Page 1 of 2
1
2
LastLast
  1. #1
    Pandaren Monk Martyn 470's Avatar
    10+ Year Old Account
    Join Date
    Sep 2009
    Location
    Everywhere, and nowhere.
    Posts
    1,942

    How to find a keylogger?

    So guys, my girlfriends Wow account got hacked, and we have no idea how, both of our computers are secure, I'm running windows 7 ultimate 64 bit , with avast! antivirus and malwarebytes, as well as windows firewall, noscript, adblock plus, and ghostery, she has Norton antivirus and windows vista 32, once she got hacked, we both done full system scans and neither system has reported any keyloggers or viruses, so what's the next step?

    She got her account and everything back, and she's ordering an authenticator as soon as we find out where she's been keylogged, but we really are at a mystery, we can only think that antivirus hasnt picked it up, I mean, her password is very long and complicated and I can pretty much rule out physical password guessing, only through a keylogger could she have been hacked.

    Ive changed her default email address for her WoW login, her secret answer + password, and she's stopped her debit cards etc because she got an email through saying a paid character transfer had failed due to lack of funds.

    Has anyone got any idea what the next step is? Preferrably not the usual " get an authenticator lul" as it will soon be on the way.



    Also, another random question, but why do hackers always go to Halls of Lightning? i've seen many of my friends hacked and they're ALWAYS in Halls of lightning, I wonder why

    Anyway, input would be appreciated.

    Thanks
    Martyn

  2. #2
    I am really not sure about other antivirus softwares but i have been using microsoft security essentials & i never got hacked or whatsoever.

  3. #3
    Brewmaster DieFichte's Avatar
    10+ Year Old Account
    Join Date
    Feb 2012
    Location
    Confederaziun svizra
    Posts
    1,293
    There is a very safe way to find and destroy a keylogger, it's on your Windows System Disc or recovery disc and you can access it during the computer booting up, it's called Windows Setup. It works wonders!
    Last edited by Darsithis; 2012-11-26 at 10:44 PM. Reason: restored

  4. #4
    What about phishing? Are you sure you only ever logged in with the account details on battle.net and in the wow client? Did you register on other websites using the same password?
    My addons:
    Announce Interrupts: Announces in chat when you interrupt a spell.
    Tol Barad Reminder: Reminds you to queue for Tol Barad by printing a message when the battle is approaching.
    EasyLogger: Turns on /combatlog inside raid instances, and off outside.
    Simple class resource bars: Paladin Rogue Shaman Monk Priest

  5. #5
    Best thing to do is Run:

    Microsoft Security Essentials + Malwarebytes

    Then:

    Download the Authentication app from Blizz on to your phone for free - https://play.google.com/store/apps/d...zard.bma&hl=en

    Last:

    Change your browser settings to never keep more than 8MB of Data for 0 Days at a time and always "Delete History Upon Exiting Browser".
    SHIFT HAPPENS. THEN BLOODSHED. TRUE STORY.

  6. #6
    Pandaren Monk Martyn 470's Avatar
    10+ Year Old Account
    Join Date
    Sep 2009
    Location
    Everywhere, and nowhere.
    Posts
    1,942
    she only ever logs into WoW itself, last time she logged into eu.battle.net was last month for a server transfer.

    I believe her WoW password is the same as her hotmail one, however, even so, it's still complete and utter random numbers, letters, and punctuation.

    Also, I've told her to download security essentials, but iirc, norton isn't exactly friendly to other anti virus

    ---------- Post added 2012-11-26 at 10:12 PM ----------

    Quote Originally Posted by BeastmasterofBladesEdge View Post
    Best thing to do is Run:

    Microsoft Security Essentials + Malwarebytes

    Then:

    Download the Authentication app from Blizz on to your phone for free - https://play.google.com/store/apps/d...zard.bma&hl=en

    Last:

    Change your browser settings to never keep more than 8MB of Data for 0 Days at a time and always "Delete History Upon Exiting Browser".
    Delete history upon exiting browser is what we both use, but good idea about the 8mb of data, she also does use malwarebytes, but this could also be My computer which is the problem, which is why we're both confused to hell, I mean, i'll openly admit it, my version of w7 isn't valid, so I can't get security essentials, I was forced to get it after a previous HDD went and I can no longer gain access to the Student version of w7

  7. #7
    Quote Originally Posted by Martyn 470 View Post
    but iirc, norton isn't exactly friendly to other anti virus
    Norton is junk imho. You wanna uninstall that, install MS Security Essentials and Malwarebytes. You can get both free from cnetdownloads. Run both until you are free of viruses or threats, and then download the authenticator app. It is absolutely free. I have never been hacked in 7 years of playing. You wont regret it.
    SHIFT HAPPENS. THEN BLOODSHED. TRUE STORY.

  8. #8
    Quote Originally Posted by Martyn 470 View Post
    I believe her WoW password is the same as her hotmail one, however, even so, it's still complete and utter random numbers, letters, and punctuation.
    Using your wow password elsewhere is pretty bad practice, especially if it is on less trustworthy sites, and you can easily get hacked from there if that site gets compromised, or someone uses a badly designed "forgot password" feature.
    My addons:
    Announce Interrupts: Announces in chat when you interrupt a spell.
    Tol Barad Reminder: Reminds you to queue for Tol Barad by printing a message when the battle is approaching.
    EasyLogger: Turns on /combatlog inside raid instances, and off outside.
    Simple class resource bars: Paladin Rogue Shaman Monk Priest

  9. #9
    I personally use a variety of three different scanning programs to detect viruses on my computer.

