Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Got a Keylogger Virus today
Old 10-27-2010, 07:04 PM   #1
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,885
Got a Keylogger Virus today

I was replacing my antivirus software today. Instead of AVG, I decided to use Panda Cloud as AVG was taking too much time to scan.

Now I use a combo of Panda Cloud and Malewarebytes. So, after testing, installing Panda, I do a run of Malewarebyes just to be sure. An additional scan.

Malewarebyes comes up flagging a trojan virus called "trojan.zbot". I look it up and it's a keylogger that could be harmful.

Now I wonder, how long have I had that on? Could someone had recorded my keystrokes? Looks like neither the scan of AVG from lastnight nor Panda caught this

So, I just ended up for the past hours changing passwords to my accounts that would be a target (such as Vanguard, credit cards, my bank, paypal etc).

Usually, the challenge questions for logins are a nusiance. But now I'm glad they have them.

Still I wonder..could someone have my keylogs in their possession?

If there's a post from me like.."Hey..Im' Brett Favre..I got this text message..." my explaination is my computer got hijacked!
__________________

__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is online now   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 10-27-2010, 07:19 PM   #2
Thinks s/he gets paid by the post
MasterBlaster's Avatar
 
Join Date: Jun 2005
Posts: 4,359
These things are a reality of the internet today. Firewalls and anti-virus software will help but will not prevent every virus infection. none of the anti-virus software routines catch every infection.

Could you have had this for a long time ?... The answer is yes it is possible.

could someone have my keylogs in their possession?... The answer is yes it is possible.
__________________

__________________
MasterBlaster is offline   Reply With Quote
Old 10-27-2010, 07:20 PM   #3
Moderator
Sarah in SC's Avatar
 
Join Date: Sep 2005
Location: Charleston, SC
Posts: 13,456
That is scary! I changed to Avast recently after having a very pesky time with browser hijacks when I was using AVG. I also use malwarebytes. Hope you don't have any trouble!
__________________
“One day your life will flash before your eyes. Make sure it's worth watching.”
Gerard Arthur Way

Sarah in SC is offline   Reply With Quote
Old 10-27-2010, 07:26 PM   #4
Thinks s/he gets paid by the post
walkinwood's Avatar
 
Join Date: Jul 2006
Location: Denver
Posts: 2,676
I use Microsoft's free Security Essentials, but after reading your message, I've downloaded the free malwarebytes and am scanning my computer now. Thanks for posting.

I also use NoScript, a plug-in for Firefox that prevents scripts from running unless you allow them. It is a pain when you start using it, but as you add your trusted sites to its list, it gets easier.
__________________
walkinwood is offline   Reply With Quote
Old 10-27-2010, 07:29 PM   #5
Thinks s/he gets paid by the post
MasterBlaster's Avatar
 
Join Date: Jun 2005
Posts: 4,359
Those virus scanners will help.

However just google "trojan.zbot" to see how sophisticated these viruses have become.

It's a losers battle. You can't win every time.

Instead perhaps we should consider (and reconsider) what we do on the Internet.
__________________
MasterBlaster is offline   Reply With Quote
Old 10-27-2010, 08:32 PM   #6
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,885
I was looking at the log from Malewarebytes. It doesn't say when I got the virus, but it was in a temporary internet folder (IE5), and referred to a .gif image.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is online now   Reply With Quote
Old 10-28-2010, 02:16 AM   #7
Thinks s/he gets paid by the post
obgyn65's Avatar
 
Join Date: Sep 2010
Location: midwestern city
Posts: 4,061
Hello - I use Norton antivirus. Should I download malwarebytes ? What is the difference between the two ? Sorry I am not an IT expert.

Quote:
Originally Posted by walkinwood View Post
I use Microsoft's free Security Essentials, but after reading your message, I've downloaded the free malwarebytes and am scanning my computer now.
__________________
Very conservative with investments. Not ER'd yet, 48 years old. Please do not take anything I write or imply as legal, financial or medical advice directed to you. Contact your own financial advisor, healthcare provider, or attorney for financial, medical and legal advice.
obgyn65 is offline   Reply With Quote
Old 10-28-2010, 05:54 AM   #8
Thinks s/he gets paid by the post
target2019's Avatar
 
Join Date: Dec 2008
Posts: 3,705
Where was the keylogger located? Did it ever run?
__________________
target2019 is online now   Reply With Quote
Old 10-28-2010, 07:19 AM   #9
Thinks s/he gets paid by the post
 
Join Date: Jun 2010
Location: France
Posts: 1,195
I run no anti-virus software at all, because (to a first approximation) it doesn't work. If I suspect a problem, I use ComboFix, which I have seen catch malware which no other A/V software knew about.
__________________
Age 56, retired July 1, 2012; DW is 60 and working for 2 more years. Current portfolio is 2000K split 50 stocks/20 bonds/30 cash. Renting house, no debts.
BigNick is offline   Reply With Quote
Old 10-28-2010, 08:19 AM   #10
Thinks s/he gets paid by the post
FIRE'd@51's Avatar
 
Join Date: Aug 2006
Posts: 2,315
Quote:
Originally Posted by obgyn65 View Post
Hello - I use Norton antivirus. Should I download malwarebytes ? What is the difference between the two ? Sorry I am not an IT expert.
From this, I would guess Norton would find it.
__________________
I'd rather be governed by the first one hundred names in the telephone book than the Harvard faculty - William F. Buckley
FIRE'd@51 is offline   Reply With Quote
Old 10-28-2010, 09:38 AM   #11
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,885
Just got a call this morning from Discover Card security. There was a fruadulant charge of $1 on it to a place in CA.

Hmmm..very supicious.

My card got cancelled and they are going to rush me a new one tomorrow. What a pain as I have lots of recurring bills set on my card..and will have to re-notifiy all of them.

When I run Malewarebytes, it says the zbot virus is removed. So I restart and run again then it shows as flagged again. I tried a program supposedly to kill the zbot virus but that didn't work either.

Next, I may have to restore from a clean image instead of trying to fix. Also, I'm going to use an uninfected laptop as for now, who knows, anything I type might be compromised unitil I get this fixed....

What fun...---NOT!
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is online now   Reply With Quote
Old 10-28-2010, 09:52 AM   #12
Thinks s/he gets paid by the post
Onward's Avatar
 
Join Date: Jul 2009
Posts: 1,665
If you have or had a keylogger virus, then everything you've typed has almost certainly been transmitted to someone else. That includes URLs you've entered manually, usernames, passwords, answers to security questions, and credit card numbers.

Quote:
Originally Posted by easysurfer View Post
When I run Malewarebytes, it says the zbot virus is removed. So I restart and run again then it shows as flagged again
Wipe the drive. Anything less is too high a risk IMO.
__________________
And if I claim to be a wise man, it surely means that I don't know.
Onward is online now   Reply With Quote
Old 10-28-2010, 10:47 AM   #13
Administrator
Janet H's Avatar
 
Join Date: Feb 2007
Location: Pacific NW
Posts: 4,956
Quote:
Originally Posted by obgyn65 View Post
Hello - I use Norton antivirus. Should I download malwarebytes ? What is the difference between the two ? Sorry I am not an IT expert.

You need both. malwarebytes is a great tool to scan your system and remove garbage but does not really do real time monitoring. For that you need norton or some other virus protection. I have used a number of antivirus schemes over the years - none are perfect. All you can do is practice 'save internet' and hope for the best.

I have had a couple of nasty rootkits in the past year that norton didn't even detect and could not remove. Malwarebytes did. But Norton has filtered a lot of daily garbage.
__________________
E-R.org Custom Google Search | You're only given a little spark of madness. You mustn't lose it. (Robin Williams)
Janet H is offline   Reply With Quote
Old 10-28-2010, 11:01 AM   #14
Thinks s/he gets paid by the post
GregLee's Avatar
 
Join Date: Oct 2010
Location: Waimanalo, HI
Posts: 1,881
I've run Linux since the early 90s on systems where I work and my computers at home. Never ran any anti-virus software, never had a virus. I did run a rootkit hunter on a system at work, but it never found anything -- just irritated me with daily emails.
__________________
Greg (retired in 2010 at age 68, state pension)
GregLee is offline   Reply With Quote
Old 10-28-2010, 11:04 AM   #15
Thinks s/he gets paid by the post
MasterBlaster's Avatar
 
Join Date: Jun 2005
Posts: 4,359
And how would you know you never had a virus ?

A virus like a keylogger is hard to detect.
__________________
MasterBlaster is offline   Reply With Quote
Old 10-28-2010, 11:13 AM   #16
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: May 2005
Posts: 13,271
Quote:
Originally Posted by BigNick View Post
I run no anti-virus software at all, because (to a first approximation) it doesn't work. If I suspect a problem, I use ComboFix, which I have seen catch malware which no other A/V software knew about.
From your link.... sound like it is not for the untrained...


