You know, I fix busses for a living but my real "area of expertise" is computers... I have my own web, mail and FTP servers running on another computer on the end of my desk.
My "standard" security package consists of this:AVG Free Anti-Virus
Grisoft Free Anti-Virus Software
SpyBot Search And Destroy (set to "paranoid" mode)
The Home Of Spybot Search & Destroy
From JavaCool Software
and for nightly scanning... AVG Anti-Spyware (used to be Ewido, until Grisoft bought them out) Available from :
Download Trial Here
Both SpyBot and AVG Anti-Spyware will find any keylogger in existance -- make sure you enable Heuristic scanning which scans based on code action as well as database signature.
Spybot will allow you to check what ActiveX items are running or installed on your computer (what Christy refers to as add-ons in IE), as well as showing you all running processes on your computer. The nice thing is that it identifies them for you and puts a little green checkmark next to those that are known to be safe.
Ace, a question if you will... that one sale you made -- did the buyer contact you via regular email, or was it exclusively through EBay's mail system? If there was no email contact outside of the EBay system, there is no chance that a keylogger was installed via that route -- EBay's system completely isolates the users. All communication between members takes place in regular clear plain text, with no HTML or code allowed; EBay simply inserts your text into their template and delivers the nice page to you -- but nothing but normal ASCII text can come from the sender. If you had contact through regular email channels then it is very possible that there could have been some malicious code contained in an HTML email -- if, however, his emails were in plain text format then it is not likely (not completely impossible, but unlikely).
Another possibility is simply that EBay's servers have been hacked. It has happened many times before, and they are under almost constant attack -- so it is not a question of if they were hacked, just a question of when did the hackers get lucky.My suggestion for your immediate "lock-down" of your system
is to download AVG Anti-Spyware -- you get a 30-day free trial of the full package. Bring it up and make sure it gets all updates, then close it. Next, right-click on "My Computer" and select "Properties". In the Properties dialog, click on the "System Restore" tab, and make sure that System Restore is TURNED OFF
. This is because many viruses and malware programs are capable of hiding out in the System Information folder, and will simply be restored by Windows after you get rid of them. Click on <OK>, then restart your system. When your system starts up, press the <F8> key before you see the Windows splash screen to get into Safe Mode. Once you are booted into Safe Mode, run AVG Anti-Spyware with it set to scan "All Files" and make sure Heuristic Scanning is enabled; do a full system scan. The reasoning behind this is simple -- when you boot into Safe Mode, only the bare essentials are loaded. None of the items in the registry's "Run", "RunOnce", and "RunServices" keys are loaded -- which means that your keylogger (if it exists) does not get loaded since it has to be running as a service, and it cannot "hide" by using stealth virus tactics. It is there on the disk for AVG to find and eradicate -- "nowhere to run, no place to hide". Once the scan is done, tell AVG to delete anything it found -- do not send it to the Virus Vault or Quarantine -- just get rid of it. With that done, restart your computer and let it boot normally -- then do another scan with AVG Anti-Spyware and SpyBot Search And Destroy just for good measure.
Hopefully this will clean up your system and fix your problem.
Never open attachments from someone you don't know;
Never, never, never open any attachment that has a file extension of EXE or COM!!!!!
And of course, remember the first three rules of computing... backup, BackUp, BACKUP!!!EBAY DOES NOT HAVE TELEPHONE CUSTOMER SUPPORT AND DOES NOT GIVE OUT A TELEPHONE NUMBER ANYWHERE ON THE EBAY SITE, VIA EMAIL OR ANY OTHER MEANS!!!!!!!!!!!