Is this a keylogger?

Toggle sidebar Toggle sidebar
mechBgon

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
Originally posted by: RyanW2050
http://world0fwarcraft.*******net/my.php?image=wowscrnshot015505zh5.jpg
http://world0fwarcraft.*******net/my.php?image=wowscrnshot014736pm9.jpg

Remove the stars if you wish to view it. I believe i'm fully windows updated including the ANI exploit patch, but i am not running antivirus.

Can anyone see what's up in these links?

Thanks!
Click to expand...


I'll check them, but I can already tell you that the domain has been reported as Bad News? (note the numeral 0 in place of the letter O, in world0fwarcraft).

Please also note that just updating Windows is not enough these days. Use the Secunia online checkup to check for vulns in popular third-party software that the bad guys actively exploit. If you are using Vista with UAC enabled, or WinXP with a non-Admin user account then you are doing far better at containing such dangers.
 
mechBgon

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
Results for signature/heuristic detection at VirusTotal.com:

http://pics.bbzzdd.com/users/mechBgon/WoW_malware_1.gif

http://pics.bbzzdd.com/users/mechBgon/WoW_malware_2.gif

These files were delivered and executed by means of exploits. The bad guys can use whole batteries of exploits, so ANI might be just one way they'll try stuff. Definitely use the Secunia checkup monthly or more often, to help eliminate known vulnerabilities.

The files are certainly malicious, and you should give your system a going-over to see if you've got rootkits and/or other malware. Resources and security enhancement ideas.
 
R

RyanW2050

Senior member
Sep 2, 2005
311
0
0
Thanks a lot for the help Mech. I went ahead and reformatted, working on adding some more protection now.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom