1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I found a Keylogger in Peerguardian 2..

Discussion in 'All other topics' started by BigPantz, Apr 22, 2005.

  1. BigPantz

    BigPantz Regular member

    Joined:
    Jun 11, 2013
    Messages:
    142
    Likes Received:
    0
    Trophy Points:
    26
    I ran Microsoft AntiSpyware earlier and it found a file called NS keylogger personal monitor key logger, the author being NiceSoft.
    the scary thing was that it was in the PeerGuardian2 program file.

    I deleted it as i do with any other spyware, then clicked on PG2 and my blocklists had dissapeared. 'Blocking 0 IP's'. tried checking updates thru PG2, it said none available, blocklists up to date. so i then uninstalled PG2, rebooted and downloaded again, thinking i may have had the original file from a dodgy mirror. i used the official methlabs site & DL'd via university of kent, uk. installed again, updated blocklists (now blocking 849845734 IP's) and ran MS antispyware again which found the same file, NS Keylogger...

    ive quarantined it this time, every thing seems to be working ok, but a Keylogger!!?? how can this be in a program like PG2??!! i am very worried now, as i do my banking online etc. i dont know how long the keylogger had been in there.. Any help anyone? im lost as of what to do..
     
  2. p4_tt

    p4_tt Active member

    Joined:
    Feb 3, 2004
    Messages:
    2,201
    Likes Received:
    0
    Trophy Points:
    66
    I would just ignor it, i have a bit of anit sypware software that says it found a keylogger in my firewall folder which is a lot of rubbish seeing how when i remove it the whole firewall goes awol and when i uninstall just like you did then run it again it says the same about the same file, ad-aware does not pick it up nor does any of my other security apps, also remember MS's AntiSpyware is still beta (i think) so they still have a few bugs to sort out.
     
    Last edited: Apr 22, 2005
  3. BigPantz

    BigPantz Regular member

    Joined:
    Jun 11, 2013
    Messages:
    142
    Likes Received:
    0
    Trophy Points:
    26
    ok thanks for the advice. ill leave it in quarantine for now, everything seems to be working ok. ill change a few passwords to be on the safe side though. you never know do ya...
     
  4. ScubaBud

    ScubaBud Regular member

    Joined:
    Dec 29, 2004
    Messages:
    1,951
    Likes Received:
    0
    Trophy Points:
    46
    After reading this thread I downloaded MS's Beta program and got these results:

    [​IMG]

    I show clean without any problems but I also don't have PG2 installed. I would suggest going on MS's AntiSpyware site and inquire about this keylogger showing up within the program and see if it is supposed to be there. Maybe I'm too anal but I would not like it if it was on my PC!

    Also found this link about PG2 and some setup changes so I'll post it here but I have no knowledge about this program and I'm not suggesting any changes to it, just wanted to pass it along incase it makes sense to anyone else that does use it.

    http://www.methlabs.org/forums/showthread.php?t=6198
     
    Last edited: Apr 23, 2005
  5. Xian

    Xian Regular member

    Joined:
    Jun 27, 2003
    Messages:
    954
    Likes Received:
    0
    Trophy Points:
    26
    It also depends on where you got your software from. I am not familiar with Peerguardian, but if you are getting it from somewhere instead of off of the company website, it would be a simple matter for someone to insert a keylogger or trojan. Also check if they have an MD5 hash and compare that to what you have downloaded. That will tell you if it has been tampered with.

    On the other hand, it could be a false positive. Virus scanners and spyware scan for certain signatures in files, a series of bytes. It is possible that something else is causing it.

    If you do have a keylogger installed, changing passwords will not help since every keystroke you type is being logged so any new password will be known.
     
  6. BigPantz

    BigPantz Regular member

    Joined:
    Jun 11, 2013
    Messages:
    142
    Likes Received:
    0
    Trophy Points:
    26
    Okay, panic over. thanks for all your help people, but i updated PG2 yesterday through Methlabs' site and read a few of the recent comments on their forum. It seems it was MS antispyware picking up the uninstall file of PG2 as a keylogger. apparentley it was doing the same with SpywareBlaster for some people. Microsoft have corrected this with the latest update. downloaded latest versions of both, ran a spyware scan, keylogger gone!

    Once again, thanks all for your help :)
     
  7. thugs121

    thugs121 Regular member

    Joined:
    Aug 3, 2004
    Messages:
    460
    Likes Received:
    0
    Trophy Points:
    26
    Since it's open source, some sites have repackaged PG2 with spyware and adware. It's been known for openwares.org repackaging PG2 with crap....

    Download it from the official site and you should have no problems:

    http://methlabs.org/projects/peerguardian-2-windows/
     

Share This Page