Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

keylogger?


  • This topic is locked This topic is locked
8 replies to this topic

#1 encin

encin

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 27 June 2009 - 02:09 AM

Hi, i am suspecting keyloggers in my computer. how do i verify if i have them and get rid of them? thank you

BC AdBot (Login to Remove)

 


m

#2 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:24 PM

Posted 27 June 2009 - 02:22 AM

Why do you think that?

Have you ran any malware scans?

#3 encin

encin
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 27 June 2009 - 02:29 AM

i did not run any malware scans

i have a good reason to think that i have keyloggers or something similar in my computer.

#4 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:24 PM

Posted 27 June 2009 - 02:35 AM

I would start by running a quick scan with Malwarebytes and posting the results in your next post.

You should be able to download it from Malwarebytes.org or use one of the alternate links in post number two in the thread at this site here...

http://www.bleepingcomputer.com/forums/t/235567/infected-with-personal-antivirus/

#5 encin

encin
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 27 June 2009 - 02:45 AM

here is the result of quick scan, it found one thing and i asked it to remove it. i will perform full scan now?


Malwarebytes' Anti-Malware 1.38
Database version: 2340
Windows 6.0.6000

6/27/2009 12:40:45 AM
mbam-log-2009-06-27 (00-40-45).txt

Scan type: Quick Scan
Objects scanned: 73907
Time elapsed: 3 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:24 PM

Posted 27 June 2009 - 02:55 AM

Before running a full scan, I would run a quick scan with SuperAntiSpyware which can obtained for free from...

SuperAntiSpyware.com

Before scanning I would uncheck the box to scan for tracking cookies, but that is just me, it isn't really necessary. If you don't uncheck that box, do not worry about anything it finds that says tracking cookie. Post the results from that next.

Even a quick scan with that one can take quite a while though.

#7 encin

encin
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 27 June 2009 - 09:23 AM

quick scan from SuperAntiSpyware did not come back with any findings and Malwarebytes full scan also did not find anything

#8 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:24 PM

Posted 28 June 2009 - 02:08 AM

If you had a keylogger I would think one of those programs would have found it.

The one thing that Malwarebytes found is not related to a keylogger.

I could be wrong about this, but I believe Vista comes with that setting set that way by default. Also, Malwarebytes was giving a false positive for this for a while in Vista and even on other operating sytems it isn't actually a finding of Malware. Malware can change that setting but since no malware was found, it is doubtful that Malware caused that setting. The only thing that concerns me a little bit about that is Malwarebytes was suppose to have excluded this in their definitions a while back, so since it picked it up now, I am kind of wondering why. In any case, I do not believe it is related to a keylogger.

#9 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,703 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:08:24 PM

Posted 28 June 2009 - 11:12 AM

To avoid confusion with the topic here: http://www.bleepingcomputer.com/forums/t/237210/passwords-getting-stolen-moved/ I am closing this topic. ~ OB
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users