Keylogger goin' round

Hi,

one of the wolfteam hacks, i havent made sure yet which, obviously involves a keylogger. Im currently tending to the LoLHack cause my current research hasnt gotten the other guys in suspicion ( sure i cant guarantee its not the others :) )

Now im not going to accuse without proofs.

[Only registered and activated users can see links. Click Here To Register...]

this is a little part of my VM wireshark. It obviously shows a service trying to connect to an ftp. Well i cheked the ftp and found stuff like this:

Quote:

15:20 - 15:21 [viernes, 13 de marzo de 2009] MsnMsgr.Exe: MSN Messenger Nacho WTF SEMPAI ???? O.O dice: `q àssa Fin de la conversación - Inicio de la conversación deño dice: gracias Nacho WTF SEMPAI ???? O.O dice: x? deño dice: lee el mnj Nacho WTF SEMPAI ???? O.O dice: esta totalmente sin bateria mi cel o.o

btw. alot of wolfteam accs / msn / icq were recorded too <3 ( thanks for the nice information :D )

well.. then i cheked the email and found an ePVP registration:

Quote:

Dear olverkhan, Thanks for registering at elitepvpers! We are glad you have chosen to be a part of our community and we hope you enjoy your stay.

theres just 1 topic of this guy, below the LoL Hack..., so its just an assumption im doing here, but soon i'll know better :)

How to Remove:

Download Avenger -> [Only registered and activated users can see links. Click Here To Register...]

Type in ->
Folders to delete:
C:\WINDOWS\system32\Sys32

Execute.