cancel
Showing results for 
Search instead for 
Did you mean: 
bowfix
Level 7

Vulcan keylogger

Hello,

I was wondering if McAfee can clean the Vulcan keylogger.

Is here a thread about it?

Thanks.

Bow

0 Kudos
8 Replies
exbrit
Level 21

Re: Vulcan keylogger

There are a few mentions of Vulcan by name in McAfee Labs database:  http://www.mcafee.com/apps/search/threat.aspx?q=vulcan&v=malware and a couple of references in the forums:  https://community.mcafee.com/community/security/search.jspa?peopleEnabled=true&userID=&containerType... but from what I gather on Google Vulcan is genuine software albeit something that most malware defences would react to as it's a keylogger.

Message was edited by: Ex_Brit on 15/07/12 4:26:50 EDT PM
0 Kudos
bowfix
Level 7

Re: Vulcan keylogger

Thanks for your answer.

0 Kudos
Hayton
Level 18

Re: Vulcan keylogger

The Vulcan keylogger ought to be detected by McAfee (according to the person I asked) although I can't find an account of it in the Threats database. Perhaps it's a fairly recent arrival on the scene.

If you have it on your system and McAfee isn't detecting it, I suppose the checklist runs something like this :

- Make sure you've downloaded the latest McAfee DAT

- If it's still not detected run Stinger or GetSusp.  GetSusp might detect it but won't try to delete it (lots of false positives from this tool).

- If you have an executable file you can upload it to the Labs for checking (see here)

- Try running Malwarebytes, which might pick it up.

0 Kudos
bowfix
Level 7

Re: Vulcan keylogger

Thanks Hayton for your respons and feedback.

The strange thing is that the keylogger stoped reporting after I run McAfee.

However on the scan itself it did not report an detection neither an report of the removal itself.

AVG dedetected the ´not executed keylogger file' (sended to victems computer), but i am not sure if it dedected the executed keylogger file (after victem opened the keylogger file).

Well it's a fuzzy business.

Thanks for your help.

0 Kudos
Hayton
Level 18

Re: Vulcan keylogger

The mentions in the McAfee database may or may not refer to products from the website that is responsible for this keylogger. Vulcanbot is nothing to with this, it was specifically directed against targets in Vietnam.

but from what I gather on Google Vulcan is genuine software

I beg to differ. I've been to the site, and it's a hacker's supply centre. I've added reviews to WOT and SiteAdvisor, and requested the WOT community review that site's clean rating. Pity I can't do the same for SiteAdvisor.

Right now I can't say whether McAfee specifically detects this keylogger. There are no other threads on it in these forums.

If it's not detected on your machine, I'm wondering why you want to know if McAfee can detect and remove it. Has another AV program flagged it as malware, and if so which one?

0 Kudos
bowfix
Level 7

Re: Vulcan keylogger

It's indeed a hacker's supply centre like you mentioned.

The case is. A friend of my sended this keylogger to me for testing purpose.

And I know the computer is infected by the keylogger. I run McAfee, but McAfee could not trace and remove it. Even a deeper scan did not work.

I thought McAfee could also detect some malware.

I am surprised that a keylogger as Vulcan is not dedected, because it´s a quite known keylogger.

So that´s why i posted it on this form.

0 Kudos
Hayton
Level 18

Re: Vulcan keylogger

I'm not a McAfee technician, but I know someone who is. I will ask.

0 Kudos
bowfix
Level 7

Re: Vulcan keylogger

That would be great.

I am curious what the result is.

I am now running other malware scanners

0 Kudos