Jump to content

Is this a keylogger?


pikay2k

Recommended Posts

Hello. I've recently had several of my email accounts compromised. I have Microsoft Security Essentials running, and it wasn't able to find anything. I decided I'd get a second scan from Malwarebytes. Did a quick scan and it detected three objects that Microsoft Security Essentials didn't find. Here's the log:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 5474

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

1/7/2011 1:49:46 AM

mbam-log-2011-01-07 (01-49-46).txt

Scan type: Quick scan

Objects scanned: 215594

Time elapsed: 26 minute(s), 35 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 3

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Do any of those seem like they'd possibly be keyloggers? I'm going crazy trying to figure out how my information was lost. I'm usually very cautious with things, and haven't had any serious infections in years. I recently made a purchase on a rather shady site, which I later canceled when I realized they most likely weren't a legit seller, but this purchase was made on my laptop. I cleaned my laptop (which did in fact have some infections after visiting the site, though some javascript exploit or something), but I made sure that when I changed all of my passwords, I did it on my desktop which hasn't visited this shady site, and hasn't opened attachments or anything from my laptop. However, the next day my accounts were still compromised, so I'm really at a loss and want this problem solved. If I don't I'll be forced to reformat both computers because I can't figure out how in the world this information was snatched from me.

My Google account did get a hold of their IP though, and they do live in the same state as me, so it's always possible someone I used to know is reverse engineering my information and the whole shady website fiasco is just a coincidence, but that's highly unlikely for many reasons.

Link to post
Share on other sites

hello and welcome to the forums .

the first thing to do is make sure that your machine is clean .

malware and such can be very good at "hiding" .

we do not work on the removal of malware in this section .

go here : http://forums.malwarebytes.org/index.php?showtopic=9573

follow the directions to the best of your ability and start a new topic in the hjt section .

the experts there will help you out .

Link to post
Share on other sites

hello and welcome to the forums .

the first thing to do is make sure that your machine is clean .

malware and such can be very good at "hiding" .

we do not work on the removal of malware in this section .

go here : http://forums.malwarebytes.org/index.php?showtopic=9573

follow the directions to the best of your ability and start a new topic in the hjt section .

the experts there will help you out .

Thanks, I wasn't sure where to post this because it was less asking for removal and more asking what that maleware.trace could be, since I can't find information on it.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.