Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is My Computer Safe?


  • Please log in to reply
9 replies to this topic

#1 secretangel

secretangel

  • Members
  • 154 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 PM

Posted 04 September 2007 - 07:29 AM

I was after a calendar for my computer, one with reminders etc and after looking at a few I purchased and downloaded Active Desktop Calendar from XemiComputers Ltd.

However, when I loaded it onto my PC ZoneAlarm picked up this "not-a-virus:monitor.win32.KeyPressHooker.C". It quarantined it but when I switched on my PC today, as the Calendar software loaded ZoneAlarm warned me that the software was trying to monitor my keystrokes etc, I denied it access. I then also ran a virus/spyware check and it again picked up the virus as above and quarantined it again.

Is my PC safe at the moment? What can I do to clear this from my PC. Do I need to uninstall the software I downloaded or is there a way I can keep the software but get rid of the virus?

Thanks
Posted Image

When you wanna give up, and your hearts about to break
Remember that you're perfect, God makes no mistakes

BC AdBot (Login to Remove)

 


#2 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:12:17 PM

Posted 04 September 2007 - 07:36 AM

Did you download the software directly from xemico?

#3 secretangel

secretangel
  • Topic Starter

  • Members
  • 154 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 PM

Posted 04 September 2007 - 08:06 AM

hmm not sure now. When I was on the Xemi site I clicked a link on their site to show the price in GBP rather than dollars and that took me to the site "regnow" which is where I downloaded it from.

Edited by secretangel, 04 September 2007 - 08:12 AM.

Posted Image

When you wanna give up, and your hearts about to break
Remember that you're perfect, God makes no mistakes

#4 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:12:17 PM

Posted 04 September 2007 - 08:21 AM

Regnow would be the credit card processing agency that xemico uses. No worries there.

I will tell you that I searched through the help file, the Frequently Asked Questions, and did a couple google searches and did not find anything saying that a keylogger should be installed alongside the calendar software. So I would say take the necessary steps to get rid of the keylogger.

#5 secretangel

secretangel
  • Topic Starter

  • Members
  • 154 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 PM

Posted 04 September 2007 - 08:33 AM

how do I get rid of the keylogger?

ZoneAlarm seems to pick it up but it seems as though it may come back each time I turn on my PC and the diary starts.
Posted Image

When you wanna give up, and your hearts about to break
Remember that you're perfect, God makes no mistakes

#6 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:12:17 PM

Posted 04 September 2007 - 12:43 PM

What are you currently using for an antivirus program?

AVG AntiSpyware should get rid of it.

#7 secretangel

secretangel
  • Topic Starter

  • Members
  • 154 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 PM

Posted 04 September 2007 - 01:44 PM

I use ZoneAlarm Internet Security Suite.

I restarted PC and so far no more alerts have popped up but I'm just running another virus/spyware scan to check.
Posted Image

When you wanna give up, and your hearts about to break
Remember that you're perfect, God makes no mistakes

#8 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:12:17 PM

Posted 04 September 2007 - 01:47 PM

Oops....sorry about that I forgot you mentioned ZoneAlarm in the first post.

Let us know if you run into any trouble.

Oops....sorry about that I forgot you mentioned ZoneAlarm in the first post.

Let us know if you run into any trouble.

#9 secretangel

secretangel
  • Topic Starter

  • Members
  • 154 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:17 PM

Posted 04 September 2007 - 05:53 PM

OK just to update.

Have just run another virus scan and the same virus got picked up again by ZoneAlarm, the only difference is the path changes each time it is picked up.

First the path was C:\downloads\adc.exe
Second time it was C:\ProgramFiles\Xemicomputers\Active Desktop Calendar\ADC World Clock.scr
This last time the path was C:\System Volume Information\_restore (and then a long number which I won't type now) its late and I'm tired!

I downloaded AVG AntiSpyware and started running that but had to stop it for now - dealt with the things it found so far but will run it again in the morning.

I remember before having a similar problem with a virus and I had to turn off system restore before running an antivirus scan, rebooting my PC and then turning system restore back on - is that something I should try with this if AVG doesn't get rid of it for good.
Posted Image

When you wanna give up, and your hearts about to break
Remember that you're perfect, God makes no mistakes

#10 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:12:17 PM

Posted 05 September 2007 - 06:11 AM

Yeah you should reset the system restore at the end of all your scans/removals.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users