Can keyloggers be installed in other files in my computer?

Discussion in 'Windows Security' started by Zephyr1, Sep 1, 2014.

  1. Zephyr1

    Zephyr1 New Member

    Joined:
    Sep 1, 2014
    Messages:
    7
    Likes Received:
    0
    Greetings.

    I suspect that I have a keylogger installed on my PC. Luckly I suspected this quite fast and managed to secure most of my important accounts.

    What I want to do now, is re-install my windows. However I need to know something before I begin doing this: Can I safely back-up files to a hard drive from my compromised computer? Can a keylogger get installed in a photo, for example? Do I need to remove everything in order to be totally safe?
     
    #1 Zephyr1, Sep 1, 2014
    Last edited: Sep 1, 2014
  2. Zephyr1

    Zephyr1 New Member

    Joined:
    Sep 1, 2014
    Messages:
    7
    Likes Received:
    0
    I'm sorry for bumping but I am quite worried.

    What I want to ask is, can a keylogger be installed inside an already existing .jpg file, or a .mp3 file? Or is it a whole new file installed?
     
  3. patcooke

    patcooke Microsoft MVP
    Staff Member Premium Supporter Microsoft MVP

    Joined:
    May 16, 2010
    Messages:
    5,456
    Likes Received:
    268
    Executable code (including keyloggers) may be stored inside of data files but cannot be executed from there so if you are simply backing up and restoring data files to a cleanly installed system there can be no problem. If you wanted to be squeaky clean you could run malwarebytes to check the data files on the backup disk before restoring them to your system.
     
  4. Zephyr1

    Zephyr1 New Member

    Joined:
    Sep 1, 2014
    Messages:
    7
    Likes Received:
    0
    Thanks a lot for your answer.

    If someone needs more details, I suspect I have a keylogger because I accidentally clicked a link that looked suspicious and it got me pretty worried. The website may (or may not) have installed something in the background, so I am taking some measures to be 100% sure that I won't lose anything.

    Edit: I will also get the trial version of Malwarebytes and do some scans
     
    #4 Zephyr1, Sep 1, 2014
    Last edited: Sep 1, 2014
  5. patcooke

    patcooke Microsoft MVP
    Staff Member Premium Supporter Microsoft MVP

    Joined:
    May 16, 2010
    Messages:
    5,456
    Likes Received:
    268
    "Edit: I will also get the trial version of Malwarebytes and do some scans"

    It's the free version you want.
     
  6. Zephyr1

    Zephyr1 New Member

    Joined:
    Sep 1, 2014
    Messages:
    7
    Likes Received:
    0
    I still got the premium trial version (because I was thinking it may have more features that would help me and I'm going to format my PC in a few days.). It detected 100+ infected files and cleaned them. There wasn't any mention of a Keylogger but I found some PUPs (Potentially unwanted programs) inside Chrome. That could be the keylogger if there is one. Anyway, according to the program I'm free now I guess. Thanks!

    If anyone else wants to mention anything I should know, feel free to do so :)
     
    #6 Zephyr1, Sep 1, 2014
    Last edited: Sep 1, 2014
  7. Zephyr1

    Zephyr1 New Member

    Joined:
    Sep 1, 2014
    Messages:
    7
    Likes Received:
    0
    Update: Malewarebytes keeps finding two potentially unwanted programs in AppData\Local\Google\Chrome\UserData\Default\Prefferences. Even though I send them to quarantine they keep appearing after every scan.. Why does that happen?
     
  8. patcooke

    patcooke Microsoft MVP
    Staff Member Premium Supporter Microsoft MVP

    Joined:
    May 16, 2010
    Messages:
    5,456
    Likes Received:
    268
    Check what they are and if known to be malware remove them rather than just quarantine. Hving said that, if you are reinstalling Windows and you do a full repartition and reformatting before doing so any problems there will be wiped. It is mainly the drive onto which you have backed up all your data andfrom which you will ultimately restore your data which needs to be scanned in depth.
     
  9. Zephyr1

    Zephyr1 New Member

    Joined:
    Sep 1, 2014
    Messages:
    7
    Likes Received:
    0
    I have googled the untrusted files and discovered they are part of a search engine that installs without your permission. I have followed some instructions and now when I scan I get only one PUP instead of two. So it is not really a keylogger (I had problems with this search engine a long time ago)..

    If anyone wants to confirm that I can indeed safely backup files on my computer, feel free to do so.
     
  10. patcooke

    patcooke Microsoft MVP
    Staff Member Premium Supporter Microsoft MVP

    Joined:
    May 16, 2010
    Messages:
    5,456
    Likes Received:
    268
    If you've done a clean install of your op sys after reformatting the drive and then run a full malware scan on your backed up data before restoring it you have done all you can to secure your system.
     
  11. Drew

    Drew Banned

    Joined:
    Mar 25, 2006
    Messages:
    3,575
    Likes Received:
    146
    All I will add, I trust Pat won't mind) is besides MSE or WD, (whichever you have)... WD is working in Real-time but, MSE should be set to Full Scan & Daily. The default is Sunday (wkly). You can leave the default time @ 2AM but, make sure the machine is ON, although, it can be asleep.

    And, in addition, run Malwarebytes wkly or, @ least, biwkly, just for the heck of it.

    Not telling you what to do, but, might find IE11 very secure.

    Cheers,
    Drew
    thR0V6M5GG2.
     
  12. Zephyr1

    Zephyr1 New Member

    Joined:
    Sep 1, 2014
    Messages:
    7
    Likes Received:
    0
    Update:

    I successfully re-installed my windows and all the problems have gone. I scanned the backed up files with Malwarebytes and they are all clean. The PUP from Google Chrome is also gone.

    Thanks for your advice :)
     
  13. Drew

    Drew Banned

    Joined:
    Mar 25, 2006
    Messages:
    3,575
    Likes Received:
    146
    Nice news. From all of us who may have helped by offering advice, you're welcome.

    Cheers,
    Drew
    thR0V6M5GG2.
     

Share This Page

Loading...