I just used M$ new antispyware program and it found zipdll.dll was infected with a commercial keylogger (Actmon). I have used Credit and debit cards on this PC. Should i be worried. I am on a comapany network behind firewalls. Could my data have been stolen? i have since installed zone alarm. Any info greatly appreciated!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Commercial keylogger found!
- Thread starter jaydeebe
- Start date
erikhertzel
MIS
Have you ever used 'Mooseoft Encrypter'? I notice that it has this file associated with it.
There is very little chance if you have a firewall in front of your PC on a company network that the keylogger would generate data to someone, but it's always possible. ZA may help, but getting rid of the Adware is not allowing it to function may also work. So, you do the best you can to prevent it now with deleting the Spyware with the tools available.
Keep in mind that this may be a false positive. See sentence 1...
But all in all, I would not worry in my opinion.
Erik
There is very little chance if you have a firewall in front of your PC on a company network that the keylogger would generate data to someone, but it's always possible. ZA may help, but getting rid of the Adware is not allowing it to function may also work. So, you do the best you can to prevent it now with deleting the Spyware with the tools available.
Keep in mind that this may be a false positive. See sentence 1...
But all in all, I would not worry in my opinion.
Erik
MichealC4
Programmer
- Jun 26, 2003
- 457
Indeed, I have heard numerous reports of false positives using the Microsoft Antispyware Beta. So I'd get a second or even third opinion before going down the keylogger road. 
And I second Erik.
----------------------------
"Will work for bandwidth" - Thinkgeek T-shirt
And I second Erik.
----------------------------
"Will work for bandwidth" - Thinkgeek T-shirt
MasterRacker
New member
Being on a corporate network, is it possible your employer is monitoring you / everyone / randomly selected employees?
Jeff
The future is already here - it's just not widely distributed yet...
Jeff
The future is already here - it's just not widely distributed yet...
- Thread starter
- #5
OK it could be miss reported but it's odd that it came up with a name of a specific piece of software. In my experience when these antispyware programs get it wrong they just indentify files that could be spyware but they are never that specific.
I've never used mooseoft encrypter (not even sure what it is!)
I think my boss is spying on me!
I've already deleted the file so i can't recheck it with spybot or anything now. For the future though - Does anyone know if these things can be traced back to where they came from.
I've never used mooseoft encrypter (not even sure what it is!)
I think my boss is spying on me!
I've already deleted the file so i can't recheck it with spybot or anything now. For the future though - Does anyone know if these things can be traced back to where they came from.
Zipddl.dll is a file compression engine produced by the infozip group, I have used a varant part of a Delphi language componet called DelZip, in one of my applications.
It is also presnt in a SpyBotSD installation.
As far as I know there is no spyware present in this library by default.
Steve
Ive not been well!
It is also presnt in a SpyBotSD installation.
As far as I know there is no spyware present in this library by default.
Steve
Ive not been well!
- Thread starter
- #7
yes i did a bit of checking and the file was part of a shareware network monitoring program that i installed from zdnet.
So i can think of three possibilities.
1.A malicious programmer is using this program to distribute the keylogger.
2.M$ antispy is misreporting
3.My boss is spying on me!
Based on my past experiences, i'd go for number 2, especially as it's a beta program!
Thanks for your replies people.
So i can think of three possibilities.
1.A malicious programmer is using this program to distribute the keylogger.
2.M$ antispy is misreporting
3.My boss is spying on me!
Based on my past experiences, i'd go for number 2, especially as it's a beta program!
Thanks for your replies people.
Must have missed this one jaydeebe - glad to hear you resolved it. I've had experience of M$oft AntiSpyware (when Giant) misreporting an internal application that I developed as a keylogger (specifically the uninstall file).
TazUk
![[pc]](/data/assets/smilies/pc.gif "[pc] [pc]")
Blue-screening PCs since 1998
TazUk
Blue-screening PCs since 1998- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question