Keylogger issue. When wiped, will data drive still be infected?

[eyesack_kn]

Alright pretty sure I've got a keylogger. I had my WoW account hacked twice in a 24 hour period, even after choosing a very strong password after the first hack.

I've scanned with malwarebytes, defender, avg, msrt, and even used AVG's LiveCD to boot my PC to linux and scan from there. Nothing.

So I'm pretty sure I've got to nuke the OS drive and RAID array with all my programs, but what's the best way to deal with the drive that includes all my data (music, movies, pictures, documents, etc)? What's the probability it has also been infected in some way? Is there a way to determine this (by, say, hooking up an external drive that requires a password every time a file is written to it, and then seeing if a write is attempted that I don't set in motion)? Any other possibilities?

Thanks!

 

[mibix19]

You data should be free from any infection really. It is mainly exe. files that are compromised. Backup all your data to an external source and rescan for infections. they should be clear. Have you used windows defender and windows malicious software removal tool? Prevx is a good piece of software for detecting things. If you go to CNET you can download it from there. It is strange that it is only WoW has been attacked, or is it? If it is , can you not change your account and log in details?

 

[mibix19]

Have you deleted all your tempory internet files browsing history forms passwords ect? Also runn Ccleaner a couple of times to clear out you registry Ect. Also Turn off system restore, restart your computer and then turn it back on. Sometimes malicious stuff hides in there.

 

[eyesack_kn]

Since I found out it was affecting WoW and that I was probably being keylogged, i have not transacted any business on my PC. I've read that there are individuals who are only targetting WoW accounts, but there's no reason they couldn't target something else. That's why I intend to nuke it.

Yea I've used all the programs you mentioned. Nothing.

 

[mibix19]

I found this on a WoW discussion. Does it help? One thing I find VERY interesting. In this thread someone mentions "right after a patch I got hacked"

Same thing here. We just had the 2.3 patch and he had just finished patching and not 1 hour after doing so he was hacked.

Coincidence?

In my looking around for information on this subject I did find a few good words of advice.

1. Keep "Remember me" checked so you don't have to re-enter your account username. Keyloggers can't get your username if you never have to enter it.
2. Don't let others use your computer to play. They would have to change the username, and you change it back to play, possibly keylogging it.
3. Don't type in your password, copy and paste it from a text file. keeping passwords on file is a no-no in itself, but just for WOW this will keep you from every keylogging the password.
4. Don't use Mods that require your password and don't launch WOW from any mod interface

 

[buwish]

Best answer selected by buwish.

 

[waller540]

I'd try using some anti-keylogger software software before wiping. Zemana is brilliant for this. Theres also a list of anti-keylogger software here:

http/www.keyloggerdownloads.com/anti-keylogger-software.html