"virtual memory low" message appeared on my computer earllier

:hi:

I do not mean to frighten people, but this happened to me earlier. It was found in a CounterSpy scan after noting that my computer was acting very odd.

Someone is trasmitting it unknowingly to people online and it here is more about it:

Threat: Invisible Keylogger

Alias:

Threat type: Commercial Key Logger -

Advice: Remove

Threat risk: High Risk
High risk threats are typically installed without user interaction through security exploits, and can severely compromise system security. Such threats may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install additional malware. These threats may also collect and transmit personally identifiable information (PII) without your consent and severely degrade the performance and stability of your computer.

Author: SpyPatrol Surveillance

Author URL: spysoftware.com

Author description: "Invisible keylogger is a superior stealth surveillance application that is completely undetectable. During monitoring sessions Invisible Keylogger can be customized to be completely invisible and cannot be seen in the task manager, programs files menu, system tray or uninstall list. With Invisible Keylogger running all information will be captured in complete stealth mode! Record all keystrok (sic)

************

My computer suddenly was running really strange earlier and this "virtual memory low" message appeared on the task bar. I closed out all programs. I then cleared the cache and ran a CounterSpy scan on it and this turned up a high risk threat.

I strongly suspect I picked it up on this site but I am not absolutely certain of it.

Beware in any event. It is being transmitted unknowingly by some remote computer out there.

CAV

:dem:

if you have done online shopping! I this is a keylogger, it has recorded EVERYTHING you have typed!

It happened this afternoon and no, I haven't typed in anything personal.

Luckily I stopped right away and ran CounterSpy on it and it caught it.

Many people would not have though.

That is why I am posting this information.

just so you know, no the site itself. The exploits I know that could be used on DU would come from images embedded from other sites in DU posts, but this seems unlikely, unless you are using an old browser. I recommend downloading the latest version of mozilla firefox.

wrong post.

Either an email you opened or if you are married or have a significant other, they don't trust you and installed it themselves.

and there was only one email today - a bill from AT&T in fact. :grr:

Now I really do wonder!

How do you know you just got infected with it today? Also, there are some sites that may have malicious code in them as well, so check your surfing habits today. (and no, still wouldn't be from here).

Keyloggers are installed either by spouses or some schmuck online that wants to steal your internet password so they can spam from your account, or more often to steal your credit card information.

and sometimes twice a day ...

Thanx!

Running PC Cillin and SpywareBlaster already.

Be interesting to get a 3rd opinion though.

I ran a trial several months ago and it found a very bad Trojan on this same computer - also high risk.

After that, I purchased the program as Ad-Aware did not pick it up (not this latest one either). It can take a long time to run this program - as long as a couple of hours,

Make sure to delete the program if you aren't going to buy it because it will try to check for updates and it cannot. I think that it is free for 15 days.

When it appeared I had the radio on and had a game running.

and I had the DU going too - I had surfed to some of the links posted though - ?

Anyway, I shut all programs down at once and ran the scan and got rid of it.

But yes, I believe I got it here alright. :(

Unless Skinner has decided to put malicious code on his site to screw you over, you didn't get it from here.

I would highly recommend you edit your posts to delete that completely false inclination. It's the right thing to do, and it would be a complete disservice to DU to leave that misleading information out there.

The more this worms its way through my head, the more irritated it makes me.

I often suspect that my cat hides my socks. Doesn't mean I have any evidence for it, and it really just means I have no clue what I did with them and turn to the first thing that strikes me. Sheesh.

It's the washer or drier. I have the same problem, but no cat. It has to be the washer or drier.

What the hell is that about?

If it is a key logger, the most likely origin is a crack attack, not DU. Possibly somebody cracked your system with the Windows equivalent of a "root kit" and installed the key logger.

If you are foolish enough to be using M$ Outlook or M$ Internet Explorer, that could be a problem. I suggest that you switch to Firefox and a non-M$ e-mail client.

Just speculating here, but Windows is horribly insecure. One has to be very, very careful.

I'm a bit suspicious now, actually, of what that means.

CounterSpy, at least originally, was software based on Microsoft's own AntiSpyware engine, which is somewhat infamous for detecting spyware or other so-called malicious programs that aren't really, e.g. if you're not careful with it (MS's version) can delete files necessary to the function of Firefox, which it detects as dangerous.

I know next to nothing about this particular program. That tidbit just turned up in a search for it in one of the very few independent reviews I could find. (Most "reviews" and advertisements were from websites that were variations on SunBelt Software's (the publisher) own domain.) So, I'm not saying there is anything specifically wrong with it, just noting that a lot of commercial anti-spyware suites sometimes have interesting definitions of what is and is not spyware.

Just installed by someone else in the house or inadvertantly by the OP.

I think that's doubtful. As I understand it, this is the result of a Trojan of some sort, likely picked up from downloading some sort of file. If you use any sort of filesharing program, that may be the culprit. Email attachments are another possibility.

My advice FWIW is to get and run AdAware and Spybot, if you don't already have them. Either or both should help identify the specific Trojan.

Good luck.

It makes me ill! :puke:

:shivers:

Promise.

