I think I've been infected by a key logger but I can find anything...?

Discussion in 'Malware Help (A Specialist Will Reply)' started by ckibbe, Aug 6, 2010.

  1. ckibbe

    ckibbe Private E-2

    Hello, I found out the other day my World of Warcraft account was hacked. I'm pretty confident I was not a victim of phishing but a victim of a keylogger. Today when I got home from work to check my email Gmail informed me that a IP address from China was on my email account today which confirmed to me that I have something going on. None of the programs that I've run Kaspersky, Malware or Super anti virus has found anything.
    Now I'm not that computer savy but I have followed the guide (Vista Cleaning Procedure) to the best of my ability and I don't think this problem is fixed.
    Any help would be greatly appreciated!!
     

    Attached Files:

    ckibbe, Aug 6, 2010
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!



    I'm sorry but you did not attach any of the logs requested by our cleaning procedure so I'm not sure whose procedure you are following. Please run our cleaning procedure and attach the logs we requested which are from the below tools ( since you are running x64 ):
    • SUPERAntiSpyware
    • Malwarebytes
    • MGtools
     
    chaslang, Aug 6, 2010
    #2
  3. ckibbe

    ckibbe Private E-2

    I think this is everything?
    Let me know if you need anything else.
    Thank You
     

    Attached Files:

    ckibbe, Aug 6, 2010
    #3
  4. ckibbe

    ckibbe Private E-2

    opps, one more
     

    Attached Files:

    ckibbe, Aug 6, 2010
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Based on your logs you are not having malware problems. You are likely just another one of the tens of thousands of people who have been hacked while using WoW which is notorious for problems like this.

    There is only one file of slight concern in your temp folder. See if you can delete the below file:

    C:\Users\Kibbe\Local Settings\TEMP\uglcqpog.sys


    Also another possibility is the below program, who installed it and uses it to access your PC remotely and is it properly password protected?

    GoToAssist 8.0.0.514
     
    chaslang, Aug 7, 2010
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds