Bad-ass keylogger of some kind

vsdagama

Distinguished
May 12, 2008
25
0
18,580
Hey all,

About a week ago, I realized something was very wrong with my computer.

The password of my WOW account got changed and every time I reset the password and get a new password, the same thing happens over and over.

On my hotmail account, I get mails of games and services, telling me I am trying to sell my account, while I am not trying to sell anything at all.
I changed my hotmail password several times, still I see that someone is able to access it and is trying to get control over all my game accounts!!!

The fact that someone is able to access my mail, even if I just changed the password has made me to believe I have some kind of keylogger, someone is watching everything I type or something.

I tried deleting it, by using different antiviruses and anti-spyware. And I stumbled upon this folder:
C:\Documents and Settings\User\Cookies
In this folder there are many files, like
user@atdmt[2].txt, user@worldofwarcraft[2].txt, user@wow-europe[2].txt and others.
I delete these files, but they will always come back.
I believe this is the place where the hackers stores my data?

Today, I backed-up my data to an external HDD, formatted my laptop and reinstalled windows XP. Hoping this would fix all the trouble.
Sadly, I see that C:\Documents and Settings\User\Cookies is again full of those files, making me believe it is there again!!

Could someone please help me get rid of this nasty virus??
My main hotmail account has been compromised, all my online game accounts are being sold and hacked, and I am pretty fed up about this.
I didn't run any suspicious exe files or anything, and since I just reinstalled my OS, I have no idea how it got back!

Any help here would be so welcome :ouch:
 

vsdagama

Distinguished
May 12, 2008
25
0
18,580
I know about cookies, but how to get rid of this keylogger?

Currently none of these programs gives any result: AVG free edition, avira antivir free edition, malwarebytes anti-malware and spybot, search and destroy.

Does this mean I am safe now?
 
G

Guest

Guest
No, cookies are just small text files. Spammers break into your mail account and start to change passwords!
 

Ijack

Distinguished
In my experience accounts are commonly hacked because poor passwords are used and that same password is used on many accounts. Are you sure that your password is complicated enough? The fact that the problem persists after a reinstall would indicate the possibility of a brute force attack.

Don't get upitty because someone explains that one of your concerns is normal behaviour.
 

vsdagama

Distinguished
May 12, 2008
25
0
18,580
I'm sorry..

What happened was that even if I just changed my e-mail's password, someone could still enter it and use it to get control over my accounts.
This happened for all e-mail adresses I logged into with my pc (for example my brothers mail as well)

So he just could log in to our mail, even when I just changed the password. He didn't reset or change the password, he just used the one I just changed!

Because of this I have the feeling someone is constantly looking over my shoulder and looking at everything I type :p

When doing virus scans, I stumbled upon that /cookies directory, and because I had never seen it, and it was full of 'wow' and other weird text files I got paranoia and thought that was causing the problem.
But apparently, it is normal that all those files are there.

But now the only question that remains is:
Am I safe now?
Since the reinstall of my OS, I changed all my mails passwords again, to very random numbers and letters (wrote them down) and I retrieved all my game accounts.
But how do I make sure that keylogger thing isn't there anymore?
AVG and others didn't find it, even when it was there.
 

TRENDING THREADS