Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Key logger. Goldun.mg


  • Please log in to reply

#1
sambuca

sambuca

    New Member

  • Member
  • Pip
  • 3 posts
My E-Gold got hacked.
I have Panda 2007 Antivirus, Ad-aware SE professional plus Ad-watch,
Registry Mehanic, Spy-Bot Search & Destroy. Zone Alarm Fire Wall.
And they found Nothing.

I run a scan with ewido anti-spyware scanner and it found this Keylogger.
Name: Logger.Goldun.mg
Path: C:\WINDOWS\system32\CsdDriver.sys
Risk: High

They Quarantined it , I then run another scan but it is back again.

Anybody know how I can get RID of it. Or a site that might have info
on Logger. Goldun.mg

Thank you, Ronnie
  • 0

Advertisements


#2
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Hi sambuca and Welcome to GeekstoGo!


Make sure you get HijackThis from Here



Download haxfix.exe
and save it to your desktop.
  • Double click on haxfix.exe to install haxfix. (standard installation path is c:\program Files\haxfix)
  • Checkmark "Create a desktop icon"
  • Click "Next"
  • When the installation is completed, make sure that the checkmark "Launch HaxFix" is placed
  • Click "Finish"
A red "dos window" (dos box) will open with options:
1. Make logfile
2. Run auto fix
3. Run manual fix
E. Exit Haxfix
  • Select option 1. Make logfile by typing 1 and then pressing Enter
  • Haxfix will start scanning the computer. When it is finished a logfile will open: haxlog.txt > (c:\haxfix.txt)
  • Copy the contents of that logfile and paste it into this thread.

  • 0

#3
sambuca

sambuca

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
HAXFIX logfile - by Marckie
______________
version 4.20.1
Mon 02/10/2006 12:10:49.54

checking for haxdoor
--------------------
checking for a3d files....
a3d files not found

checking for matching notify keys....
no matching notify keys found

checking for matching services....
no matching services found

checking for matching safeboot services....
no matching safeboot services found

checking for other haxdoorfiles....


Checking for goldun
-------------------

checking for SSODL keys....
no ssodl keys found

checking for notify keys....
no notify keys found

checking for services....
CsdDriver

checking for other goldunfiles....


Finished
  • 0

#4
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Option 2 autofix
  • Open this folder program files > haxfix and double click on fix.bat (or double click on fix.bat desktop icon)
  • Close all other open windows since this step requires a reboot
  • Select option 2. Run auto fix by typing 2 and then pressing Enter
If an infection is found, you'll get a message to close all other open windows.
  • Close all open windows except the red dos window from haxfix and then press Enter
  • The computer will reboot
  • After reboot a logfile will open > (c:\haxfix.txt)
  • Post the contents of that logfile along with a new HijackThis log.

If you need to install HijackThis,use the link below and go to step 5.
http://www.geekstogo..._Log-t2852.html
  • 0

#5
sambuca

sambuca

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Seems something done the trick, And got rid of it not sure whether it was
Ewido or HaxFix that removed it.

Thanks for your help, I will make a donation in a few days.

Ronnie
  • 0

#6
Wizard

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Could you post a Hijackthis log and the resulting log from Haxfix,please.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP