|
|
Got a Keylogger Virus today
10-27-2010, 06:04 PM
|
#1
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,143
|
Got a Keylogger Virus today
I was replacing my antivirus software today. Instead of AVG, I decided to use Panda Cloud as AVG was taking too much time to scan.
Now I use a combo of Panda Cloud and Malewarebytes. So, after testing, installing Panda, I do a run of Malewarebyes just to be sure. An additional scan.
Malewarebyes comes up flagging a trojan virus called "trojan.zbot". I look it up and it's a keylogger that could be harmful.
Now I wonder, how long have I had that on? Could someone had recorded my keystrokes? Looks like neither the scan of AVG from lastnight nor Panda caught this
So, I just ended up for the past hours changing passwords to my accounts that would be a target (such as Vanguard, credit cards, my bank, paypal etc).
Usually, the challenge questions for logins are a nusiance. But now I'm glad they have them.
Still I wonder..could someone have my keylogs in their possession?
If there's a post from me like.."Hey..Im' Brett Favre..I got this text message..." my explaination is my computer got hijacked!
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
10-27-2010, 06:19 PM
|
#2
|
Thinks s/he gets paid by the post
Join Date: Jun 2005
Posts: 4,391
|
These things are a reality of the internet today. Firewalls and anti-virus software will help but will not prevent every virus infection. none of the anti-virus software routines catch every infection.
Could you have had this for a long time ?... The answer is yes it is possible.
could someone have my keylogs in their possession?... The answer is yes it is possible.
|
|
|
10-27-2010, 06:20 PM
|
#3
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Sep 2005
Location: Charleston, SC
Posts: 13,566
|
That is scary! I changed to Avast recently after having a very pesky time with browser hijacks when I was using AVG. I also use malwarebytes. Hope you don't have any trouble!
__________________
“One day your life will flash before your eyes. Make sure it's worth watching.”
Gerard Arthur Way
|
|
|
10-27-2010, 06:26 PM
|
#4
|
Thinks s/he gets paid by the post
Join Date: Jul 2006
Location: Denver
Posts: 3,518
|
I use Microsoft's free Security Essentials, but after reading your message, I've downloaded the free malwarebytes and am scanning my computer now. Thanks for posting.
I also use NoScript, a plug-in for Firefox that prevents scripts from running unless you allow them. It is a pain when you start using it, but as you add your trusted sites to its list, it gets easier.
|
|
|
10-27-2010, 06:29 PM
|
#5
|
Thinks s/he gets paid by the post
Join Date: Jun 2005
Posts: 4,391
|
Those virus scanners will help.
However just google "trojan.zbot" to see how sophisticated these viruses have become.
It's a losers battle. You can't win every time.
Instead perhaps we should consider (and reconsider) what we do on the Internet.
|
|
|
10-27-2010, 07:32 PM
|
#6
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,143
|
I was looking at the log from Malewarebytes. It doesn't say when I got the virus, but it was in a temporary internet folder (IE5), and referred to a .gif image.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
10-28-2010, 01:16 AM
|
#7
|
Thinks s/he gets paid by the post
Join Date: Sep 2010
Location: midwestern city
Posts: 4,061
|
Hello - I use Norton antivirus. Should I download malwarebytes ? What is the difference between the two ? Sorry I am not an IT expert.
Quote:
Originally Posted by walkinwood
I use Microsoft's free Security Essentials, but after reading your message, I've downloaded the free malwarebytes and am scanning my computer now.
|
__________________
Very conservative with investments. Not ER'd yet, 48 years old. Please do not take anything I write or imply as legal, financial or medical advice directed to you. Contact your own financial advisor, healthcare provider, or attorney for financial, medical and legal advice.
|
|
|
10-28-2010, 04:54 AM
|
#8
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,719
|
Where was the keylogger located? Did it ever run?
|
|
|
10-28-2010, 06:19 AM
|
#9
|
Thinks s/he gets paid by the post
Join Date: Jun 2010
Location: Palma de Mallorca
Posts: 1,419
|
I run no anti-virus software at all, because (to a first approximation) it doesn't work. If I suspect a problem, I use ComboFix, which I have seen catch malware which no other A/V software knew about.
|
|
|
10-28-2010, 07:19 AM
|
#10
|
Thinks s/he gets paid by the post
Join Date: Aug 2006
Posts: 2,433
|
Quote:
Originally Posted by obgyn65
Hello - I use Norton antivirus. Should I download malwarebytes ? What is the difference between the two ? Sorry I am not an IT expert.
|
From this, I would guess Norton would find it.
__________________
I'd rather be governed by the first one hundred names in the telephone book than the Harvard faculty - William F. Buckley
|
|
|
10-28-2010, 08:38 AM
|
#11
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,143
|
Just got a call this morning from Discover Card security. There was a fruadulant charge of $1 on it to a place in CA.
Hmmm..very supicious.
My card got cancelled and they are going to rush me a new one tomorrow. What a pain as I have lots of recurring bills set on my card..and will have to re-notifiy all of them.
When I run Malewarebytes, it says the zbot virus is removed. So I restart and run again then it shows as flagged again. I tried a program supposedly to kill the zbot virus but that didn't work either.
Next, I may have to restore from a clean image instead of trying to fix. Also, I'm going to use an uninfected laptop as for now, who knows, anything I type might be compromised unitil I get this fixed....
What fun...---NOT!
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
10-28-2010, 08:52 AM
|
#12
|
Thinks s/he gets paid by the post
Join Date: Jul 2009
Posts: 1,934
|
If you have or had a keylogger virus, then everything you've typed has almost certainly been transmitted to someone else. That includes URLs you've entered manually, usernames, passwords, answers to security questions, and credit card numbers.
