Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


I think I have a keylogger or virus/malware

  • Please log in to reply
1 reply to this topic

#1 wr17h3


  • Members
  • 1 posts
  • Local time:10:57 PM

Posted 12 June 2011 - 01:56 AM

Last night I downloaded a crack for a video game. I ran the crack and nothing happened, the program did not open. I scanned the file through an online scanner and it came back 39/42 viruses detected (http://www.virustotal.com/file-scan/report.html?id=74f174ad929c2f95801c79ecd6939b019f2a11ba81de10287bb8ccf4068b1ff7-1307767765)

I did a full computer scan with malwarebytes, nod32(why nod32 didnt catch this is beyond me), spybot and a few others.

Supposedly it removed a few things but I'm still paranoid.

my CPU usage is unusually high. I hope i'm not being monitored/logged.

What do I do first? I was going to run a recovery disk but my cd burner is broken.

What now?


Edited by wr17h3, 12 June 2011 - 01:57 AM.

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,954 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:57 PM

Posted 12 June 2011 - 07:20 AM

The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.


...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

I strongly recommend that you remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so we need to ensure they have been removed.

Using these types of programs or the websites visited to get them is almost a guaranteed way to get yourself infected!!

The first thing you need to do after removing the cracks is to identify the process causing the high CPU utilization and where it is running from.

There are tools to investigate running processes, services and gather additional information to identify them or resolve problems:-- These tools will provide information about each process, CPU usage, file description and its path location Most of them are stand-alone apps in a zip file so no installation is necessary.

-- System Explorer provides a security check of running processing using their online security database when you first launch the program. If you want process the initial scan, press the "Start Security Check" button. Keep in mind, that the check is not a guarantee of what is or is not detected as malware. Further investigation is always recommended. At the Security Check page you can also check the file through the VirusTotal database by pressing the Check MD5 button.

Anytime you come across a suspicious file or one that you do not recognize, search the name using Google <- click here for an example.

Or search the following databases:If you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to one of the following online services that analyzes suspicious files (like you did with the program you downloaded):In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.

Edited by quietman7, 12 June 2011 - 07:23 AM.

Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users