Go to jotti's virusscan
. In the "File to upload & scan
" box, click the "browse
" button and locate the following file:
<- this file
", then click the "Submit
-- Post back with the results of the file analysis in your next reply.
Keylogging programs can be legitimate but their related files are often detected by anti-virus or anti-malware scans as a "RiskTool
", "Hacking tool
, "Potentially unwanted tool
" or even a "Trojan
". These types of programs have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. Potentially unwanted
does not necessarily mean the file is malware or a bad program. It means it has the potential
for being misused by others. Anti-virus and anti-malware utilities cannot cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
If you did not install this program, is it possible that another member of your family installed it?
If no one claims responsibility for installing the software, you should consider the computer compromised
. If it was used for online banking or has credit card information on it, all passwords should be changed immediately
to include those used for email, eBay and forums. They should be changed by using a different computer and not the one where the keylogger was installed. Because your computer was compromised please read How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat and reinstall the OS. Please read "When should I re-format? How should I reinstall?
MBAM should have detected/removed some of those entries. Did you run it in normal mode or safe mode. MBAM is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact it loses some effectiveness for detection & removal when used in safe mode.