(The quickest way to register)

Forum

Dear visitor! The webpage is only available in English. We're sorry for the inconvenience.
  1. User picture
    • Sapper on Fri 16 Oct 2009
    • 03:27:51 AM UTC

    I think I have a keylogger - advice please

    I think I may have a keylogger because one of my game accounts was stolen. I've never given my password to anyone, and my password consisted of seemingly random letters and numbers so I doubt someone guessed it. I didn't use the same password on forums or anything else. I also have no idea how I could have gotten a keylogger; I haven't downloaded anything suspicious. I do use my computer on my university network, so I was thinking maybe that was how I got a keylogger.

    I'm not too worried about my game account, but I am worried about what other information they could steal...

    What should I do? I use Windows Live OneCare and keep it fully updated. I've already scanned my computer twice and it found nothing. Should I try a free online scan or try a new antivirus/antispyware program? Would a system restore help?

    Thanks in advance for any advice you could give me!
    Paul

Comments:

  2. User picture
    • evilfantasy on Fri 16 Oct 2009
    • 03:33:49 AM UTC

    Keyloggers

    99.99% of the time when someone thinks they have a keylogger they don't. A trojan is more likely.

    You can however have someone check things out for free. Start here: READ & RUN ME FIRST. Malware Removal Guide. Then post the logs in that forum. The waiting list is long because we are busy but we are also thorough..
  3. User picture
    • g7w on Fri 16 Oct 2009
    • 03:41:09 AM UTC

    MBAM

    Download and Run MBAM
    Then get an Antivirus program
    I use www.free-av.com
    or you can try avast! free home addition
    There are others, Search the forums for "free antivirus"

    I also recommend installing GeSwall and run your browser isolated
    -------
    WOT Services Ltd. - gives us safety through Web of Trust.
    WOT Community - gives us security through unity.
    Thank you all
    - G7W
  4. User picture
    • osfijwoei390WEFw23sf on Sun 18 Oct 2009
    • 10:48:01 PM UTC

    Probably not malware

    If you are on WOT, I assume you know how to defend yourself against malware. Also, you scanned for malware and didn't find any.

    You also said you use your university's network. I think this is where your problem is. Most likely, your gaming account login doesn't use encryption and someone was sniffing the packets on your university's network either through the WiFi or the ethernet. Your unencrypted password would have shown up as plain text. It would most probably have been the WiFi where you were sniffed because most universities don't encrypt WiFi connections. In order to be compromised through the ethernet, the attacker would have required access to the hardware of the network.
  5. User picture
    • Sapper on Mon 19 Oct 2009
    • 12:59:02 AM UTC

    I ran MBAM and it did not

    I ran MBAM and it did not find anything either.

    My dad recommended a program called Vipre by Sunbelt Software and said that he was infected.

    When I ran Vipre it detected a trojan called Win32.Generic!BT. I quarantined and deleted it. Does anyone know what this trojan does?
  6. User picture
    • evilfantasy on Mon 19 Oct 2009
    • 01:08:25 AM UTC

    Description

    Trojan.Win32.Generic!BT
  7. User picture
    • Sapper on Mon 19 Oct 2009
    • 01:30:29 AM UTC

    Yeah I saw that but I

    Yeah I saw that but I haven't downloaded any rogue software or seen any false alerts. I was hoping it would explain my password getting stolen but it doesn't seem to.
    • User picture
      • BobJam (not verified) on Mon 19 Oct 2009
      • 03:49:12 PM UTC

      Using same passwords

      If indeed your gaming password was stolen, the reason may have been the theory that many people use the same password for all their sites. The perp may have been hoping that was your case,

      Consequently, if you use the same password for, say, something like your banking site, I would definitely change my banking password. (And I realize you said you didn't use the same password for other sites, but if you use similar ones that may be enough.)

      As a matter of fact, now that I think of it, it would probably be a good idea to change all your passwords, and make sure that each password for each site is DIFFERENT.

      And if you use one of those password programs that has a Master password (and generates random passwords), make sure that Master password is strong, because if it gets compromised, then someone will have all the keys to the kingdom.

      A strong password contains letters, numbers, upper and lower case, and symbols.
  8. User picture
    • Warxas on Mon 19 Oct 2009
    • 02:17:36 AM UTC

    Rogue

    software CAN have password stealing capabilities.
    But it probably would not steal your game's password, it would look for bank passwords.

    This is what I am going to guess, you typed you password into a phishing page. Even though you may not have realized it, this is VERY, VERY easy to do.
  9. User picture
    • evilfantasy on Mon 19 Oct 2009
    • 02:24:49 AM UTC

    Post #2

    As stated in this post. A lot more can be determined about what is going on inside of your system. But without logs it's all just speculation.

    "99.99% of the time when someone thinks they have a keylogger they don't. A trojan is more likely."

    And indeed a trojan is what was found. ;)

    There is a more commonly named trojan called a PWS. Short for 'Password Stealing.' They target gamers mostly on WOW but not specific to WOW gamers.
    See here: http://www.viruslist.com/en/viruses/encyclopedia?v...