Jump to content
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble
Lamb Chop

I've blocked this key logger but how it got on my computer is

Recommended Posts

I've blocked this for months now but today thought to find out what it is and why my online armour firewall having blocked it now and then unblocks it and then asks me to investigate - did before but being busy just blocked again.

This time asking for file location got this up.

http://www.isthisfilesafe.com/md5/CB136B267569A62EF63D798BC90ABD5A_details.aspx

Seems around the world a pest so someone here must have it or had it and know where it came from - maybe?

I did wonder how I got Emisoft up as don't have it - have SAS and boot Malawaresbyte plus Norton's scanner.

then remembered Online Armour got sold to Emisoft. And to get the free firewall need to go and pick your way through to find it in small letters to click onto. :devil: They of course want you to buy the suite. And good most likely too.

Windows 7 Premium 64 bit SP1
Intel Pentium CPUG2030@3.00Ghz 4GB RAM Intel HD Graphics
SAS Avast Online Amour Win Patrol
With bootable Malawarebytes, Norton's Scanner

Share this post


Link to post
Share on other sites

From what I can ascertain from here :- http://malwaretips.com/threads/a6d608f0-0bde-491a-97ae-5c4b05d86e01-bat-malware.37452/



and other places, this [A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat appears to be safe (whatever it is !)



You could try running Malwarebytes Anti-Rootkit BETA :- https://www.malwarebytes.org/antirootkit/ just in case ?


Share this post


Link to post
Share on other sites

It may be an out-dated registry setting. You might even be able to sort this by getting rid of unused clutter in installed programs list or a registry cleaner. This would be one of the only times it's worth using one of these...



Could you copy the contents of the .bat file? Right click and open in notepad. If UAC complains, copy-paste to desktop, rename to something.txt, change the permissions/security options and open in notepad.



It may contain references to executables that are safe which your antivirus or firewall deem unsafe or it may be doing things those wizards-in-training from the dark depths of the web want it to. In which case, it's probably unsafe. These people are usually children in high school who want to liberate the world from governments; one innocent victim's computer at a time. Best way to determine is to investigate the contents of the script.


Share this post


Link to post
Share on other sites

Thanks for the above both of you. Clean when running Malwarebytes Anti-Rootkit BETA.



It does keep putting itself back - I read the Spanish man's trial too - and it wasn't completed. This has been around a long time, I did try uploading it to Emisoft the vendor of Online Armour for their investigation - but cant as usually will open file location but in the case of this key - does not.



Its just a trying nuisance daily when boot up or reboot up comes OA asking again although blocked.



DU meter is also daily coming up - wanting to send home a message not working etc. :uhm::oops::sorry:




DUH :unknw::rolleyes: . Put it down to pain meds - :harhar: Or simply a :Blond-Moment:




I'll turn Du Meter off and wait to see :devil: :paperbag1: :censored:


Share this post


Link to post
Share on other sites

Seems like an adware got into your PC. Better disable system restore property in your PC and run a full scan on your PC with your favorite antivirus. After the scan in safe mode remove all the unwanted adware and restart your PC. It would be free from adware if you have trusted antivirus into your PC.

Suggested Antivirus Programs
1. Comodo Windows Antivirus - https://antivirus.comodo.com/antivirus-for-windows-8/
2. Free Avg
3. Avast

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Privacy Policy