keylogger ?

[Houli]

yeah, was reading the WoW forums...

I blindly clicked and instanly closed the new tab i opened in firefox as it was loading.

this is a link to the WoW forums thread i was reading.

the 3rd post has the possible keylogger. *EDIT* the third post has been removed so...a bliz moderator prolly yanked the logger out of the thread.

am i in trouble? how do they work? does simply clik'n that link screw me, or would i have actually needed to do somtin at that website?

i immediately ran a full sys' virus scan, and windows defender spyware scan. both clean.

i was not logged into the boards at the time (not sure if that is a factor)

also, i plan on changing my password, but im afraid to do anything untill i know its safe to use the new password, or even log into the Blizzard account webstie >.<

/crai

Edited November 7, 2007 by Houli

[Huato]

Oh boy..

Clicking the link, if it loaded (I would assume so just to be on the safe side) it does not need you to be logged in to the WoW site to install itself.

Run virus scans, ad-aware scans, and to double check everything, go to http://housecall.trendmicro.com/ and run that...it's a nice free service that can help find and remove ad ware and viruses.

Do not log into anything else that requires a user id and password until you've done the above.

[Houli]

thanks much huato, yeah i log'd into this forum, but didnt actually use any key strokes to do so, so i should be ok here.

if i copy paste one letter at a time my password into the login screen i'd be ok right?

for example:

The brown fox jumped over the fence. (or whatever that sentence is that includes all letters)...

i could highlight one letter at a time, hit ctrl + c, then ctrl + v into the wow login to enter the data no? would that be a workaround? and i will still diligently run more virus/spyware removal stuff...

my robust anti-virus program (mcaffe, provided by the univ' of michgan) did not detect anything on my comp, nor did windows defender. when i get home i'll use the website you suggested.

[Houli]

and clan! i have not logged in since late last night, if ive been on durring the day today or tonight let me know cuz um, it wasnt me

[Scryll]

In addition to the ones you've run and what Huato recommended, I would download Spyware Blaster and have it run a scan as well. Some of these virii and spyware programs are getting quite good and shielding portions of your system from most scanners and hiding malware. Blaster is good at rooting out a lot of those. I don't like it for regular protection but I will install it every now and then when my hard drive needs to be blasted but good, or when I'm pretty sure I've picked something up and my regular programs aren't finding it.

It is possible, though, that you managed to avoid infection merely because it attempted an attack that Firefox isn't vulnerable to, like if you run a "no-scripts" add-on.

Edited November 7, 2007 by Scryll

[Huato]

One thing to keep in mind is that some keyloggers also take screen captures periodically, and could also copy the contents of your clipboard, so even copy and pasting letters may not prevent them from getting your information.

[Houli]

thanks much guys will do all you suggest before breathing

i was in firefox, but i do not have any additional addons for it. I hope you are correct in the possiblity that firefox is unassailable to this specific attack...given the fact that my system has so far come up completely clean with no detectable changes from waht i can tell.

should i consider a system restore to last week perhaps?

Edited November 7, 2007 by Houli

[Volonazra]

Just wanted to add that I had read you can protect yourself abit with the Parental Controls within your account. Im kind loopy on the nyquil atm, but what i can conjure to consciousness is that you can set times when you allow log in and additional passwords to change account info. Might help.

Dont panic

[Houli]

ZOMG HALP BBQ LOL FUX HATE! PANIC CrAzY el oh el NOO!!!oneone11one!

oo i will do that now vol, thanks for the suggestion!

adjust the parental controls that is course....if they can figure out how to log in, they can just log into my wow acount and change it themselves...

Edited November 7, 2007 by Houli

[Houli]

hey scryll, is this the correct website for spyware blaster?

http://www.javacoolsoftware.com/spywareblaster.html

[Scryll]

hey scryll, is this the correct website for spyware blaster?

http://www.javacoolsoftware.com/spywareblaster.html

Looks like a valid source.

[Houli]

results of the trend micro scan:

pic on facebook

heh im not sure how to directly put the image on the page here unfortunately.

Basically i got 2 things:

1. I have 9 "profiling cookies". But! keyloggers dont work as cookies right? no worries here?

2. I have a ASP.NET Path Validation Vulnerability (887219) -

A vulnerability in ASP.NET allows an attacker to bypass the security of an ASP.NET Web site, and access a machine. The attacker gains unauthorized access to some areas of the said Web site, and is able to control it accordingly. The actions that the attacker could take would depend on the specific content being protected.

i am a newb when it comes to this stuff so...am i right in assuming neither of these 2 detected problems are a key logger?

thanks!

Edited November 8, 2007 by Houli

[Huato]

That's correct.

Now hit windows update and update the damn ASP.Net vulnerability!