-w- c:\windows\system32\Ati2evxx.dll
2009-09-30 03:54:10 733184 ----a-w- c:\windows\system32\Ati2evxx.exe
2009-09-30 03:42:48 3839488 ----a-w- c:\windows\system32\atiumdag.dll
2009-09-30 03:26:12 4946432 ----a-w- c:\windows\system32\atiumdva.dll
2009-09-30 03:14:36 51712 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-30 03:14:04 135168 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-30 02:51:38 11513856 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-30 02:11:06 53248 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-30 02:10:52 53248 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-30 02:09:46 3235840 ----a-w- c:\windows\system32\aticaldd.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 9:59:55.60 ===============

Hopefully that'll do, anything else lemme know, thanks a bunch!

windows-virus

Attach.txt (3.9 KB)

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 12/8/2009 4:53:10 PM
System Uptime: 12/24/2009 9:21:43 AM (0 hours ago)

Motherboard: MICRO-STAR INTERNATIONAL CO., LTD |  | MS-7246
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Socket 775 | 3014/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 233 GiB total, 200.012 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable

==== Disabled Device Manager Items =============

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer: 
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr

==== System Restore Points ===================

RP30: 12/23/2009 11:40:17 PM - Scheduled Checkpoint

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Advanced SystemCare 3
ATI Catalyst Install Manager
AVG 9.0
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Curse Client
ESET Online Scanner v3
Java(TM) 6 Update 17
Junk Mail filter update
Logitech Webcam Software
Malwarebytes' Anti-Malware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
MSVCRT
Sansa Updater
Screen Movie Studio
Security Update for CAPICOM (KB931906)
Skins
Ventrilo Client
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
World of Warcraft

==== Event Viewer Messages From Past Week ========

12/24/2009 9:22:20 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
12/24/2009 9:22:20 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
12/24/2009 9:22:17 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/24/2009 9:22:11 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/24/2009 9:22:09 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AvgLdx86 AvgMfx86 discache spldr Wanarpv6
12/23/2009 11:38:05 PM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

==== End Of File ===========================

4 Contributors
7 Replies
364 Views
2 Years Discussion Span
Latest Post 12 Years Ago Latest Post by jbennet

PhilliePhan 171 Central Scrutinizer

14 Years Ago

At quick glance (and I mean very quick), those logs look OK.

If you want to double-check, you could try a scan with the Kaspersky Online Scanner 7.0
* Note that you may need to temporarily disable your Anti-virus program for the duration of this scan.

-- Accept the agreement and allow the scanner to load and update its definitions. This may take a few minutes.
-- After the program files are downloaded and the anti-virus database is successfully updated, please select the Scan section in the left part of the main program window.
-- Click My Computer to begin a complete scan of your computer, including critical areas.
-- Once the scan has finished, select the Reports section in the left part of the main program window. Click the Save report button in the report viewing window. The Saving window will open.
-- Name the file KAS 1 and choose to save it to the Desktop as a .txt file and then click the Save button.
Please post that for me - unless it's clean, of course.

If you like, there are also some rootkit scans you could try, but Kaspersky is pretty thorough....

Cheers :)
PP

PhilliePhan 171 Central Scrutinizer

14 Years Ago

I did have 3 lines that included along the lines of wormrader etc etc....

Happy XMas to you as well :)

Everything seems to be rootkitted these days, so you need to be extra vigilant. Looks to me like you're doing a good job.

Cheers,
PP

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

delliron 0 Newbie Poster · Answer 1 · 2009-12-25T02:03:32+00:00

Heya Phillie, thanks for the reply! I did the scan last night after the eset one, both came up clean, I did have 3 lines that included along the lines of wormrader etc etc, i removed them already, so hopefully this will keep me free, lol. thanks again, merry xmas!

At quick glance (and I mean very quick), those logs look OK.
If you want to double-check, you could try a scan with the Kaspersky Online Scanner 7.0
* Note that you may need to temporarily disable your Anti-virus program for the duration of this scan.
-- Accept the agreement and allow the scanner to load and update its definitions. This may take a few minutes.
-- After the program files are downloaded and the anti-virus database is successfully updated, please select the Scan section in the left part of the main program window.
-- Click My Computer to begin a complete scan of your computer, including critical areas.
-- Once the scan has finished, select the Reports section in the left part of the main program window. Click the Save report button in the report viewing window. The Saving window will open.
-- Name the file KAS 1 and choose to save it to the Desktop as a .txt file and then click the Save button.
Please post that for me - unless it's clean, of course.
If you like, there are also some rootkit scans you could try, but Kaspersky is pretty thorough....
Cheers :)
PP

delliron 0 Newbie Poster · Answer 2 · 2009-12-26T01:05:02+00:00

Thank you again for your help, just one last question, what combo of free virus scanners/spyware scanners would you suggest? right now I have avg, and malewarebytes installed, along with advanced system care from iobit.

Happy XMas to you as well :)
Everything seems to be rootkitted these days, so you need to be extra vigilant. Looks to me like you're doing a good job.
Cheers,
PP

PhilliePhan 171 Central Scrutinizer Team Colleague · Answer 3 · 2009-12-27T02:55:05+00:00

Thank you again for your help, just one last question, what combo of free virus scanners/spyware scanners would you suggest? right now I have avg, and malewarebytes installed, along with advanced system care from iobit.

Happy to help :)

-- That's a very subjective question these days. There are a number of good tools out there and each has its legion of fans.

I think keeping MBAM on hand for "on demand" scanning is obviously a good idea.
Also, the Kaspersky Online Scan is good to use if you feel you need a "second opinion" to AVG.

There are many in the anti-malware community upset with Iobit for their alleged recent theft of Malwarebytes database and they would recommend removing Iobit. Personally, I have not looked too closely at Iobit to know how effective it is.....

I do like the "real-time" protection afforded by WinPatrol
Likewise, I think SpywareBlaster is a good tool.

I like the tools from a-squared as well, but seem to be in the minority there. I believe they offer solid protection, but the detractors cite a number of false positives generated by their real-time protection heuristics.
Frankly, MBAM has done much worse in FPs the last few months - so, like I say, recommendations can be subjective.

Best thing you can do is keep all your protective measures up to date with builds and definitions. Keep your Java and other vulnerable items up to date as well.

Keeping Windows and everything else up to date with patches and staying vigilant are the keys to staying secure.

Cheers :)
PP

Falkons 0 Newbie Poster · Answer 4 · 2012-03-11T02:08:00+00:00

This could help. It is no easy task getting rid of trojans or key loggers. This is one of the best guids I have found about this.
http://cognitiveanomalies.com/simple-ways-in-detecting-key-loggers/

jbennet 1,618 Most Valuable Poster Team Colleague Featured Poster · Answer 5 · 2012-03-12T17:49:24+00:00

You should get one of those WoW encryption dongles, which generate a one-time password.