![]() |
|
#1
|
|||
|
|||
![]()
Hey,
So apparently high stakes FTP players have recently been targeted with a fake email that instructs them to download a new security feature. The download is actually a keylogger according to FTPSean. I started downloading it before realizing that that was probably a huge mistake, and cancelled the download in my Firefox download manager. Anyway, although I cancelled the download I'm obviously still worried that my computer might be compromised: I have already shipped all my money to various friends but need to know what steps to take to clean up my computer so that I can use it freely. Thanks a lot for any help you can offer. |
#2
|
|||
|
|||
![]()
If you cancelled the download in the middle of it, then it shouldn't matter. Am I correct to assume that the link was only to a file? Did you have to visit a malicious website to access the download link?
For future reference, the standard procedure if you think you have a keylogger is: 1) Change all of your passwords, using a different computer of course. 2) Back up any files that you think are important. 3) Reformat your computer. For extra security, maybe you could also email the site support and tell them that your password may have been compromised, so ask if they can watch for any suspicious activity. |
#3
|
|||
|
|||
![]()
for future reference, a poker site will never send u any attachements
|
#4
|
|||
|
|||
![]()
Soon you'll see a video of perky on youtube on weed brownies dumping off your whole roll.
|
#5
|
|||
|
|||
![]()
[ QUOTE ]
for future reference, a poker site will never send u any attachements [/ QUOTE ] lol maybe not .exe files but they all send me reports in excel/word attachments all the time |
#6
|
|||
|
|||
![]()
[ QUOTE ]
[ QUOTE ] for future reference, a poker site will never send u any attachements [/ QUOTE ] lol maybe not .exe files but they all send me reports in excel/word attachments all the time [/ QUOTE ] [img]/images/graemlins/laugh.gif[/img] they won't send you unrequested attachments then |
#7
|
|||
|
|||
![]()
The link was only to a file, that's correct.
Is there any way to figure out if I have the keylogger or not? Right now I'm googling all of my processes to see if any of them are abnormal. Is there a quicker way to do this? |
#8
|
|||
|
|||
![]()
[ QUOTE ]
The link was only to a file, that's correct. Is there any way to figure out if I have the keylogger or not? Right now I'm googling all of my processes to see if any of them are abnormal. Is there a quicker way to do this? [/ QUOTE ] If you are 100% sure that you cut it off in the middle of the download, and did not run the program, then it won't affect your computer. A program is just a bunch of bits. It's not like your computer "catches" some disease in the middle of the download. It's running the program that makes your computer execute the malicious code. But if you want to be super, super sure, well, I don't know what to tell you. Some viruses/keyloggers/trojans/etc are really good at hiding themselves. Clearing out your drive and reformatting from scratch is the only thing I can think of that would guarantee you a clean computer. Maybe someone else on this forum who knows more about this kind of stuff can chip in. I'm not the most knowledgeable person here. |
#9
|
|||
|
|||
![]()
Well, anti-virus, anti-spyware, anti-malware etc. software usually detect keyloggers. But for all you know, the people that sent you this wrote the keylogger wrote it themselves. It wont be in the databases of these applications then and may not be caught.
If you are paranoid enough to still be worried after cancelling the download, is your mind really going to be at rest if a bunch of scanners tell you your system is clean? You should just format and get it done with. |
#10
|
|||
|
|||
![]()
[ QUOTE ]
The link was only to a file, that's correct. Is there any way to figure out if I have the keylogger or not? Right now I'm googling all of my processes to see if any of them are abnormal. Is there a quicker way to do this? [/ QUOTE ] i am going to suggest "HiJackThis!" (http://www.tomcoyote.org/hijackthis) if you dont' trust me, google "hijackthis!" for info on the program, then google for the program/forum itself. simply put, the program grabs every process, keyboard hook, registry entry, you name it, and displays it for you. you then google search EACH entry to find out if it is a safe/ok thing to have on your comp. a lot of the time what you'll see are cookies, which won't affect you, they just look scary. if that's too confusing, you can post the log hijack pukes out onto the forum, and someone will help you. that being said, if you cancelled it, i wouldn't worry. |
![]() |
|
|