Quote:
Originally Posted by easysurfer
When I run Malewarebytes, it says the zbot virus is removed. So I restart and run again then it shows as flagged again
|
Wipe the drive. Anything less is too high a risk IMO.
__________________
And if I claim to be a wise man, it surely means that I don't know.
|
|
|
10-28-2010, 09:47 AM
|
#13
|
Administrator
Join Date: Feb 2007
Location: Pacific NW
Posts: 6,177
|
Quote:
Originally Posted by obgyn65
Hello - I use Norton antivirus. Should I download malwarebytes ? What is the difference between the two ? Sorry I am not an IT expert.
|
You need both. malwarebytes is a great tool to scan your system and remove garbage but does not really do real time monitoring. For that you need norton or some other virus protection. I have used a number of antivirus schemes over the years - none are perfect. All you can do is practice 'save internet' and hope for the best.
I have had a couple of nasty rootkits in the past year that norton didn't even detect and could not remove. Malwarebytes did. But Norton has filtered a lot of daily garbage.
|
|
|
10-28-2010, 10:01 AM
|
#14
|
Thinks s/he gets paid by the post
Join Date: Oct 2010
Location: Waimanalo, HI
Posts: 1,881
|
I've run Linux since the early 90s on systems where I work and my computers at home. Never ran any anti-virus software, never had a virus. I did run a rootkit hunter on a system at work, but it never found anything -- just irritated me with daily emails.
__________________
Greg (retired in 2010 at age 68, state pension)
|
|
|
10-28-2010, 10:04 AM
|
#15
|
Thinks s/he gets paid by the post
Join Date: Jun 2005
Posts: 4,391
|
And how would you know you never had a virus ?
A virus like a keylogger is hard to detect.
|
|
|
10-28-2010, 10:13 AM
|
#16
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: May 2005
Posts: 17,237
|
Quote:
Originally Posted by BigNick
I run no anti-virus software at all, because (to a first approximation) it doesn't work. If I suspect a problem, I use ComboFix, which I have seen catch malware which no other A/V software knew about.
|
From your link.... sound like it is not for the untrained...
You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.
|
|
|
10-28-2010, 11:00 AM
|
#17
|
Thinks s/he gets paid by the post
Join Date: Jun 2010
Location: Palma de Mallorca
Posts: 1,419
|
Quote:
Originally Posted by Texas Proud
From your link.... sound like it is not for the untrained...
You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.
|
I read that too, but when I ran it, it just churned away for 15 minutes, rebooted once, produced a report saying what it had done, and my keylogging rootkit was gone. I suspect that they just put that on there to reduce the number of support calls which they get. If your PC is doing weird things and other stuff doesn't help, there's not much to lose.
Don't forget that 2-3% of all PCs suffer irretrievable, spontaneous loss of the entire hard disk each year, in which case, not only do you have to reinstall, but you've also got to remember how to restore those backups which you assiduously make daily. Drive failure destroys several orders of magnitude more data per year than viruses, but because there's nobody to blame (usually), it doesn't make the papers.
|
|
|
10-28-2010, 01:17 PM
|
#18
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,143
|
Well, I'm using my laptop at the moment. I'm pretty sure it is keylogger free but am doing a malewarebytes scan at the moment.
On my desktop, I think the keylogger has been there for awhile and by chance I decided to do a malewarebytes scan yesterday and flagged it. Yet, it is peculiar that the day after, someone tried to used my Discover card fradulently.
I have this rollback software that takes snapshots of my system and hard drive. I went back to August, then did a scan but the Zbot virus was still found. Rather go going month by month back, I went back to the very first snapshot (2008), then did I scan, and the virus was not there.
So, I restored my desktop to my pristine image from back in 2008, just did one more scan and no Zbot virus.
Time to set up my computer and recover from that point....
Still I'm gonna reset some passwords...my router, main emails, etc. and keep my fingers crossed no other info besides my Discover card got compromised.
A keylogger is one that I fear the most...never one impacted by one (that I know of ) until now.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
10-28-2010, 01:28 PM
|
#19
|
Thinks s/he gets paid by the post
Join Date: Oct 2010
Location: Waimanalo, HI
Posts: 1,881
|
Quote:
Originally Posted by easysurfer
I'm pretty sure it is keylogger free but am doing a malewarebytes scan at the moment.
|
If I've followed this saga, you've found the keylogger every time after you've run Malwarebytes. If it's Malwarebytes that is infected, even if your system was keylogger free before the scan, it will be virus-full after. Well, good luck.
__________________
Greg (retired in 2010 at age 68, state pension)
|
|
|
10-28-2010, 03:30 PM
|
#20
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Nov 2009
Posts: 6,695
|
My friend got a rather new virus called Antivirsnow which is a fake antivirus program. It prevented all antivirus and antispyware programs including symantec, spybot S&D, and Malwarebytes from opening. It also prevented MSCONFIG from running (wanted to run System Restore from there) and most other ordinary PC tasks.
What I did last night was to reboot into Safe Mode, then run System Restore from there to a point before the trouble started. This reset the registry so the 3 programs could open and start running. Malwarebytes and Symantec found some bad stuff and cleaned up the system. Took a few hours but he is fine now.
__________________
Retired in late 2008 at age 45. Cashed in company stock, bought a lot of shares in a big bond fund and am living nicely off its dividends. IRA, SS, and a pension await me at age 60 and later. No kids, no debts.
"I want my money working for me instead of me working for my money!"
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|