Can keyloggers be installed in other files in my computer?

#1
Greetings.

I suspect that I have a keylogger installed on my PC. Luckly I suspected this quite fast and managed to secure most of my important accounts.

What I want to do now, is re-install my windows. However I need to know something before I begin doing this: Can I safely back-up files to a hard drive from my compromised computer? Can a keylogger get installed in a photo, for example? Do I need to remove everything in order to be totally safe?
 


Last edited:
#2
I'm sorry for bumping but I am quite worried.

What I want to ask is, can a keylogger be installed inside an already existing .jpg file, or a .mp3 file? Or is it a whole new file installed?
 


patcooke

Microsoft MVP
Staff member
Premium Supporter
Microsoft MVP
#3
Executable code (including keyloggers) may be stored inside of data files but cannot be executed from there so if you are simply backing up and restoring data files to a cleanly installed system there can be no problem. If you wanted to be squeaky clean you could run malwarebytes to check the data files on the backup disk before restoring them to your system.
 


#4
Thanks a lot for your answer.

If someone needs more details, I suspect I have a keylogger because I accidentally clicked a link that looked suspicious and it got me pretty worried. The website may (or may not) have installed something in the background, so I am taking some measures to be 100% sure that I won't lose anything.

Edit: I will also get the trial version of Malwarebytes and do some scans
 


Last edited:

patcooke

Microsoft MVP
Staff member
Premium Supporter
Microsoft MVP
#5
"Edit: I will also get the trial version of Malwarebytes and do some scans"

It's the free version you want.
 


#6
I still got the premium trial version (because I was thinking it may have more features that would help me and I'm going to format my PC in a few days.). It detected 100+ infected files and cleaned them. There wasn't any mention of a Keylogger but I found some PUPs (Potentially unwanted programs) inside Chrome. That could be the keylogger if there is one. Anyway, according to the program I'm free now I guess. Thanks!

If anyone else wants to mention anything I should know, feel free to do so :)
 


Last edited:
#7
Update: Malewarebytes keeps finding two potentially unwanted programs in AppData\Local\Google\Chrome\UserData\Default\Prefferences. Even though I send them to quarantine they keep appearing after every scan.. Why does that happen?
 


patcooke

Microsoft MVP
Staff member
Premium Supporter
Microsoft MVP
#8
Check what they are and if known to be malware remove them rather than just quarantine. Hving said that, if you are reinstalling Windows and you do a full repartition and reformatting before doing so any problems there will be wiped. It is mainly the drive onto which you have backed up all your data andfrom which you will ultimately restore your data which needs to be scanned in depth.
 


#9
I have googled the untrusted files and discovered they are part of a search engine that installs without your permission. I have followed some instructions and now when I scan I get only one PUP instead of two. So it is not really a keylogger (I had problems with this search engine a long time ago)..

If anyone wants to confirm that I can indeed safely backup files on my computer, feel free to do so.
 


patcooke

Microsoft MVP
Staff member
Premium Supporter
Microsoft MVP
#10
If you've done a clean install of your op sys after reformatting the drive and then run a full malware scan on your backed up data before restoring it you have done all you can to secure your system.
 


#11
All I will add, I trust Pat won't mind) is besides MSE or WD, (whichever you have)... WD is working in Real-time but, MSE should be set to Full Scan & Daily. The default is Sunday (wkly). You can leave the default time @ 2AM but, make sure the machine is ON, although, it can be asleep.

And, in addition, run Malwarebytes wkly or, @ least, biwkly, just for the heck of it.

Not telling you what to do, but, might find IE11 very secure.

Cheers,
Drew
thR0V6M5GG2.jpg
 


#12
Update:

I successfully re-installed my windows and all the problems have gone. I scanned the backed up files with Malwarebytes and they are all clean. The PUP from Google Chrome is also gone.

Thanks for your advice :)
 


#13
Nice news. From all of us who may have helped by offering advice, you're welcome.

Cheers,
Drew
thR0V6M5GG2.jpg
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.