So it seems i may have a keylogger in my laptop...

the first warning sign was when a friend of mine told me that he's been getting spammed by my gmail account...

then i noticed that my Picasa as well as my Photobucket account password has been changed... was able to recover Picasa but did not bother with Photobucket as i don't use it any more (due to degrading image quality when posting pics)

then when i received my replacement Credit Card (un-related event, credit card was replaced as Visa wants to send me a new black card... wooptedoo... got to call em and lower my credit limit...)

i updated my paypal and then, i noticed that my card has been frozen... thank goodness for fraud protection plans... after a brief conversation with my CC company, denied charges in UK, Arizona and yadda yadda... then froze my card and am waiting a new one.

prior to these events, my windows 7 suddenly is stated as not being genuine... was annoyed but while looking for my disks, i did not really bother with this much...

now, worst case scenario is keylogger...

i did not access any online banking nor did i go into my other financial websites, maybe my paypal, but they are linked only to my credit cards that are now inactive...

so my normal reasoning tells me to:

1) back up my data onto a removable storage device,
2) reformat and reinstall both my HDD's in my laptop,
3) restore my data onto my laptop.

now, question is, as i'm not too saavy in this area, am i safe in just taking the above 3 steps or is there something that i should do to "clean" my data files also?

thank you in advance for your replies.

 

You could always switch to Linux
Yes, if you reformat both HDD's, and reinstall your OS, it should be fine.

Depending on what hit you, it may or may not copy itself into your removable.

Also, may I suggest changing your email address's password? Its the one thing that links all of it together; if he has your email, he may be able to obtain your PayPal, Photobucket, details etc

EDIT:
Mistyped

 

If you reformat and change all of your important passwords you should be ok

 

What anti-virus did you have running when you got infected?

 

ive been running ESET something or rather...

i'll do a scan before i move my files over to a external HDD... just data files... no programs...

already swapped out my passwords but more importantly, i've stopped any/all charges on my cc for the time being...

thanks for your replies.

 

Another very useful tool AFTER you clean your system - The personal version works like a charm.
QFX Software - Download KeyScrambler

 

1) back up data onto a removable storage device,
2) reformat ( full format) and install OS, install most used software and all updates,
3) make an image (copy) of OS+programs+updates,
4) scan all data with multiple antimalware programs,
5) fully disable autorun and autoplay,
6) restore data onto laptop.

By making an image (with free Paragon or DriveImageXML) after installation and updating, you can fully restore your notebook next time in 10-15 minutes, if needed.
More options;
Partition your HDD's. For instance one for your OS+most used programs and one for data (music, movies, pics etc.)
That way you won't have to format the entire disk when you restore the image or do a fresh install again.

Also, if you would make an appropriate partition at the end (slowest part) of the HDD, you can put a copy of the image there.
That way, you can quickly do a full fresh install, using the imaging program on a bootable CD/USB to do the copying, when you're at school/work/university/holiday in about 10-15 minutes time.
It's faster than almost any AV/AM full scan and you'll have a clean OS+programs running in no time.

 

Wow Baserk, thanks for that detailed instruction... that is amazingly helpful!
about Step 5) disabling autorun and autoplay, can you elaborate on how to do this exactly?

as for the rest of steps... as said, thanks a TON!

 

Oh, forgot to mention: you should use MBAM in conjunction with any anti-virus you run.

Its a great free tool that removes malware, should remove the aforementioned keylogger if it exist. Comes highly reccommended by fish-experts.
Check it out: Malwarebyte's Anti-Malware.

 

Check this link for instructions on how to disable Autorun. It's only a few clicks.

 

I assume the passwords were changed by you from a different computer ....

Disable autorun/autoplay, also fix the following MS hole:
http://forum.notebookreview.com/sec...ity-turning-autorun-off-does-not-suffice.html

 

Nice peice of software. +rep.