You're a sick puppy, but good job! :)

You did not get it on this site, if by that you mean DU, which is all I can assume given what you've offered here. A healthy state of paranoia is one thing, but, well ... pardon my flippancy, but some things just go too far.

Okay, so you had some spyware. There are about ten bagillion ways to get it, but you're not gonna get it on DU.

The "virtual memory low" message probably meant, more than anything, that you have a fairly low amount of memory and are running too much stuff for it. So, Windows detected that the "swap file" was getting full, told you about it, and increased its size. The spyware could have been the culprit, but maybe not. Keyloggers don't actually take up that much in the way of resources.

How you got a keylogger should be a cause for concern. The two most common ways of having one installed is via an e-mail attachment or someone else with access to your computer who wants to spy on you doing so.

and that I suspected here but was not sure.

Just warning people, that is all. I was clicking on links as I mentioned before - that may have been where it came from, I do not know.

...and you led with that. You have no evidence of it, at all, nothing that should lead you even to mildly suspect it, much less announce that you "strongly" suspect it.

You're just making people paranoid for no good reason, that's all.

Sorry for the harshness of my tone, but this is irritating. I deal with this sort of thing on a daily basis, have people come to me a tell me they are "all but certain" my company caused their refrigerator to blow up despite the fact there's nothing my company does that in any way affects their refrigerator.

What you got is a serious problem, but you do yourself a disservice by not looking for the actual problem. In my personal experience, keyloggers, if not the result of opening an e-mail attachment one shouldn't have opened, are installed most often by inquisitive spouses, friends, or kids. You can also install stuff like this clicking "okay" to that nice, fancy java script dialog that you thought was just a link to enter a site. DU is clean as far as its code is concerned, and nothing suggest it has been hacked in any way. You should look elsewhere and truly try to find the source.

and I strongly suspect that that is how I got it by clicking on one of the links posted or surveys.

Come to think of it, I was trying to sign Leahy's letter and it wouldn't submit the information. I tried it again and again and it would not go through. Maybe that is when I picked it up. Figures.

:grr:

Or it could possibly mean you got it from a different site that someone linked to, not DU itself. I still wouldn't rule out having gotten it at some other time and it being activated by a certain event. Some of these things, for example, just sit there and don't appear to do anything until they detect you are submitting information via a form on a website, which it appears you were doing at the time you noticed it. They do this because information on forms tend to have personal info, sometimes including credit card info, that can be used maliciously.

Thus the reason I refuse to click links people post without a) offering a good indication, prefably with allowable quotes, from the site or b) trusting the person offering the link. I also tend to avoid embedded hyperlinks until I look to see what the link is.

FWIW, being logged-in to DU just means you have a cookie set that indicates you are logged in.

and devote some more memory to the tasks you give it. If your own computer tells you this .. it is fine. Let it adjust. If it is just someone trying to sell you something by using that as an "in". Exit their free trial. Ignore them. Close them. Same as you would a marketing call.

I just clean out the cache and restart the computer.

these days pentium chips take care of themselves don't they? Let it reorganize and fix itself. I don't clean out the cache as my computer got loaded with more and more graphics as I used it for 4 different major projects. I just let it reorganize itself. Then again - I actually know very little about computers.

Does your message say "virtual memory low, wait while computer adjusts?".

I have Xoft spy, adaware, spywareblaster, spybot and just dl and I'm running this proggie you talked about. I run my proggies every single day and they don't find crap.

:wow:

Some other DUer told me about it. My laptop was cranking and grinding when I was shutting down and I ran this program as a last resort hoping it might find something as Ad-Aware nor Spybot were coming up with anything nor was AVG anti virus.

So I ran this and it found this really bad Trojan and removed it. As I mentioned, I then bought the program and I run it every day and it takes a long time but it goes through the whole system and routes this stuff out.

I'll tell you, there sure is a lot of it and NO, Ad-Aware did not catch this one, CounterSpy did and it was a big one too. *eek*

I have a net nanny that's SUPPOSED to block that and get this 66 keyloggers.

Yeah, I'd buy it too if I was you. Ad-Aware just does not catch everything obviously. It is worth the $20. Oh, btw, I just got a note from someone else and CounterSpy found the same thing on their computer - chances of getting it are said to be 1%.

CAV

for weeks now. There's no noticable network traffic, yet there's an odd pause prior to loading every site that wasn't there before this started.

By blinking, I mean, as if there were a huge file transfer operation in progress. This problem occurs even if all PCs are physically disconnected from the router.

:wtf:

edited to add: I thought it was a 'bad router' issue; I've had this for a while now and it's acted strange in the past, but I can load pages and download files with ease, so what's the issue?

(I think I might need a new router.)

http://www.lingosupport.com/adapterts2_voip_phone.html

# WAN – The LED should be a steady green light or a blinking green light. When the WAN light is steady, it means that a cable is connected to the WAN port on the back of the adapter but the connection is not actively in use. When the WAN light blinks, it means the adapter is accessing your modem or router. The speed of the blinking changes depending on how much and how fast this is happening. When not using your phone or computer, the WAN light may be steady or it may blink; this is normal.