Have key logger?

potato24

Commendable
Aug 2, 2016
4
0
1,510
So i have spent some time already trying to understand and figure out my problem.

Firstly, The whole reason i thought i might have a virus or whatever i might have is that, *without
me touching my keyboard it would start typing some of my various passwords into whatever area i was already typing in*

Second, I was very worried but let it go for a couple of weeks until my worry grew to much and i went on some google spree's to self diagnose myself. Upon some very simple searches It seems that what i have is a keystroke logger (I am sure you guys here know all about these, hence why i am posting here). I am not positive but i am like 80% sure.

Third, I then after the diagnosis i then tried to run anti-malware(malware bytes) for a threat scan but it came up with nothing and that left me a little stumped on what to do next. Sooooo i went and looked through my task manager and even got a more advanced process inspection tool to really look for something wrong, I identified most things and ruled out a lot of things but it was all to much for my limited knowledge so i stopped.

Fourth, I also in my attempts to oust this horrible virus installed a program called KL-detector, It did not find anything. :(

Finally that lands me here at this forum looking for answers, now i am aware that i could nuke my computer wipe the drives and restart everything and i would not have any problems but i would prefer not to loose all of my game files that took a while to download :p. So if there is a less harsh way of dealing with my problem i would certainly love try it.

I am like 90% sure i still have the key logger installed and cannot for the life of me find nor destroy it so if you guys here have anything to help me out it would be wonderfull. :p

oh and i still have that key logger detector running in the background, seemingly scanning around and waiting for any suspicious activity that a key logger would make? am i right it saying that?(all it does is use a little processing power and some RAM so idk i guess)
 
Solution
It's because I thought you'd get a better class of scan if the machine wasn't running slowly and it's best done outside the main account. Did either utility find anything relevant? If not, there can't be much wrong.

The essence of a key-logger is to watch what you're typing, so it has to be able to "phone home". Once they have sensitive data they wouldn't hang around trying to log in to places for you - nothing would raise your suspicions more quickly. They will have used what they gathered and logged into places you thought were safe. Is there any sign that your data have been compromised?

The idea of going back into the previously suspect account is to see if you still get that feeling of being watched.

Press your Windows key and R at the same time. In the black form that shows up, at the Command Prompt type
net user Administrator /active:yes
then hit the Enter key. If you get the confirmation message, type exit and hit Enter to close the form. Restart the computer and this time, log in as Administrator.

Because the Administrator account wasn't active at the time of any infection, it won't have been affected. The first thing you notice if a key-logger is in situ is the slowness of the system - you made no mention of that. You said you only use a little processing power so when you were in Task Manager, did you check running Applications or whatever was using resources under the Processes tab?

In Control Panel>Windows Defender and check it's up to date then run the scan and while its doing that, download MalwareBytes from www.malwarebytes.org. The free one with no 30 day trial option will do for now.

When Defender completes the scan, run the MalwareBytes and when that's done, restart and try your own login.
 

potato24

Commendable
Aug 2, 2016
4
0
1,510


Ok so i have logged on as a admin and used the windows defender to make a full scan and then (seeing as i already had malware bytes did one on there) But you are telling me to go back on the infected account? all i did was create and log onto a clean admin account just to scan in it? Can I have a explanation please :p

 
It's because I thought you'd get a better class of scan if the machine wasn't running slowly and it's best done outside the main account. Did either utility find anything relevant? If not, there can't be much wrong.

The essence of a key-logger is to watch what you're typing, so it has to be able to "phone home". Once they have sensitive data they wouldn't hang around trying to log in to places for you - nothing would raise your suspicions more quickly. They will have used what they gathered and logged into places you thought were safe. Is there any sign that your data have been compromised?

The idea of going back into the previously suspect account is to see if you still get that feeling of being watched.

 
Solution

potato24

Commendable
Aug 2, 2016
4
0
1,510
ok so my scans came up with nothing so i am going to switch back and just wait :p I will see if any of my accounts have any sort of problems and i will keep a lookout for any random password typing. If i see any of these things i guess i will comeback and we can try something else :)