Adware = Keylogging?

DylanO · 02-04-2007, 05:00 PM

Well, I just recently bought something online, and then 1 - 2 minutes later it said Malware found ( adware.drivercleaner06.exe something like that ). And I'm really concerned if this is adware can track my Credit Card.

So any help, My info I know so far is It's Adware.

So I'm wondering if this adware is like a keylogger or etc.

Thanks :)

ejames82 · 02-04-2007, 09:44 PM

i suggest at least a couple of things:
1. post a hijackthis to be reviewed by the experts here.
2. get the exact name of the malware and do a google search.

Ed James

Cricket57 · 02-05-2007, 03:13 AM

The filename you mention immediately points toward an infection known as "Drive Cleaner". This is yet another one of these "fake" security programs that state they are able to clean a supposedly infected PC, when in fact they will instead fill your machine with malware. Here's some info on this infection which states it is capable of the following:

"Creates multiple copies of the Malicious infection on your PC. Creates registry run keys to ensure it is restarted every time you boot your PC. Installs other malicious programs. Examines which processes are running on your PC allowing it to explore vulnerabilities in Windows and your antivirus and anti-spyware products. Modifies the HostsFile which could stop your antivirus or anti-spyware protection or put your personal information at risk. Connects with 3rd party computer systems and forwards data via the internet. Modifies The Windows System Restore Area. Hijacks other processes."

From here:
http://virusinfo.prevx.com/viruscent...GRP=4871600019

No keylogging capabilities by the sound of it, but I guess it's still best practise to change any passwords, etc?

DylanO · 02-05-2007, 10:13 PM

Thanks Cricket I got it removed.

Is there anyone who knows more information about these adwares?

Adware.Drivecleaner
Adware.Trymedia
Adware.WinFixer

I scanned for malware traces ( AVG Anti-Spyware 7.5 ) 2 times before i typed the credit card in, and it said nothing found. And I'm running Zone Alarm PRO so wouldn't it ask to record/etc?

I really want to know this info if this adware can record keystrokes etc.

Cricket57 · 02-06-2007, 02:56 AM

The DriverCleaner and TryMedia infections don't have keylogging capabilities (as far as I'm aware), BUT WinFixer supposedly does:

"Opens and scans your email address book . Has a keylogger that can spy on and log keystrokes without your knowldege or permission. Modifies Internet Browser Settings:(HomePage,Search,Toolbar). Changes file type execution and program maps. Creates multiple copies of the Adware infection on your PC. Creates registry run keys to ensure it is restarted every time you boot your PC. Installs other malicious programs. Examines which processes are running on your PC allowing it to explore vulnerabilities in Windows and your antivirus and anti-spyware products. Connects with 3rd party computer systems and forwards data via the internet. Modifies The Windows System Restore Area. Hijacks other processes."

From here:
http://virusinfo.prevx.com/viruscent...GRP=4745300015

Now the infections have been removed you should immediately change any online passwords (especially any online banking sites, etc).

DylanO · 02-06-2007, 03:41 PM

But it creates registry to log or boot.

So I scanned a couple times before I entered something and it said nothing found though.. :/..

Should I call up the Credit card company and ask for a new credit card *sigh*..

Thanks for his help cricket.

02-04-2007, 05:00 PM	#1 (permalink)
DylanO Registered User Join Date: Feb 2007 Location: 127.0.0.1:1000 Posts: 94 OS: Windows XP Professional My System	Adware = Keylogging? Well, I just recently bought something online, and then 1 - 2 minutes later it said Malware found ( adware.drivercleaner06.exe something like that ). And I'm really concerned if this is adware can track my Credit Card. So any help, My info I know so far is It's Adware. So I'm wondering if this adware is like a keylogger or etc. Thanks :)

02-06-2007, 03:41 PM	#6 (permalink)
DylanO Registered User Join Date: Feb 2007 Location: 127.0.0.1:1000 Posts: 94 OS: Windows XP Professional My System	But it creates registry to log or boot. So I scanned a couple times before I entered something and it said nothing found though.. :/.. Should I call up the Credit card company and ask for a new credit card sigh.. Thanks for his help cricket. Last edited by DylanO; 02-06-2007 at 03:49 PM.

02-04-2007, 09:44 PM	#2 (permalink)
ejames82 Registered User Join Date: Oct 2006 Posts: 396 OS: XP	i suggest at least a couple of things: 1. post a hijackthis to be reviewed by the experts here. 2. get the exact name of the malware and do a google search. Ed James

02-05-2007, 03:13 AM	#3 (permalink)
Cricket57 Registered User Join Date: May 2006 Posts: 19 OS: Win XP	The filename you mention immediately points toward an infection known as "Drive Cleaner". This is yet another one of these "fake" security programs that state they are able to clean a supposedly infected PC, when in fact they will instead fill your machine with malware. Here's some info on this infection which states it is capable of the following: "Creates multiple copies of the Malicious infection on your PC. Creates registry run keys to ensure it is restarted every time you boot your PC. Installs other malicious programs. Examines which processes are running on your PC allowing it to explore vulnerabilities in Windows and your antivirus and anti-spyware products. Modifies the HostsFile which could stop your antivirus or anti-spyware protection or put your personal information at risk. Connects with 3rd party computer systems and forwards data via the internet. Modifies The Windows System Restore Area. Hijacks other processes." From here: http://virusinfo.prevx.com/viruscent...GRP=4871600019 No keylogging capabilities by the sound of it, but I guess it's still best practise to change any passwords, etc?

02-05-2007, 10:13 PM	#4 (permalink)
DylanO Registered User Join Date: Feb 2007 Location: 127.0.0.1:1000 Posts: 94 OS: Windows XP Professional My System	Thanks Cricket I got it removed. Is there anyone who knows more information about these adwares? Adware.Drivecleaner Adware.Trymedia Adware.WinFixer I scanned for malware traces ( AVG Anti-Spyware 7.5 ) 2 times before i typed the credit card in, and it said nothing found. And I'm running Zone Alarm PRO so wouldn't it ask to record/etc? I really want to know this info if this adware can record keystrokes etc.

02-06-2007, 02:56 AM	#5 (permalink)
Cricket57 Registered User Join Date: May 2006 Posts: 19 OS: Win XP	The DriverCleaner and TryMedia infections don't have keylogging capabilities (as far as I'm aware), BUT WinFixer supposedly does: "Opens and scans your email address book . Has a keylogger that can spy on and log keystrokes without your knowldege or permission. Modifies Internet Browser Settings:(HomePage,Search,Toolbar). Changes file type execution and program maps. Creates multiple copies of the Adware infection on your PC. Creates registry run keys to ensure it is restarted every time you boot your PC. Installs other malicious programs. Examines which processes are running on your PC allowing it to explore vulnerabilities in Windows and your antivirus and anti-spyware products. Connects with 3rd party computer systems and forwards data via the internet. Modifies The Windows System Restore Area. Hijacks other processes." From here: http://virusinfo.prevx.com/viruscent...GRP=4745300015 Now the infections have been removed you should immediately change any online passwords (especially any online banking sites, etc).