Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot get rid of keylogger


  • Please log in to reply
7 replies to this topic

#1 Im_John

Im_John

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 30 July 2014 - 10:46 PM

I recently Discovered that i had a keylogger because i had to logout and log in to an alt email.
I was making a new email to make another steam account when the steam accounts password and the new email i made both had their passwords changed, i was fighting the keylogger in a constant password change battle until i started doing scans with: Malwarebytes, Superantispyware, Avast, and Ms security essentials. Non of them found this bleeper.
This virus has me in a head-lock and i am bleeped,
Please help.


Edited by Im_John, 30 July 2014 - 11:19 PM.
moved from Malware Removal Logs to Am I Infected because there are no logs


BC AdBot (Login to Remove)

 


#2 Man_1n_Black

Man_1n_Black

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:03:26 PM

Posted 30 July 2014 - 11:43 PM

Have you tried booting into 'Safe Mode' and scanning there? 'Safe Mode' often negates any active infections so you can safely remove them. Only after you have cleaned the infection can you change your steam passwords and be confident they wont get changed again for you.

Also if you are up to it make a bootable cd such as UDCD4WIN and run some scans from there, i find it very helpful to boot from a cd and scan my local hard drive whilst its not active, hence neither is any runaway infection.

Have you checked out the virus removal guides available here

 

http://www.bleepingcomputer.com/virus-removal/


Regards,
Phil
Linux user     |     #564977


#3 Im_John

Im_John
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 31 July 2014 - 12:38 AM

I have not tried booting in safe mode yet.

I am afraid to log out of my Steam account because he has totally stolen the email for my alt (steam account). I cannot get that email back, he has changed the security questions and set new phone numbers for it (I didn't put my own in like an idiot).

He might of taken my Alt steam account thinking it has all my games when really they are only family shared games (Btw there is over 800 dollars worth of games on my steam).

But i am not logging out of my main steam account so he cannot change or modify it, until the solution is fixed.

Those guides would be extremely useful if i knew what i was fighting.

 

I don't think i can trust anymore anti-virus or removal guides, hence i already tried 4.

Any tips on wiping my hard drive?



#4 Man_1n_Black

Man_1n_Black

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:03:26 PM

Posted 31 July 2014 - 02:16 AM

"Any tips on wiping my hard drive?"

 

Sure plenty but they would all involve logging out of steam, and windows altogether, you can simply reinstall windows either by disc

 

http://windows.microsoft.com/en-au/windows/installing-reinstalling-windows#1TC=windows-7

 

or by the hidden restore partition on most laptops. These are usually kick started by a function key at boot time, ie F12 or something similar ( differs  between laptop manufacturers )

 

or you could use a tool like 'boot n nuke', again this involves booting from disc so unless you can get some help from steam support . . .

 

The only other thing i can think of is to get to a friends place and log into your main steam account there, once in change your password and security questions, then you could return home and nuke everything :) hth


Edited by Man_1n_Black, 31 July 2014 - 02:21 AM.

Regards,
Phil
Linux user     |     #564977


#5 Im_John

Im_John
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 31 July 2014 - 08:47 AM

Okay, so heres what went down last night, I was uploading files i wanted to keep onto dropbox when chrome literally froze. Then like my whole computer started to freeze up and i couldn't even ctrl-alt-del, i tried to open task manager but it wouldn't open. My display went black and i could only see my mouse on the screen (I was extremely scared at this point) so i turned off my computer.

I am so damn lucky he thought my alt account was my main because it had 100 games on it (but those were all family shared games, so in other words i disabled that family share account from my main and theres not a cent left in there for him to have).

The virus doesn't work in safemode (for all i know) but i am going to change my passwords in safemode, upload anything i want to keep to dropbox and then wipe my HD.

I built this computer and i still have the windows disc so, i am going to use boot n nuke and send his virus to memory hell.

I barely escaped this attack because the guy wasn't smart enough to take my main steam account.



#6 Man_1n_Black

Man_1n_Black

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:03:26 PM

Posted 31 July 2014 - 04:02 PM

Wow that sounds like a very lucky escape. It just goes to show what can be acheived by a person with malicious intent and something simple like a keylogger ( that by the sound of it has some other payloads attached to it ). Im really pleased with the outcome here, and i guess, the lessons learned. Places like steam offer *all* of these security features for a good reason, its in *all* of our best interests to use them as wisely as we can.

Happy Computing!


Regards,
Phil
Linux user     |     #564977


#7 Im_John

Im_John
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 01 August 2014 - 12:02 AM

Well i've learned a good lesson, good thing the hacker got nothing from me (Good will prevail).

Thanks for the help, I'm just going to be re installing all my drivers now.

Best of luck to everyone.



#8 Man_1n_Black

Man_1n_Black

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:03:26 PM

Posted 01 August 2014 - 12:21 AM

Glad to be of service and best of luck to you john :killcomp:


Regards,
Phil
Linux user     |     #564977





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users