Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible keylogger


  • Please log in to reply
8 replies to this topic

#1 helpmeobiwan

helpmeobiwan

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 24 October 2014 - 11:51 PM

Hey guys, i think i may have a keylogger tailored to email password stealing. i recently booted up my computer after a 2 month hibernation of not using it. this was about 24 hours ago. i go gmail today and get a suscpicious login from some city in russia from google, today. now, yesterday after turning my computer on, fiddling around with it, i did send off an email to a couple people.  so if a key logger is installed on here, at some point it detected me logging into google (which i did have to put the password in) and tried logging in with it today from russia.

 

 

so how can i get rid of this? many thanks.

 

[edit] is there a program that will check my drives and show me any changes to the data? lets say for example i have upwards of 2tb of data in various forms, and would like to routinely check it, compare hashes or whatever and display any dertimental changes to the data...to make it more obvious if it's been corrupted, deleted, moved, etc etc? if this doesnt exist that'd be cool if it did!


Edited by hamluis, 29 October 2014 - 12:21 PM.
Moved from Win 7 to Am I Infected - Hamluis


BC AdBot (Login to Remove)

 


#2 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 25 October 2014 - 04:33 AM

Your email has probably been hacked. Changing your password should fix it.



#3 ElfBane

ElfBane

  • Members
  • 775 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:13 AM

Posted 25 October 2014 - 04:35 AM

See this ... http://www.ehow.com/how_5855091_detect-key-logger.html .

 

Software keyloggers can be detected by AV, anti-malware, and anti-spyware programs.

Super anti-spyware and MalwareBytes anti-malware can be found at the links below. Use the free versions.

 

http://download.cnet.com/SuperAntiSpyware-Free-Edition/3000-8022_4-10523889.html .

http://www.malwarebytes.org/antimalware/ .

 

Hardware keyloggers can be easy to find if mounted externally, difficult if mounted internally... you'll have to do a visual inspection.



#4 helpmeobiwan

helpmeobiwan
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 25 October 2014 - 02:20 PM

Thanks for the reply guys. I've pretty much run every bit of software from this site and found nothing, been monitoring my network using glasswire and havent found anything either. In regards to my email being hacked, the way I understand it is I either have to enter my password on a site that ISN'T google, or have a keylogger. As I am pretty diligent about making sure I am aware of what sites I'm on (url bar, https, proper URL in the first place, etc etc) I figured it'd be narrowed down to a keylogger installed on my system.

 

I have downloaded TB of niche software over the past year so perhaps I have a very rare or custom tailored keylogger that isn't recognized yet.



#5 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 25 October 2014 - 05:44 PM

Except if you've been hacked, nothing will be detected. You won't even know how it happened and it's a lot more common than a keylogger. That's why resetting your password is the first thing to do. If that works, problem solved. And then if it doesn't, we can look at something else. You try the simplest solution first.



#6 helpmeobiwan

helpmeobiwan
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 27 October 2014 - 12:08 AM

I will reset password today and keep you guys updated. Now, isn't it theoretically possible that the keylogger is logging everything I do and say now, or perhaps screenshot everything and the keylogger will also know I'm changing my password. For example, what if when I go to change my password and a few days down the road the new password is used to log in. Then where would I go from there?



#7 helpmeobiwan

helpmeobiwan
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 27 October 2014 - 12:48 AM

I found the IP the unauthorized login came from. It is 136.169.211.123. Is there anyway to find out if my computer is connecting to this IP and from what program. I'm going to assume thats rather pointless as my machine may not even be talking to the machine making the login to my google account, right?



#8 ElfBane

ElfBane

  • Members
  • 775 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:13 AM

Posted 27 October 2014 - 03:54 AM

You can try this key scrambler when you change passwords ... http://www.qfxsoftware.com/ .



#9 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:07:13 AM

Posted 27 October 2014 - 04:53 AM

I will reset password today and keep you guys updated. Now, isn't it theoretically possible that the keylogger is logging everything I do and say now, or perhaps screenshot everything and the keylogger will also know I'm changing my password. For example, what if when I go to change my password and a few days down the road the new password is used to log in. Then where would I go from there?

 

Theoretical but unlikely since you are assuming there is a keylogger and you don't really know. They aren't as smart as you think.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users