You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.
__________________
Texas Proud is online now   Reply With Quote
Old 10-28-2010, 12:00 PM   #17
Thinks s/he gets paid by the post
 
Join Date: Jun 2010
Location: France
Posts: 1,195
Quote:
Originally Posted by Texas Proud View Post
From your link.... sound like it is not for the untrained...

You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.
I read that too, but when I ran it, it just churned away for 15 minutes, rebooted once, produced a report saying what it had done, and my keylogging rootkit was gone. I suspect that they just put that on there to reduce the number of support calls which they get. If your PC is doing weird things and other stuff doesn't help, there's not much to lose.

Don't forget that 2-3% of all PCs suffer irretrievable, spontaneous loss of the entire hard disk each year, in which case, not only do you have to reinstall, but you've also got to remember how to restore those backups which you assiduously make daily. Drive failure destroys several orders of magnitude more data per year than viruses, but because there's nobody to blame (usually), it doesn't make the papers.
__________________
Age 56, retired July 1, 2012; DW is 60 and working for 2 more years. Current portfolio is 2000K split 50 stocks/20 bonds/30 cash. Renting house, no debts.
BigNick is offline   Reply With Quote
Old 10-28-2010, 02:17 PM   #18
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,885
Well, I'm using my laptop at the moment. I'm pretty sure it is keylogger free but am doing a malewarebytes scan at the moment.

On my desktop, I think the keylogger has been there for awhile and by chance I decided to do a malewarebytes scan yesterday and flagged it. Yet, it is peculiar that the day after, someone tried to used my Discover card fradulently.

I have this rollback software that takes snapshots of my system and hard drive. I went back to August, then did a scan but the Zbot virus was still found. Rather go going month by month back, I went back to the very first snapshot (2008), then did I scan, and the virus was not there.

So, I restored my desktop to my pristine image from back in 2008, just did one more scan and no Zbot virus.

Time to set up my computer and recover from that point....

Still I'm gonna reset some passwords...my router, main emails, etc. and keep my fingers crossed no other info besides my Discover card got compromised.

A keylogger is one that I fear the most...never one impacted by one (that I know of ) until now.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is online now   Reply With Quote
Old 10-28-2010, 02:28 PM   #19
Thinks s/he gets paid by the post
GregLee's Avatar
 
Join Date: Oct 2010
Location: Waimanalo, HI
Posts: 1,881
Quote:
Originally Posted by easysurfer View Post
I'm pretty sure it is keylogger free but am doing a malewarebytes scan at the moment.
If I've followed this saga, you've found the keylogger every time after you've run Malwarebytes. If it's Malwarebytes that is infected, even if your system was keylogger free before the scan, it will be virus-full after. Well, good luck.
__________________
Greg (retired in 2010 at age 68, state pension)
GregLee is offline   Reply With Quote
Old 10-28-2010, 04:30 PM   #20
Thinks s/he gets paid by the post
 
Join Date: Nov 2009
Posts: 3,863
My friend got a rather new virus called Antivirsnow which is a fake antivirus program. It prevented all antivirus and antispyware programs including symantec, spybot S&D, and Malwarebytes from opening. It also prevented MSCONFIG from running (wanted to run System Restore from there) and most other ordinary PC tasks.

What I did last night was to reboot into Safe Mode, then run System Restore from there to a point before the trouble started. This reset the registry so the 3 programs could open and start running. Malwarebytes and Symantec found some bad stuff and cleaned up the system. Took a few hours but he is fine now.
__________________

__________________
Retired in late 2008 at age 45. Cashed in company stock, bought a lot of shares in a big bond fund and am living nicely off its dividends. IRA, SS, and a pension await me at age 60 and later. No kids, no debts.

"I want my money working for me instead of me working for my money!"
scrabbler1 is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Possible virus in your joints? Orchidflower Health and Early Retirement 9 08-22-2009 10:20 PM
Virus questions FinallyRetired Health and Early Retirement 3 11-15-2007 08:34 AM
Any Virus issues on Macs? ERD50 Other topics 50 11-01-2007 09:12 PM
Ever had a Computer Virus Rustic23 Other topics 16 11-01-2007 09:03 PM
Storm Worm~ Virus mickeyd Other topics 4 01-23-2007 01:29 PM

 

 
All times are GMT -6. The time now is 10:53 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.