Q: CounterSpy . 2 detects more spyware then others?!? CounterSpy
Hi.
I have downloaded as a pilot test, as it is said, the latest and most dangerous tracks keylogger (Srv.SSA-KeyLogger) .
After a full scan, I think this is not dangerous keylogger (:-P). Instead, two traitorous spyware.
1) AB System Spy
File Name and location:
C: EA Games The Sims 2 TSBin ijl15.dll
C: EA Games The Sims 2 University TSBin ijl15.dll
Size found: 344 KB
2) Ace Password Sniffer 1.1
File Name and location:
C: Program Files NetMonInstaller.exe
C WinPcap: WinPcap Program Files rpcapd.exe
C: WINDOWS system32 drivers (npf.sys
Size in ascending order):
-06.50 84.00 32.10 KB
-KB
-KB
At first glance, saw CounterSpy wonderful. It detected 2 more spyware but others such as MS Anti-Spyware and ZoneAlarm 0.
could not think twice, it seemed necessary to be false positives/claims.
I confirmation.
Can anyone confirm if it spyware?
Or Does anyone know how to confirm
Best Answer: Yes you can have several spyware software on your computer. If one anti-spyware softwares finds something and stores it in it's "vault" the other spyware my find it in that software's "vault". That would be your only conflict, if you can even call it a conflict. Most spyware programs once you run them will tell you that there is another spyware program installed and may ask you to shut it down (if running). It's pretty simple and nothing to worry about.
I have 2 or 3 spyware programs on my computer and have no problems what so ever.
Good Luck!
Re:Originally posted by: guy
The first one seems to just be jpg libraries for the game. The second one is documented on Symantec's website.
http://securityresponse.symantec.com/avcenter/venc/data/spyware.spy4pc.html
It sounds like some pretty bad spyware too, but it has to be manually installed. How did you manage to get that installed on your computer?
I'm confused.
Yes, NetMonInstaller.exe is included, but not others.
I have tried to search for its tracks. However it seems they aren't there.
# %UserProfile%\Start Menu\Programs\SPY4PC\Spy4PC Info.lnk <–not here
# %UserProfile%\Start Menu\Programs\SPY4PC\Spy4PC.lnk <–not here
# %UserProfile%\Start Menu\Programs\SPY4PC\Uninstall Spy4PC.lnk <–not here
# %UserProfile%\Application Data\sfpc.dat <–not here
# %UserProfile%\Desktop\Spy4pc Info.lnk <–not here
# %ProgramFiles%\WinPcap\NetMonInstaller.exe <–Yes, here!
# %System%\gi44.tmp <–not here
# %System%\gi45.tmp <–not here
# %System%\gi46.tmp <–not here
# %System%\msipv6.dll
# %System%\msudp.dll
# %System%\pppoe32.dll
# %System%\sfpc.chm <–not here
# %System%\sfpc.dat <–not here
# %System%\sfpc.exe <–not here
# %System%\sfpcinfo.exe <–not here
# %System%\unins000.dat
# %System%\unins000.exe
# %System%\wanpacket.dll
# %System%\WinPcap_3_1_beta_3.exe
I haven't checked all of the entries which this spyware will add. But it seems there are no entry except the NetMonInstaller.exe
So what does it mean?
Is it not really Spyware.Spy4PC?
Re:I don't know why it was installed. Probably it was bundled by another software and the software installed it.
Also there are more than 1 person who will use this computer. So it may be done by others.
How can I set when it is first installed?
What's the use of WinPcap?
How can I determine if I need this or not?
The following is what "WinPcap" folder contains:
File/Folder Name…………..Modify Date………….Create Date
WinPcap……………………..N/A…………………….22 May, 2005
daemon_mgm.exe………..14 May, 2004………..14 May, 2004
INSTALL.LOG……………….22 May 2005………….22 May 2005
npf_mgm.exe………………14 May 2004………….14 May 2004
Uninstall.exe……………….30 Aug 2003………….22 May 2005
Note: The "infected" files are quarantined, so they are not included.
The strangest thing is why "Uninstall.exe" can be created at 22 May 2005, but modified at 30 Aug 2003. I haven't change the date/time of the system clock. Really strange?!?
Re:WinPcap is a legitimate network capture library. It is used by programs such as ethereal. It also has apparently been used by several different types of malware. The presence of WinPcap isn't necessarily bad, you need to find out what is using it.
Re:The first one seems to just be jpg libraries for the game. The second one is documented on Symantec's website.
http://securityresponse.symantec.com/avcenter/venc/data/spyware.spy4pc.html
It sounds like some pretty bad spyware too, but it has to be manually installed. How did you manage to get that installed on your computer?
0 Comments.