Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

keylogger question


  • Please log in to reply
7 replies to this topic

#1 zacreb

zacreb

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:08 AM

Posted 16 August 2010 - 12:50 PM

hi all,
only found your site the other while trying to find solutions to my problem,good forum btw,hope you can help me, here goes,
i have 2 laptops and 1 pc an my house,
i must have or had a keylogger on 1 of them because my world of warcraft online game has been compromised twice in 2 days.i only play wow on the laptop ,so i did a factory image restore to get of the possible keylogger but the next day i was hacked again, so my question is ,,
if one of the other computers that havnt been formatted has a keylogger on them can it read information on the laptop that has been restored.
apologies if this is a laughable question but i cant see any other way i was hacked after doing a factory image restore which the technical dept at Dell says is as good a as format.
hope this makes some kind of sense to you .
thanks for reading

BC AdBot (Login to Remove)

 


#2 MichaelB51026

MichaelB51026

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Location:USA
  • Local time:03:08 AM

Posted 17 August 2010 - 02:53 AM

Hi zacreb,

try not to use one of them to test for a couple of days, then switch to another one.
God helps those who help themselves.

#3 buddy215

buddy215

  • Moderator
  • 13,518 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:08 AM

Posted 17 August 2010 - 07:50 AM

You might pick up some tips from the link below on how to avoid the problem.
http://www.ehow.com/how_5240267_protect-wo...ft-account.html

Also, make sure you have all of the latest security updates for all of your programs as well as Windows.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 zacreb

zacreb
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:08 AM

Posted 17 August 2010 - 10:58 AM

thanks for replying both.
i have ordered an authenticator but i didnt want to log on to game and lose all everything again while waiting for it.i have ran a super antivus ,spybot search and destroy,malware antimalware,and ran a hijack this programs on all 3,they are all showing clear now but 1 of the comps had a trojan agent /gen nullo(micro) and a trojan agent /gen nullo(short) on 1 comp but thats gone now(im presuning this was the reason for being hacked but dont know).i just wernt sure if the keylogger could perhaps log keys from a different computer on the same network,but i suppose not.so hopefully im clean

#5 buddy215

buddy215

  • Moderator
  • 13,518 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:08 AM

Posted 17 August 2010 - 02:34 PM

Those trojans can be difficult as I have seen on the web. They may reinstall.
I would suggest you keep running scans with MBAM or SAS for a few days.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,718 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:08 AM

Posted 17 August 2010 - 03:17 PM

Typically keyloggers are not network worms, which means they will not connect to another computer on the network and infect it. It could be a removable media worm, though, which means if you used an infected USB key or removable device on the laptop, it could reinfect. Do you know if you did this?

#7 zacreb

zacreb
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:08 AM

Posted 17 August 2010 - 04:13 PM

i do use a memory stick (or rather the kids do) to swap info ,usually word or excell docs that they use for homework,i suppose they could have downloaded something dodgy while downloading pictures etc.i will delete all files on stick just in case thanks.

#8 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,718 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:08 AM

Posted 17 August 2010 - 04:29 PM

You can try this to clean your stick if its infected:

Download and Run FlashDisinfector

You may have a flash drive infection. These worms travel through your portable drives. If they have been connected to other machines, they may now be infected.
  • Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
    Note: Some security programs will flag Flash_Disinfector as being some sort of malware, you can safely ignore these warnings
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder. It will help protect your drives from future infection.[/quote]

Anti-Malware programs flag Flash Disinfector as being infected because of in which the way it runs.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users