Tech Support banner

Status
Not open for further replies.
1 - 4 of 4 Posts

·
Registered
Joined
·
2 Posts
Discussion Starter #1
OK, Keyblo.exe seems to be a part of the default Madden NFL 06 installation, although Zonealrm Pro v6.xx reports its behavior as "suspicious", since it monitors keyboard presses and mouse movements.

It is located inside the Madden files "Program Files" folder (or wherever you installed it, in my case C:/Games.)

When right-clicking and viewing Properties, there is no Version tab, only "General", and "Compatibility".

It gives no useful information really, it is 86,016 bytes in size; Created 10/19/2005 (tomorrow!), last accessed 5/22/05 (before it was created :sayno: ) and was last accessed 10/18/05 (today, but before it was created? I did play Madden last night after midnight, so this is prolly accurate.)

I'm assuming this is a legit application, a part of Madden 06, but I'd certainly like some input. Could this have been 'snuck' onto my machine somehow, or is it a 'suspicious', but valid and innocuous part of the Madden installation?

Thanks in advance.

punchy
 

·
TSF Security Manager, Emeritus
Joined
·
52,197 Posts
If the file is still present on your computer, you can do this:

Go to the Jotti's malware scan page and use the buttons at the top of the page to browse to this file(s) on your hard drive to submit for a scan.

Report the results here.

If it's been deleted, as you first said, then all we can do is run some scans and see if other malware is present.

The little I have seen on this file agrees with what you've just said about it.

If you want us to look further into your system, begin here:

Please download HijackThis http://www.greyknight17.com/spy/HijackThis.exe - this program will help us determine if there are any spyware/malware on your computer. Create a folder at C:\HJT and move HijackThis.exe there. Double click on the program to run it.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Post the hijackthis.log file here. Do not fix anything in HijackThis since they may be harmless.

Otherwise, advise us so we can mark this as resolved, please.
 

·
Registered
Joined
·
2 Posts
Discussion Starter #3
I only had time to run Jotti Scan this morning before I had to leave for a doctors appointment, will do this rest this afternoon.

Jotti shows clean. Output follows:

Jotti's malware scan 2.99-TRANSITION_TO_3.00

File to upload & scan:
Service
Service load: 0% 100%

File: keyblo.exe
Status: OK
MD5 73340ef979424d70b37843ee9445770a
Packers detected: -
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing

-----------------------
:ponder: So far so good. Will report back later today with Hijackthis log.

Punchy

PS: BTW, the reason I still have the file is that I'm not the same person who originally posted, I just sort of hijacked his thread, since Zonealarm reported the file as suspicious, and it concerned me (understatement) and this seemed an appropriate place to post. *I* do still have the file. :sayyes:

Thanks again for your incredibly quick reply. :grin:
 
1 - 4 of 4 Posts
Status
Not open for further replies.
Top