Jump to content

Recommended Posts

Please post the full, complete detection details. Post screenshot of Detected > Active threats.

With columns widened to show full detected and name and object and path/location details.

 

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or

png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.

Share this post


Link to post

Hi,

 

I got similar problem too. I copied part of the report on Proactive Defense here. Also in the detected threat, it shows it as "legal software that can be used criminals for damaging computer PDM.Keylogger", Type: Running Process, Name and Path: Kernel Mode memory patch with Medium severity. Please advise.

-------------------------------------------------------------------------------------------------------------------------------------------

4/18/2011 8:50:50 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/18/2011 8:54:50 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/18/2011 8:56:23 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/18/2011 8:57:34 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/18/2011 10:51:54 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/18/2011 10:51:59 AM Detected: PDM.Keylogger Driver file kernel mode memory patch Absent

4/18/2011 10:51:59 AM Detected: PDM.Keylogger Driver file kernel mode memory patch Action selected by user Absent

4/18/2011 10:55:50 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/18/2011 10:55:58 AM Detected: PDM.Keylogger Driver file kernel mode memory patch Absent

4/18/2011 10:55:58 AM Detected: PDM.Keylogger Driver file kernel mode memory patch Action selected by user Absent

4/18/2011 11:50:44 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/18/2011 11:51:49 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/18/2011 2:04:38 PM Task started Subsystem Proactive Defense Kaspersky PURE

4/18/2011 10:01:08 PM Task started Subsystem Proactive Defense Kaspersky PURE

4/20/2011 9:40:26 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/20/2011 10:48:07 PM Task started Subsystem Proactive Defense Kaspersky PURE

4/26/2011 9:10:22 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/26/2011 9:11:57 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/26/2011 9:12:04 AM Detected: PDM.Keylogger Driver file kernel mode memory patch Absent

4/26/2011 9:12:04 AM Detected: PDM.Keylogger Driver file kernel mode memory patch Action selected by user Absent

4/28/2011 9:05:48 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/29/2011 6:25:26 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/29/2011 6:38:28 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/29/2011 6:59:42 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/29/2011 7:02:04 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/29/2011 7:08:05 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/29/2011 10:06:05 AM Task started Subsystem Proactive Defense Kaspersky PURE

4/29/2011 10:07:28 AM Detected: PDM.Keylogger Driver file kernel mode memory patch Absent

4/29/2011 10:07:28 AM Detected: PDM.Keylogger Driver file kernel mode memory patch Action selected by user Absent

5/1/2011 10:13:43 PM Task started Subsystem Proactive Defense Kaspersky PURE

5/1/2011 10:15:02 PM Detected: PDM.Keylogger Driver file kernel mode memory patch Absent

5/1/2011 10:15:02 PM Detected: PDM.Keylogger Driver file kernel mode memory patch Action selected by user Absent

5/1/2011 10:37:25 PM Task started Subsystem Proactive Defense Kaspersky PURE

5/1/2011 10:42:07 PM Task started Subsystem Proactive Defense Kaspersky PURE

-----------------------------------------------------------------------------------------------------------------------------------------------------------

 

Thanks.

 

Arshia.

Share this post


Link to post
...Absent.
Welcome. Please right click the Absent detection and Add to exclusions.

Share this post


Link to post

Hi,

I've got the same problem with PDM. keylogger being detected.

 

Any help appreciated. Cheers.

 

03/05/2011 06:54:08 Anti-Spam Task started Kaspersky PURE Anti-Spam

03/05/2011 06:54:08 Firewall Task started Kaspersky PURE Firewall

03/05/2011 06:54:08 File Anti-Virus Task started Kaspersky PURE File Anti-Virus

03/05/2011 06:54:08 Application Control Task started Kaspersky PURE Application Control

03/05/2011 06:54:08 IM Anti-Virus Task started Kaspersky PURE IM Anti-Virus

03/05/2011 06:54:08 Proactive Defense Task started Kaspersky PURE Proactive Defense

03/05/2011 06:54:08 Network Attack Blocker Task started Kaspersky PURE Network Attack Blocker

03/05/2011 06:54:08 Mail Anti-Virus Task started Kaspersky PURE Mail Anti-Virus

03/05/2011 06:54:08 Web Anti-Virus Task started Kaspersky PURE Web Anti-Virus

03/05/2011 06:54:20 Proactive Defense Detected: PDM.Keylogger Absent Keylogger activity kernel mode memory patch

03/05/2011 06:54:21 Proactive Defense Detected: PDM.Keylogger Absent Keylogger activity kernel mode memory patch Action selected by user

03/05/2011 06:54:23 Protection Center Your computer is protected Kaspersky PURE

03/05/2011 06:55:36 Update Center Task started Kaspersky PURE Update Center

03/05/2011 06:56:44 Objects Scan Task started Kaspersky PURE Quick Scan

03/05/2011 06:57:05 Objects Scan Task completed Kaspersky PURE Quick Scan

03/05/2011 06:57:59 Application Control AntiSpyware Definition Update Application moved to group Trusted Signed by the digital signature of entrusted manufacturers

03/05/2011 06:58:01 Application Control Microsoft Antimalware Signature Redirector Application moved to group Trusted Signed by the digital signature of entrusted manufacturers

03/05/2011 07:20:58 Objects Scan Task started Kaspersky PURE Quick Scan

03/05/2011 07:21:30 Objects Scan Task completed Kaspersky PURE Quick Scan

03/05/2011 07:24:21 Objects Scan Task started Kaspersky PURE Rootkit Scan

03/05/2011 07:30:32 Objects Scan Task completed Kaspersky PURE Rootkit Scan

 

Share this post


Link to post
...Absent.
Welcome. Please right click the Absent detection that is located in All detected, and Add to exclusions.

Share this post


Link to post
Please post the full, complete detection details. Post screenshot of Detected > Active threats.

With columns widened to show full detected and name and object and path/location details.

 

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or

png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.

 

New Kaspersky user...still figuring things out. Got Keylogger notification I'm I supposed to do anything about it or is it an autofix? What causes it? took screen shot too big...

 

5/5/2011 3:40:24 AM Proactive Defense Detected: PDM.Keylogger Absent Keylogger activity kernel mode memory patch

Edited by Sunnyface

Share this post


Link to post

Welcome. Active threats > Save button > please attach the saved text.

 

Absent
If that is the Only item for kernel mode memory patch, then you can right click the detection and Add to exclusions. If you have a concrete file and/or other, please post relevant portion of the screenshot or the text.

Share this post


Link to post
Welcome. Active threats > Save button > please attach the saved text.

 

If that is the Only item for kernel mode memory patch, then you can right click the detection and Add to exclusions. If you have a concrete file and/or other, please post relevant portion of the screenshot or the text.

 

This is a screen shot....I cannot get PDF files to open from other applications either....I'm thinking that this is blocking it....

post-351383-1305415969_thumb.jpg

Share this post


Link to post

<repeat>Columns are not widened enough. I can't see the pertinent information.

 

Please post the full, complete detection details. Post screenshot of Detected > Active threats.

With columns widened to show full detected and name and object and path/location details.

 

Also, we need Active threats screenshot. The attached screenshot shows how to get there.

 

Also, you can hit the Save button and attach the saved text. </repeat>

Share this post


Link to post
<repeat>Columns are not widened enough. I can't see the pertinent information.

 

Please post the full, complete detection details. Post screenshot of Detected > Active threats.

With columns widened to show full detected and name and object and path/location details.

 

Also, we need Active threats screenshot. The attached screenshot shows how to get there.

 

Also, you can hit the Save button and attach the saved text. </repeat>

There is nothing there...Active threats is empty...

post-351383-1305419951_thumb.jpg

Edited by Sunnyface

Share this post


Link to post

That is a very good sign. :)

 

Object column and Reason widened, please, in your other screenshot if there are any additional concerns.

 

Application activity > please post screenshot of Restricted and Untrusted application groups. Attached screenshot shows how to get there:

Share this post


Link to post
That is a very good sign. :)

 

Object column and Reason widened, please, in your other screenshot if there are any additional concerns.

 

Application activity > please post screenshot of Restricted and Untrusted application groups. Attached screenshot shows how to get there:

 

Here is the obj and reason widened....

post-351383-1305421033_thumb.jpg

Share this post


Link to post

Those six items: If you know what they are, and you know that they came from the official source, right click them > Move to > Trusted applications group > OK all windows as you back out of the settings > reboot.

Share this post


Link to post

Hi. i just had the same problem. I've saved the report and this is what came up.

 

 

Status: Suspicious (events: 1)

16/06/2011 18:50:26 Suspicious legal software that can be used by criminals for damaging your computer or personal data PDM.Keylogger kernel mode memory patch Medium

 

 

please help as i am worried i won't be able to use my computer for any shopping or banking

kernel_16.6.11.txt

Edited by dude22

Share this post


Link to post

Thank you, that puts my mind at ease..........untill i accidentely clicked on a pop up yday and a trojan was found but it said it was denied access. Am i still safe?

 

Status: Infected (events: 1)

18/06/2011 20:49:21 Infected virus HEUR:Trojan.Script.Iframer xxp://www.ring4phones.co.uk/htmlfreeiphone

 

 

This comes under 'all' and not active threats, quarantined or neautralized.

 

Im not great with computers so i dont know if av deals with the problem itself or i have to do anything to it

 

edit: link disabled.

Edited by richbuff

Share this post


Link to post

That was detected on a website and blocked. It never made it to your PC. "Infected" refers to the blocked item, it does not refer to the PC. Main Kaspersky window is green, not red, and Detected > Active threats is empty, all is good. You can right click that detection and select Clear or remove or Delete from the list.

 

 

Share this post


Link to post

thank you :) i get very paranoid when it comes to interent n computer safety lol

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.