    I've used the Authenticator on my phone since they came out with it; never been hacked.

  10. #10
    Pandaren Monk Martyn 470's Avatar
    10+ Year Old Account
    Join Date
    Sep 2009
    Location
    Everywhere, and nowhere.
    Posts
    1,942
    Quote Originally Posted by Sildor View Post
    Using your wow password elsewhere is pretty bad practice, especially if it is on less trustworthy sites, and you can easily get hacked from there if that site gets compromised, or someone uses a badly designed "forgot password" feature.
    Yeah it's pretty bad practice, but personally, my facebook, hotmail, mmo champ passwords have all been the same at some point, I usually keep them the same since I cant remember them.

    I've got an authenticator myself and have since they came out, so I cant judge whether it was my PC which was infected, as if I didn't, they may have hacked me.

  11. #11
    Deleted
    You first flaw: thinking you are secure just because you have Antivirus- and Firewall-Software - the only security sits in front of the pc...

    next step to do if you want to do it right - as you havent ofc - format and complete reinstall both systems...

    and then get an auth....

  12. #12
    http://www.kaspersky.com/virusscanner

    Give that a try. I have had instances where my anti-virus would not detect anything and then Kaspersky would find it.

  13. #13
    The Lightbringer gutnbrg's Avatar
    10+ Year Old Account
    Join Date
    Apr 2009
    Location
    New Mageland
    Posts
    3,669
    dont format ur system like the guy above me says LOL, alot of antiviruses wont catch a keylogger unless it is active...

    Open ur antivirus or malwarebytes, then open WOW as if u are going to login. Minimize ur wow and start a malwarebytes scan. Then maximize wow and start typing fake passwords into wow as if u are trying to login. The keylogger will try to catch ur pw and hopefully malwarebytes will catch it in the act. Its worked for me before on my own computer and my friends.

    yes kapersky is awesome and so is ESET Nod32.

  14. #14
    You can also do a very thorough online scan with Trendmicro Housecall eg http://housecall.trendmicro.com/uk/
    Also use Malwarebytes as mentioned by previous poster

  15. #15
    Quote Originally Posted by Martyn 470 View Post
    i'll openly admit it, my version of w7 isn't valid, so I can't get security essentials, I was forced to get it after a previous HDD went and I can no longer gain access to the Student version of w7
    That could be an issue, but for now I would try the other things out. Also, there are PW keeper apps for the phone. You might want to make new PW for everything and just keep them in your phone with your "common" PW as the key That will also help keep it distinctive. Hope that helps!
    SHIFT HAPPENS. THEN BLOODSHED. TRUE STORY.

  16. #16
    Deleted
    Tbh, there is only one way to be 100% sure that you have no viruses or malware on your pc and that's doing a clean install on windows. Since WoW account and credit card info are worth quite a bit, new keyloggers are being developed all the time. It usually takes a few weeks before avast, norton or whatever company you buy your junk from even realize there is a new one.

    Since it's very rare that you actually get any malware with something like adblocker on and thinking before you click, I haven't used on in ages. I don't mind my computer being a bit quicker.

    Anyway, to get back to the point, I think your best bet is to just check running processes for anything unusual and just google everything that sounds strange.

  17. #17
    Pandaren Monk Martyn 470's Avatar
    10+ Year Old Account
    Join Date
    Sep 2009
    Location
    Everywhere, and nowhere.
    Posts
    1,942
    Quote Originally Posted by BeastmasterofBladesEdge View Post
    That could be an issue, but for now I would try the other things out. Also, there are PW keeper apps for the phone. You might want to make new PW for everything and just keep them in your phone with your "common" PW as the key That will also help keep it distinctive. Hope that helps!
    Ha, I wish I could, i've got all my passwords in an inconspicuously named text file, just purely because my phone ( HTC wildfire) has no note application, no password keeper apps, it's absolutely disgraceful =P

  18. #18
    Stood in the Fire Sharde's Avatar
    10+ Year Old Account
    Join Date
    Jan 2011
    Location
    Germany
    Posts
    406
    keylogger are not the only way to get hacked. i got hacked several times because i used my standard email adress which i also use for everything else. without an authenticator and hardcore password it is now relatively easy to get hacked.

    so what i would do:

    - scan for keylogger. if there aren't any it is likely that there REALLY aren't any. keylogger for games hacking are rarely sophisticated. any program should find them.
    - create a new email account with a (random) confusing name. change your battle.net account to the new address.
    - create a new random password.
    - get an authenticator.

    worked for me. just don't use your battle.net password for anything else and you should be fine.
    Last edited by Sharde; 2012-11-26 at 11:22 PM.

  19. #19
    Don't click on sexleg
    http://thingsihaveneverdone.wordpress.com
    Just started my 24/7 LoFi stream. Come listen!
    https://youtu.be/3uv1pLbpQM8


  20. #20
    Just to throw it out there... Does she want to stop playing and deleted chars herself? (we dont know her so its worth throwing out that thought to you lol)

    Also yeh, could of been phishing scam or just when you've been naughty on the internet or you lent your browser to someone when someone used your comp.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •