Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keylogger Zipped


  • Please log in to reply
7 replies to this topic

#1 Hijauser

Hijauser

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 16 April 2007 - 11:21 AM

I downloaded something earlier an got it scanned at VirusTotal. They said it had a keylogger in it, I didn't unzip the folder I just scanned it an then deleted it and did a system restore. Am I ok now? I'm gonna run my anti-virus program AVAST and probably use Pandasoft online scanner later just to be safe but I just wanted to ask if most likely I am safe since I hadn't unzipped the folder an got rid of it right after VirusTotal said it was infected.

Sorry if what I said above is all jumbled and what not but I'm just scared at the moment since I saw that it had a keylogger in it.


[Also I don't have the name of the keylogger cause right when I saw it I went right to deleting it an then restoring my computer to the day before.]

BC AdBot (Login to Remove)

 


#2 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:08:12 AM

Posted 16 April 2007 - 11:30 AM

I think you handled this matter very prudently and yes you should be ok. provding you did not open any other files which came together with that dowload.

Ofcourse you can allways follow the steps as layed out in the thread Where to start posting a HiJackThisLog. You have to bear in mind though that it is very busy in that particular section.

What you could do is :

In normal mode, run an online antivirus check from at least two and preferably three of the following sites
BitDefender
Computer Associates Online Virus Scan
Panda's ActiveScan
Trend Micro Housecall
Windows Live Safety Center Free Online Scan
This scanner from Trend does not require an Active X to run.

1. Detects and removes malware ( viruses, worms, trojans, etc. )
2. Detects and removes grayware and spyware
3. Restores damage caused by malware to your system.
4. Notifies about vulnerabilities in installed programs and connected network services.
5. Multi-platform support for: Windows, Linux, Solaris.
6. Easy-to-use with the Microsoft Internet Explorer and Mozilla Firefox.

I suggest scan nr 1,3 and 6

#3 Hijauser

Hijauser
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 16 April 2007 - 12:08 PM

Thanks a bunch I feel alot better now, I'll go to 3 of those sites an run a scan after I finish scanning with my anti virus program avast. Once again thank you for putting my mind at ease.


One more thing, about "provding you did not open any other files which came together with that dowload. " I didn't open anything I just scanned the Zipped Folder with avast an then had VirusTotal.com scan it.

Edited by Hijauser, 16 April 2007 - 12:32 PM.


#4 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:08:12 AM

Posted 16 April 2007 - 12:50 PM

Than you should be ok. Let's see if the scans will pick up something

#5 Hijauser

Hijauser
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 16 April 2007 - 05:03 PM

Well avast found something not sure if it was from that,

C:\WINDOWS\system32\ActiveScan\sporder.dll
Infection: Win32:Agent-GEA [Trj]

I deleted it with avast, hopefully deleting is all I gotta do to stop it.

#6 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:08:12 AM

Posted 16 April 2007 - 05:08 PM

download this to make sure you are all ok

#7 Hijauser

Hijauser
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 16 April 2007 - 06:32 PM

Oh thanks man, never thought about finding a replacement for that. This site sure has everything you need.

#8 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:08:12 AM

Posted 17 April 2007 - 02:33 AM

We aim to please..:thumbsup: Glad to have ben of help




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users