Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

ksnapshot.etl,possible remote access software and keyloggers

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby askey127 » November 15th, 2010, 7:41 pm

SpectreWolf,
ksnapshot appears to be a legitimate program, free of malicious intent.
It has been thoroughly analyzed by a large number of antivirus experts.
It appears as a possible printer adunct.
In any case, it is not cause for concern.

If you do not have any other symptoms, your computer appears clean.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13904
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby SpectreWolf » November 16th, 2010, 7:30 am

My computer is running fine. Thanks for your assistance. However, everytime i start up my computer and login to my profile, I keep getting the "Device Failed to Connect" error sound for about 3 times before it stops. What is going on?
SpectreWolf
Regular Member
 
Posts: 25
Joined: November 11th, 2010, 1:52 am

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby askey127 » November 16th, 2010, 8:37 am

SpectreWolf,
It most likely means that one of your automatic startup programs is not finding its related piece of hardware when it starts.
(These are mostly the O4 entries in your HiJackThis log)
You can troubleshoot it fairly easily with Winpatrol.
If you right-click the scotty dog icon from Winpatrol and choose Startup Info, it will list all the automatic startups.
You can disable any of them, or do so one at a time, and reboot until you discover which one is complaining.
If you disable one and want to put it back on "automatic startup", Winpatrol makes that easy to do also
-----------------------------------------------------------
Install WinPatrol - Download and Install the Free WinPatrol, and view Instructions here: http://www.winpatrol.com/winpatrol.html
- WinPatrol is an active program that drops a "Scotty Dog" icon into the system tray (right click to check/change status), allows you to monitor/edit startups, services, Browser helpers, and prompts for permission if any program tries to change your system.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13904
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby SpectreWolf » November 16th, 2010, 12:05 pm

Okay. I will try this out. Also, do you know how to detect remote access software that is installed into my computer, weather its commercial or not? I am not tech savvy so I do not know much about computers. And yes, this is a home computer.
SpectreWolf
Regular Member
 
Posts: 25
Joined: November 11th, 2010, 1:52 am

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby askey127 » November 16th, 2010, 4:07 pm

SpectreWolf,
Some notes about your machine and your question:
  • The way that COMODO Security works, it's pretty near impossible to tell whether there is a rootkit infection on the machine. Rootkits can hide programs from the Windows system.
  • Let me know if you have instructions so you know how to disable all of COMODO, or if you want to uninstall it long enough to find out what is going on. We can temporarily plug in a different Antivirus if you wish.
  • Any and all toolbars have some tracking ability. You are in good shape in that respect. I don't see any toolbars.
  • There are no visible programs on your machine that allow an outsider control of the machine. That said, there are programs that might "phone home" with system information.
  • If you want the most secure PC possible for data, and you still need the internet, you should have no games, no video or audio or photo downloader programs, no "messengers", no toolbars, no Live meetings.
  • Only the bare bones minimum of programs should run automatically at startup. The rest should have to be run from the Start button or a desktop icon. You can do that with Winpatrol.
  • You should be using Firefox with the NoScript Add-on for Internet, except to contact Microsoft.
  • I see you have a local router. You need to be 100% sure that the router administrator password used to make the router settings has been changed to one you chose, and not left as the default.
Is that helpful at all for you?
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13904
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby SpectreWolf » November 17th, 2010, 3:32 am

Yes. I know how to disable COMODO Internet Security and i have the NoScript Add-on installed. Thanks for all the advice! What good anti-virus , anti-spyware and firewall do you recomend to me so i can replace COMODO? Thanks for all your help.
SpectreWolf
Regular Member
 
Posts: 25
Joined: November 11th, 2010, 1:52 am

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby askey127 » November 17th, 2010, 11:04 am

SpectreWolf,
I can only tell you that some malware helpers favor ESET NOD32 Smart Security, Kaspersky Internet Security, or Avira Antivir Premium Security. These are the full suites available if you want a firewall included. They also have "Antivirus only" versions.

The free Microsoft Security Essentials is also quite good, and very transparent.

If you buy a separate firewall, make SURE it does not have a built-in antivirus, and make sure the Windows Firewall is turned OFF.
The only ones I can recommend right now are the paid versions of Outpost and Online Armor.

The best Anti-spyware program out there right now is Malwarebytes' Anti-malware.
SuperAntiSpyware is OK as well, but has a potentially disastrous SAFEBOOT utility.

All above are my opinions only.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13904
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby SpectreWolf » November 18th, 2010, 1:28 pm

Okay. Thanks for all your help. I might get the Kaspersky AV 2011. But I still dont get how can I actually detect if any remote access software has been installed in my computer. Can i find out by looking at the uninstall list or checking my Program Files folder? Please give me some advice. Sorry for being so long winded. I greatly appreciate all the help you have given me.
SpectreWolf
Regular Member
 
Posts: 25
Joined: November 11th, 2010, 1:52 am

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby askey127 » November 18th, 2010, 2:14 pm

I don't see any overt software, designed specifically for remote control, installed on your machine.

However, your question is hard to answer because you are not saying what you mean by "Remote Access Software".
If you authorize an application to provide updates, that is technically "Remote Access Software", since they may assume they can check your machine to get the correct update, or ???
Windows is remote access software. It installs its updates, and can remove any file it finds offensive, without asking you.
Google has access to every website you visit, and they keep records of it. So do all the other search engines.
If you want to be extremely precise, you need to check the license agreement on every program in the Add/Remove List.
If you want every Internet access to have a permission request, you can set your firewall to do so, but you may get tired of answering questions.

If you are on the Internet, nothing you do there is private. If you must have total privacy, get the box off the Internet and only allow file transfers via flash drive or CD, after scanning.
If this is the kind of thing you want, I do not wish to work on the machine either, since it would involve possible legal issues that we don't choose to confront on this site.
We don't do "business" machines here for that reason.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13904
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: ksnapshot.etl,possible remote access software and keylog

Unread postby askey127 » November 22nd, 2010, 9:11 am

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13904
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware