Monday, March 09, 2009

Windows XP Key Logger Worm

Felt really odd about the behaviour of my netbook when it comes to ejecting a memory card or a flash drive. Paranoid, surfed the internet as to what virus, trojan or malware would behave that way. Must have gotten whatever that is when I have some of my images printed in order to join the "Timeless Baguio" photo contest... or when I have the titles of the images in our exhibit printed.

With all that surfing, wasn't able to get near a solution except for having an autorun.inf in the memory card or the flash drive. My several testings proved that my notebook was already infected (I was hoping that it was only in the external media).

Should have checked first the logs/activities of McAfee! It was a Windows XP Key Logger Worm which puts the kbdrv16.com in the Startup. It also modifies the registry for lsass.exe and usb-hi.exe, and replaces the explorer.exe. Good thing McAfee blocked the update for the explorer.exe!

What I did? Performed a system restore from where my unit was still "healthy"...

Hmmm... I wonder if even for the special prize, I would win that photo contest...

0 Comments:

Post a Comment

<< Home