Skip to main content
Hi,

I have mainly joined this board because I'm interested in learning about key logging.

I'm looking forward to interacting with all of you.

Gunner

 

PS,

Can I use a Avitar thats on my PC,and if so how ?
Hi Gunner

 

Welcome to the Community Forums.

 

If you believe that you have been compromised by a keylogger and you have run a scan with WSA which has come up blank then I would Open a Support Ticket, so as to get the Support Team to investigate and if your assertion is corect to then help you to remove the critter from your system.

 

This is a free service to all WSA users who have an active/current subscription.

 

As far as being able to assign your own Avatar you will have to wait until you have attained a higher Community rank.  If memory serves that comes when you achieve Frequent Voice rank...but I could be mistaken (see here for details of the VIP Program).  Anyway, if you contribute that should not take long...and you can have fun whilst doing so.

 

Regards, Baldrick
Thank you.

I'm using a free trial and will not be buying it until the 3rd of next month.
Well, if you let us know why you think that you have been compromised by a keylogger we may be able to help or advise.
Heres where it gets complacated. If  they are keylogging then can they do it through the free trial I am using of Webroot Secure Anywhere ?
The free trial is fully functional and therefore if WSA is going to stop it then the free trial will.

 

Please let us know what evidence you have to substantiate your view that a keylogger is active on your system.

 

Regards, Baldrick
OK,



I hope you get the jest of it.

Im still learning about how this aspect works.



Here’s a list of the security I have installed in the last few days.

Microsoft Security Essentials has been there from the beginning.

Malwarebyets anti exploit premium

Malwarebyets anti malware for scanning only

Webroot Secure Anywere tryal offer.

None of that has slowed down the PC at all. Its still very fast including start up.



Thanks for any help you can give.
Really, I think that if you have scanned with WSA and found nothing, and you have those other apps also installed and run, you most probably have nothing to worry about if every scan is reporting clean.

 

Regards, Baldrick

 

 
What does it mean when your IP's physical address keeps moving from one part of the state to another ?

Also,why would you engage the hard disk drive and have it running when you just installed state of the art solid state drive ?
How can you tell that about our IP address?

 

And re. the HDD and SSD usage, it depends on how you have set up your system to use eacj of them, so hard to answer that question.
I just put into a google search = How to find geolocation of an IP Address?

As far as the old hard drive is concerned, until I can associate it with psywear it will continue to hummm and spinnnn.

I will let you know what I find.

Thanks for the help.
I have dealt with a keylogger before, what I recommend is:

 

I downloaded Malwares AntiMalware 

I also downloaded Webroot.

 

First run Malwares and see if anything has come up.

Then if anything has remove and do a full system scan on Webroot.

If you can remember what your downloaded last before getting the keylogger, then remove it asap.

 

 

If this does not solve your issue, or if you have any more problems, just let me know.
@ wrote:

I have dealt with a keylogger before, what I recommend is:

 

I downloaded Malwares AntiMalware 

I also downloaded Webroot.

 

First run Malwares and see if anything has come up.

Then if anything has remove and do a full system scan on Webroot.

If you can remember what your downloaded last before getting the keylogger, then remove it asap.

 

 

If this does not solve your issue, or if you have any more problems, just let me know.

@ Hello please read the Community Guidelines as this is the Webroot Forum: https://community.webroot.com/t5/Announcements-and-Release-Notes/Webroot-Community-Guidelines/td-p/2

 

Don’t be a Spammer.

The Webroot Community should be used to share information about issues relating to Webroot, Webroot products and services and Internet security generally. Please do not attempt to promote a separate organization or cause.  Links to third-party security vendors will be removed.

 

And about your Avatar please see here: https://community.webroot.com/t5/custom/page/page-id/VIP_Program#.UvvzJPldVoM and Here: https://community.webroot.com/t5/Announcements-and-Release-Notes/Announcing-the-Webroot-VIP-Program/m-p/20652#M119

 

Thanks,

 

Daniel 😉
Sorry about that, that is what I used to help me, so I thought I would pass it on.
@ wrote:

Sorry about that, that is what I used to help me, so I thought I would pass it on.

Yes we understand and we all know about the other tools around it's just Webroot likes to help there own Customers and we just give users advice and guidance with WSA and if malware related we send them to the support inbox Webroot Customer Service & http://www.webroot.com/us/en/company/contact-us and you will see what I mean in time as we have many Helpers like myself and many more!

 

Thanks,

 

Daniel 😉
 

Just a quick up date.

I am a member now with a "Complete" subscription.

Here’s what has happened, first there are two applications listed in the application protection area. = denied both.

Then all "active connections" are gone.

The PC runs very quiet. Usually just the fan motor and that’s it.The HDD no longer wants to fly away.

Ccleaner and some deep sweeps seem to activate the HDD a bit but that’s it.

I also cleaned out all of the free space on the HDD with three passes.

I’m learning but cant be sure if what has been done makes any sense security wise but not having active connections and a silent PC makes me happy.
Hi Gunner

 

If you can use your PC normally, i.e., do the things that you are used to doing like connect to the Internet, receive emails,, etc...and WSA is active (notification tray icon ('W' in Circle) is GREEN)) then you should be good to go.

 

Let us know what the "two applications listed in the application protection area. = denied both" are just incase they should be aloowed, etc.

 

Regards, Baldrick
They are = iexplore.exe in C: program files internetexplor    &    iexplore.exe in C: program files  (x 86)internetexplorer. Webroot put them there and once "denied" all traces of active connections were gone and the HDD has gone quiet "most" of the time. The SSD seems to dominate and runs silent. I must say the PC runs great and is fast ,almost instantaneous.
Hi Gunner

 

Sounds to me as if you have blocked both the 32bit & 64bit versions of Internet Explorer from handling any personal information (if Denyed under 'Application Protection').  IF that works for you then great but if you need to use the browsers for Internet Banking or the like when personal information will need to be entered you should find that you cannot unless you switch the setting to 'Protect' (recommended) or 'Allow'.

 

If interested in this area please see this page from the online Help Text.

 

Regards, Baldrick
Banking seems to be fine.

Could blocking those items actually have an effect on spy wear ?

 

 

Also with the initial scan I could have sworn it picked up something but there is no list of it .

What ever happened, installing webroot complete and going through my PC system and security among other aspects like blocking them has removed "active connections" from it and that makes me happy.

 

Also webroot made some adjustments to windows firewall so that could have helped.
Hi Gunner

 

Glad to hear that bank access is fine.  As to whether blocking those items could have an effect on spyware; well, if you are deny them access to your personal data then if they are compromised then cannot leak it so in a way, yes.

 

Yes, key logging done in a number of ways and it usually tries to log what you are doing in your browser, amongst other apps.

 

In terms of the "initial scan I could have sworn it picked up something but there is no list of it ", you should run another scan...just to make sure and if that comes up clean, i.e., no notifications and nothing in Quarantine then I would just forget it.

.

Yes, WSA will have made some adjustments to the Windows Firewall as it uses it to handle the inbound connections to you system.  The outbound connections are handled by the firewall built into WSA.

 

Regards, Baldrick
Thank you.

I always appreciate your help.
Hi Gunner

 

You are always welcome.  Always happy to try to help a fellow member. :D

 

Regards, Baldrick
How did my setings in "application protection" that I just listed get moved from "deny" to "protect" with out me doing it ?

I have everything set for "user configuration". And password required.

Reply