Not what you were looking for? Ask our experts!
Reply
Visitor
Tsujigiri00
Posts: 6
Registered: ‎03-06-2009

Keylogger -- Norton Fails to Detect

I have a keylogger on my computer and Norton 2009 cannot detect/find it.

 

I know I have a keylogger because my World of Warcraft account had been hacked via it. Yet I can do a full system scan for the 5th time -- with updated detection library ofc -- and Norton still cannot find the keylogger.

 

 

This was the first year I decided to replace AVG with Norton. And within 2.5 months I have a serious security breech that Norton still can't even detect after the fact.

Stu Rootkit Eradicator
Rootkit Eradicator
Stu
Posts: 5,210
Registered: ‎04-08-2008

Re: Keylogger -- Norton Fails to Detect

Please send the file to Symantec so they can have a look.

Threat Expert

"All that we are is the result of what we have thought"
Visitor
Tsujigiri00
Posts: 6
Registered: ‎03-06-2009

Re: Keylogger -- Norton Fails to Detect

Send what file? I cannot find the file -- Norton cannot detect it.

 

So I guess I should buy some better security programs to detect it, then send the info to Norton? That's idiotic.

Keylogger Crusher
Voyager10
Posts: 449
Registered: ‎05-03-2008

Re: Keylogger -- Norton Fails to Detect


Tsujigiri00 wrote:

 

I know I have a keylogger because my World of Warcraft account had been hacked via it.

Send what file? I cannot find the file


hmm !? ;)

 

show us a Hijackthis Log or so.

You can also try manually Settings on Intelligent Firewall -> extented Control , than NIS find a legal or illegal Key Logging Program

Super Spyware Scolder
SaLaDiN
Posts: 139
Registered: ‎05-31-2008

Re: Keylogger -- Norton Fails to Detect

Submit the file which AVG detected as a keylogger....it should be in AVGs quarantine...what is strange about it??? I dont understand...
Visitor
Tsujigiri00
Posts: 6
Registered: ‎03-06-2009

Re: Keylogger -- Norton Fails to Detect

I know it's a keylogger because: I logged into WoW 3hrs ago and my password no longer worked, I changed the password out of game and logged in to see my characters had been pillaged, then I got kicked off b/c the hacker was logging in with my new password.

 

This = definitive proof of a keylogger.

 

But Norton cannot detect the keylogger so I still haven't been able to remove it from my computer. 

 

 

So I guess the only solution now is to purchase a different security system and don't trust Norton?

 

Keylogger Crusher
Voyager10
Posts: 449
Registered: ‎05-03-2008

Re: Keylogger -- Norton Fails to Detect

if you don´t want to check this Problem and find the Threat .. Have much fun with other Vendors , bye ;)
Virus Trouncer
mijcar
Posts: 3,098
Registered: ‎08-01-2008

Re: Keylogger -- Norton Fails to Detect

[ Edited ]

Tsujigiri00 wrote:

I know it's a keylogger because: I logged into WoW 3hrs ago and my password no longer worked, I changed the password out of game and logged in to see my characters had been pillaged, then I got kicked off b/c the hacker was logging in with my new password.

 

This = definitive proof of a keylogger.

 

...


Actually, no, this is not definitive proof of keylogger.

 

Passwords can be hacked.  I don't know how secure their site it, but it does happen.

 

If you do have a keylogger on your machine, it has probably taken a lot more than one password to one site.  What else have you checked?

 

Also, vendors can have database errors on their servers.  If a particular user's files get corrupted, everything can change:  password and game status.  I know this for a personal fact because I just had something like that happen to one of my utility accounts.  It took me four weeks to get customer service to believe I knew what I was talking about and refer me to their webmaster.  Once we actually talked, he checked things out and found out I was right.  Took four or five days to fix because they had to rebuild my data file.

Message Edited by mijcar on 03-06-2009 10:38 AM
mij
N360 2013, v.20.1.0.24; Win7 Pro, SP1 (32 bit), IE 9, Firefox 14, No other active securityware
Regular Contributor
Salihb
Posts: 184
Registered: ‎12-31-2008

Re: Keylogger -- Norton Fails to Detect

Do a full scan with http://www.malwarebytes.org/mbam.php

Clean anything it finds and DO NOT GIVE YOUR PASSWORD TO ANYBODY. Even your parents/friends/girlfriend etc.

You can trust them AS MUCH AS YOU WANT, but who says they wont login on some infected computer?

First thing is to do a full scan with Malwarebytes http://www.malwarebytes.org/mbam.php and with Superantispyware http://www.superantispyware.com/.

 

Afterwards clean anything you find and post the log from a Hijackthis scan ( http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis ).

 

Post any logs that appear when running these scans (Malwarebytes, superantispyware (if any) and Hijackthis). Then we will review them and see if you were infected and if you are clean now.

 

Regards, Salihb

Visitor
Tsujigiri00
Posts: 6
Registered: ‎03-06-2009

Re: Keylogger -- Norton Fails to Detect


Salihb wrote:

Do a full scan with http://www.malwarebytes.org/mbam.php

Clean anything it finds and DO NOT GIVE YOUR PASSWORD TO ANYBODY. Even your parents/friends/girlfriend etc.

You can trust them AS MUCH AS YOU WANT, but who says they wont login on some infected computer?

First thing is to do a full scan with Malwarebytes http://www.malwarebytes.org/mbam.php and with Superantispyware http://www.superantispyware.com/.

 

Afterwards clean anything you find and post the log from a Hijackthis scan ( http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis ).

 

Post any logs that appear when running these scans (Malwarebytes, superantispyware (if any) and Hijackthis). Then we will review them and see if you were infected and if you are clean now.

 

Regards, Salihb


 

Thank you very much for the advice. I'm currently doing full scans with both programs and will post results.

 

I've also run Spybot, AVG, and CCCleaner. Nothing serious was detected, however the two latter did find the following, something I didn't recognize:

 

 C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\4ldzf6j0.default\downloads.sqlite 11.00KB

 

 

 There were about 10 of these:

 

 C:\Users\Adam\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db 24 bytes

 

 

I wasn't particularly concerned with those though since I only use Firefox (modded with NoScript ofc) and never touch IE.