Author Topic: Malware or keylogger?  (Read 404 times)

0 Members and 1 Guest are viewing this topic.

Offline Smithhoover

  • Newbie
  • *
  • Posts: 1
Malware or keylogger?
« on: July 16, 2019, 11:04:52 PM »
Hello,

I just did an Avast scan on my MacBook.

I was concerned because the following Malware Player.dmg was detected, which had apparently been downloaded in May 2018 and had been sitting in my downloads folder since then. I don’t recall ever manually downloading this or clicking on the link, so it was dormant lying in my downloads folder.

My question is what “Other: Malware-gen trj” could mean for a Mac. I have since deleted this file after the scan finished, but I am worried that a keylogger has been installed - even though I don’t recall ever downloading this file. It was just sitting in my folder.

Any advice? I checked before Avast with Malware Bytes and it didn’t detect anything even though Avast did, so maybe it’s not malware or at least not a keylogger?

Thanks!

In my log, it said:

player.dmg - MacOS-Bundlore-AQ(Adw)
And under it

Player/.3551773240.png  - Other:Malware-gen(Trj)
Player/.DS_store MacOS:Agent-Fe(Adw)
Player/player_240.app/Contents/MacOS/edP7mrA MacOS-Bundlore-AQ(Adw)

I am running newest versions. Is this a keylogger?

Thank you!

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35971
Re: Malware or keylogger?
« Reply #1 on: July 17, 2019, 01:22:07 AM »
Quote
player.dmg - MacOS-Bundlore-AQ(Adw)
And under it

Player/.3551773240.png  - Other:Malware-gen(Trj)
Player/.DS_store MacOS:Agent-Fe(Adw)
Player/player_240.app/Contents/MacOS/edP7mrA MacOS-Bundlore-AQ(Adw)
Adw = Adware
Trj = Trojan (a deceptive program that is not what it say it is)

Other:Malware-gen = Generic detection > Security programs use generic detections that look for broad patterns of code or behavior to identify similar programs or files. .....  If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck.



What is macOS Bundlore?  >>  https://mackeeper.com/blog/post/610-macos-bundlore-adware-analysis





« Last Edit: July 17, 2019, 03:03:56 AM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.