Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I have a keylogger

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: I have a keylogger

Unread postby tan_pang » August 25th, 2009, 12:15 pm

Hi, sorry for the wait.

Since that you have backup the HTML files, I would suggest you to remove ALL the html file, and also All the 7zip file that contain HTML (or any other file extension that been listed before)

If you have restore any of them in the re-formatted machine, then I would advise you to reformat the machine again, without backup any files with file extension listed above.
tan_pang
Regular Member
 
Posts: 959
Joined: August 12th, 2007, 8:04 am
Advertisement
Register to Remove

Re: I have a keylogger

Unread postby sinclaire » August 25th, 2009, 6:43 pm

The backups are burned on CD-R, and I haven't used them since doing the format. If there is a virus contained in those files, I would have thought there'd be a scan that will indicate its presence or absence.

As much as I want to keep my computer safe from further infection, there comes a point when I must be able to recover something from all this. What are my options?
sinclaire
Regular Member
 
Posts: 26
Joined: August 12th, 2009, 6:14 pm

Re: I have a keylogger

Unread postby tan_pang » August 27th, 2009, 8:21 am

Hi, please be aware that not only rootkit, the machine might be infected with Virus infection as well.

As a matter of the fact, we don't know how long the computer was infected to begin with. And giving that one of the infections is a file infector variant, even if the CD-R is scanned by a on-board AV it might not flag the infected files at all. And the very possible scenario the backups will infect the computer again.
The risk is too great that something could go undetected because of the nature of the polymorphic virus infections that were on the computer.

As an example like Virut, miekiemoes have write some article about it on her blog:
tan_pang
Regular Member
 
Posts: 959
Joined: August 12th, 2007, 8:04 am

Re: I have a keylogger

Unread postby sinclaire » August 27th, 2009, 7:30 pm

Thank you for pointing me at those articles, they were informative.

Despite the risks I'm going to attempt to determine if any files have been altered by manually inspecting them. If iframes have been injected into the HTM or XML files, then it will be quite obvious to Eyeballs Mark I.

I appreciate your assessment of the threat, but the worst that can happen is that I have to re-format and start again. I just did that on Sunday and I don't have any new data to lose so I don't see that there's anything to be lost by trying. Worst case scenario, I may still retrieve the files which don't match the requirements for infection. In my opinion at least it's a case of lose-win being better than win-lose.
sinclaire
Regular Member
 
Posts: 26
Joined: August 12th, 2009, 6:14 pm

Re: I have a keylogger

Unread postby tan_pang » August 29th, 2009, 10:30 am

OK, you may try and I will say this machine is All Clean. :)

Kindly follow these simple steps in order to keep your computer clean and secure:

  1. ANTIVIRUS SOFTWARE
    It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  2. FIREWALL
    Without a firewall your computer is succeptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. A tutorial on Firewalls and a listing of some available ones can be found here ? http://www.bleepingcomputer.com/forums/tutorial60.html
  3. Microsoft Windows Update ? http://www.windowsupdate.com
    Visit regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
    Alternatively, you can enable the automatic update by follow the instruction in here ? http://www.microsoft.com/protect/comput ... es/mu.mspx
  4. SPYWAREBLASTER
    SpywareBlaster prevents the installation of malicious ActiveX, adware, browser hijackers, dialers, and other potentially unwanted software. Blocks spyware/tracking cookies & restricts the actions of potentially unwanted sites.

    Unlike other programs, SpywareBlaster does not have to remain running in the background. A tutorial on installing & using this product can be found here ? http://www.bleepingcomputer.com/forums/tutorial49.html
Update all these programs regularly. Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically. Here are some additional utilities that will further enhance your safety.
  • http://www.trillian.cc Trillian or http://www.miranda-im.com ? Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  • http://www.mozilla.org/products/firefox/ - Firefox - Use this alternate browser. Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness.
  • http://java.com/en/index.jsp - Sun's Java - It's much more secure than Microsoft's Java Virtual Machine.
  • http://www.aumha.org/downloads/erunt-setup.exe - ERUNT - A useful freeware utility for users of Windows 2000/XP. It's made up of two parts - ERUNT & NTREGOPT.

    ERUNT will create daily complete backups of your computer's Registry. Whilst System Restore does the same thing, a corrupt registry file may prevent Windows from booting & this effectively renders disables System Restore. With ERUNT, you're able to restore the damaged Registry.

    NTREGOPT works by recreating each registry hive "from scratch", thus removing any slack space that may be left from previously modified or deleted keys. In other words, it compacts the Registry to a small size which allows Windows to load & perform faster.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein - http://www.malwareremoval.com/forum/viewtopic.php?f=11&t=4959

After doing all these, your system will be optimised against future threats.

Have a safe & happy computing day. Image

Kindly respond to this thread once more so we can mark this thread as resolved.
tan_pang
Regular Member
 
Posts: 959
Joined: August 12th, 2007, 8:04 am

Re: I have a keylogger

Unread postby silver » September 2nd, 2009, 9:11 pm

This topic is now closed
We are pleased to have been of assistance.

If you have been helped and wish to donate with the costs of this volunteer site, you can do so using this link
Donations For Malware Removal
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 29 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware