Boot scan found a key logger I am not sure what to do with it so put it in the virus chest. Do we only send viruses to the lab.
What do I do with this file does putting it in the chest affect excel in any way?
Now my computer is so slow I could take a walk after pressing enter and usually do as it is driving me mad.
Well with only 1.58GHz processor and 448MB RAM its no wonder the system is slow.
Add more RAM as that would be your best and cheapest option.
Seems it was fast enough before I found the key logger. Ideas?
Sent it.
Seems it was fast enough before I found the key logger. Ideas?have you tried a second opinion scan with Malwarebytes ?
+1
What was the file name and original location ?
Putting it in the chest whilst investigating it is the safest option.
I did search on my computer for a key logger this is what it found. FAMILY-KEYLOGGER-SETUP.EXE-34A19BCE.pf been there since nov 11 C/windows prefetch. should I put this in the virus chest too?
Avast report says win32pup-C setting/documentw/Acer valued customer I sent it already
The first message said it was in excel guess it is not there anymore as it is in the virus chest. Not sure if these are the same thing or not. I recently used excel for the first time on this computer likely the day noted on the virus report nov 27.
Malware bites found nothing.
+1
The windows prefetch folder doesn’t actually contain the file, but details about its physical location on the hard disk, etc. so that it can be loaded quicker.
Did you actually install this family keylogger, given its name ?
Key-loggers act in a way that tries to hide them from view and this may well be what is being detected, what is the malware name that it was given ?
Seeing your other mention of the suffix PUP, means you have run a custom scan and had avast look for PUPs (Potentially Unwanted Program), this can open a whole can of worms if you don’t understand what a PUP is as many tools, etc. can have an alternative use good or evil and avast can’t determine intent.
That is where the PUP comes in, you the user have to know what you installed on your system and what it does and if it could potentially be used for malicious purposes (key-logger, etc.) then it could be classified a PUP.
ok thanks for you help.
You’re welcome.
I did not load the key logger but did take me computer to a family member for help around that time as I could not get the avast pro to work properly he helped me out perhaps he put it on bit creepy to think about. How would he see the logs as I rarely see him…
hoping it was just a glitch I have no little kids and usually am the only one who uses this laptop so there is no need for a key logger or security of that type.
Please change all your major passwords
Some Keylogger can email its installer with all your password and username logs including your screenshots and history
So, he doesn’t need to check your PC physically…
You could check when the file was created, if that coincides with a family member helping you out.
You could also check out these other tools:
If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).
-
- MalwareBytes Anti-Malware (MBAM), On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later. - 2. SUPERantispyware (SAS). On-Demand only in free version.
Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
I will change my passwords that will take some doing.
In the mean time before I do that I ran a super antispyware check and this is the report from there
Detected Item Description and Information
Listed below is basic information about the detected application/process. This application may not be safe to have on your system.
Summary : Trojan.Agent/Gen-KeySpy[FKL]
Company : Unknown/Varies
Description : Trojan.Agent/Gen-KeySpy[FKL].Process
is this the same thing?
no sense changing my passwords till I get rid of it as it will just copy them right?
Lots of tracking stuff and the other at the bottom. I will let sas do the trackers next. What of the other?
here is the log it is at the bottom the log will not fit I have to send it in two messages.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 12/02/2010 at 12:35 PM
Application Version : 4.46.1000
Core Rules Database Version : 5942
Trace Rules Database Version: 3754
Scan type : Quick Scan
Total Scan Time : 00:13:22
Memory items scanned : 447
Memory threats detected : 0
Registry items scanned : 1472
Registry threats detected : 1
File items scanned : 7198
File threats detected : 158
Trojan.Agent/Gen-KeySpy[FKL]
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#Sys32V2Contoller [ C:\WINDOWS\mw2mmgr32\mw2mmgr32.exe ]
Now is this the same problem or another one???
I had sas remove everything have to reboot.
Why did avast not see this one? Guess it pays to have more than one program.
It did (up to a point) in the boot-time scan, so far all three have found the keylogger (some different elements in different areas) and all will be likely to have different malware names for it as there is no standard naming convention for malware, so you can get lots of aliases.
After the reboot, run MBAM again and allow it to remove selected. Then run SAS again and finally run an avast scan.