PDA

View Full Version : Potential keylogger. I noticed the free version has definitions. Also questions



Joshuacm
2021-12-08, 06:15
My system has weird activity. Cursors moving and opening things at random times (even in airplane mode). It moved to open a wifi connection when it was offline. I have had websites opened on a different browser when i was not using the computer, and things opened while i was in safe mode.

I do not really know what it is, since is undetected.

I would also like to know how to know what I am supposed to do when Spybot only detects registry issues and text files for the most part, as well as tracking cookies? I don't want to tell it to fix those since I don't know specifically if they are anything wrong. Spybot does not say what they are. I did notice that during the installation, it was installing keylogger and trojan definitions, despite that it is not specifically including the antivirus portion of Spybot.

I think that maybe I might need more definitions to find something, but I am not sure. I also wonder if somebody might know what I need to do.

Zenobia
2021-12-09, 05:09
The malware removal forum was read only for a little while, but I think it is open again. From the problems you're describing, perhaps it would be best if you post there. There are instructions here:
https://forums.spybot.info/showthread.php?288-quot-BEFORE-You-POST-quot-(Please-read-this-Procedure-Before-Requesting-Assistance)-Updated
Along with the logs, etc. it is probably best if you describe what you did in this post with the cursor moving, etc.

As for what Spybot is finding, I noticed in the logfile of your other post that there is a pups listed at the top. Spybot has a page on what a pup is from their older webpage(see the note at the bottom):
https://www.safer-networking.org/faq/pups/

The rest of your logfile, if I haven't missed anything, appear to be tracks related. What they are, is described here:
https://www.safer-networking.org/faq/usage-tracks/

After a scan, there should be a threat level bar under the threat level category, which denotes how much of a threat an item is. And if you click on an item it should show a threat level number under Details. The threat level goes from 1 to 10, 1 or 2 being a very low threat level.

Joshuacm
2021-12-09, 05:45
The malware removal forum was read only for a little while, but I think it is open again. From the problems you're describing, perhaps it would be best if you post there. There are instructions here:
https://forums.spybot.info/showthread.php?288-quot-BEFORE-You-POST-quot-(Please-read-this-Procedure-Before-Requesting-Assistance)-Updated
Along with the logs, etc. it is probably best if you describe what you did in this post with the cursor moving, etc.

As for what Spybot is finding, I noticed in the logfile of your other post that there is a pups listed at the top. Spybot has a page on what a pup is from their older webpage(see the note at the bottom):
https://www.safer-networking.org/faq/pups/

The rest of your logfile, if I haven't missed anything, appear to be tracks related. What they are, is described here:
https://www.safer-networking.org/faq/usage-tracks/

After a scan, there should be a threat level bar under the threat level category, which denotes how much of a threat an item is. And if you click on an item it should show a threat level number under Details. The threat level goes from 1 to 10, 1 or 2 being a very low threat level.

I am not that concerned with PUPs, as every time that I have detected those types of programs, they are not harmful programs. I will have to run this scan again though, as my system has some other issues that make me have to restart it sometimes when I lose a connection to the internet. I have posted probably on a area of this site since the free version scans for those. That question, somebody can answer there or here. However, I would likely want to scan for that again as well. But there is not any log option. Do both regular scans require some sort of information? You said that one says the number. I saw that one had low-level bars.

I had my windows profile fixed and the firewall was uninstalled, and all sorts of weird activity started happening. During that process, I reinstalled the firewall after i noticed it, and made sure that an antivirus sofware was running. some viruses were found and quarantined, then nothing was found. my friend said it could be a keylogger, and I found in search engine that spybot was recommended. If you mean what i was doing while this happened, it is this:
At first, i noticed that when my system came out of sleep mode, i would keep finding folders opened that i hadn't opened. Then when I was away from the computer, I would come back and find different things opened. Then I started seeing activity happening while I was at the computer. I also found out that it happened again while I was away.

Zenobia
2021-12-10, 09:04
I posted a link in my first post to the ""BEFORE You POST"(Please read this Procedure Before Requesting Assistance)- Updated link" in the malware removal forum which contains help and instructions on posting in the Malware Removal forum, but I forgot to post the link to the malware removal forum itself, which may have caused some confusion when I suggested a description. Sorry about that. :) The Malware Removal forum is still read only for right now, so you'll have to hold off on posting there for the time being. I see tashi replied to you in the Rootalyzer section of the forum, and offered to look at your rootalyzer logfile. She included instructions for where that logfile is located. You might like to follow this link and reply to her there:
https://forums.spybot.info/showthread.php?77636-Does-the-rootkit-scan-in-spy-bot-free-provide-logs&p=486265#post486265

tashi
2021-12-10, 20:52
Thank you Zenobia. :)

I have re-opened the malware forum. :kboard:

Zenobia
2021-12-10, 22:11
Cool! :)

Joshuacm the malware removal forum is an option for you to post to if you'd like, since it's no longer read only.

There are instructions for posting there, and the logs you need, etc. listed in this post:
https://forums.spybot.info/showthread.php?288-quot-BEFORE-You-POST-quot-(Please-read-this-Procedure-Before-Requesting-Assistance)-Updated

And once you're followed those instructions, you can post in the Malware Removal forum here:
https://forums.spybot.info/forumdisplay.php?22-Malware-Removal

tashi
2021-12-15, 19:22
New topic: https://forums.spybot.info/showthread.php?77640-Please-help-with-the-logs-before-i-post-them-to-detect-suspicious-activity&p=486297#post486297