Getting rid of a Keylogger

Sleepwalker

I was browsing the WoW forum, and the quick and fast rule had always been if it ends in .jpg, and nothing else, it should be safe of keyloggers.

Well, not this time

So, Norton fails me, definitions updated and all, and anything that says it will detect a keylogger, probably is a keylogger itself. So, do any of you know a reliable way to get rid of a Keylogger? I trust you more than Google...

...a bit.

Tube

Now they know you're looking for a way.

Sleepwalker

Cardboard Tube wrote: »

Now they know you're looking for a way.

Awesome.

So, ehm, suggestions?

Trowizilla

I'm not computer-savvy really AT ALL, but my first step in problem-solving is usually to boot the computer up in Safe Mode and run your anti-virus scan. If you know the name of the keylogger, you could try to remove the execute file (I think?) from Safe Mode, too.

GiantRobo

Try running Adaware and Spybot in safemode, I've gotten rid of one that way before too. Also look through your program files and windows directories, you may be able to find stuff in there too. Also, if you know what you're doing try hijack this also as it may very well have files in your registry too.

Sleepwalker

Alright, awesome. I've always had Ad-Aware, but just went and downloaded the newest version.

Is it just hit and miss if you're sure you actually nail the exact keylogger? It's gonna be geared twoards gathering my WoW account password.

Doc

Also, how do you know it's a keylogger?

Sleepwalker

The forum post itself was filled with links to pictures, but when you clicked them, they link instead to WowWiki's homepage, the original url having no origin in WowWiki. The posts following were along the lines of "lol keylogger" "I bet this actually catches people. sadly" "The gold farmers are getting better"

It was in the wrong forum and had been popping up everywhere. I didn't know til reading farther down : /

At that, wait. Could Firefox mayhaps have blocked it? It didn't notify that it had blocked anything, though, so...

DrFrylock

Unless a browser exploit was employed or you actually downloaded and ran some executable program, you probably didn't get a keylogger. If simply clicking on a link could reliably cause you to get a keylogger infestation, there'd be a real big problem on the Internet.

And please no browser zealots going "lol good thing u weren't using IE lololol;" you can browse safely with IE as well as your hippie browsers.

Cryogen

Yeah, this reminds me of an old trick from Everquest. People made a thread saying they'd hacked your computer, and posted screenshots you had taken yourself by linking c:\program files\everquest\screenshot001.jpg 002.jpg etc etc. At first you'd be looking at the first pic like "haha i've been there, oh i've been there too, hmm wait a sec i've been there as well... wtf thats my friend in a place we always stand, omg i've been haxx0red!!!"

Yeah you probably havent got a keylogger. Take the precautions listed in this thread anyway to be safe but when they come up clear dont get too paranoid.

Smasher

Your mistake was listening to anything anyone says on the Blizzard forums.

Pheezer

The less than obvious but very important question here is:

Do you know that something else hasn't already been installed?

Because if I were to write a keylogger exploit that did the whole picture.jpg.exe trick, I'd make sure it installed a handful of completely separate but entirely useful applications for the purpose of trying to make sure at least one of them stuck.

But I'm also not convinced that anything happened to you, at all. PM me the thing you clicked on, I'm willing to bet it probably won't affect a G4 iBook and even if it does, I have to reformat within the week anyhow because I'm selling this thing.