2010-01-08, 06:02 PM
I would like to reinforce the idea that WE HAD NOT CHANGED our passwords in the last 1.5+ years and she was hacked for no obvious reason.
I spent several hours researching her system, my network configuration and monitored ALL network traffic in and out of her system to detect any rogue connections -- if there was ANY keylogger on her system, I would have seen the suspicious BEHAVIOR simply by the fact that I can watch any and all network connections whenever they happen and to where both in her system and through my router.
I gaurantee that her system is clean of any sort of spying software. The only thing she uses the computer for is to play maple, check her email, and write school papers. Everything else she's too paranoid to check out because she thinks she'll get hacked (not to mention I have a fairly oppressive blacklist hosts files of ips and domains blocking a huge amount of questionable material). I do random security MANUAL audits on my systems and network without the aid of anti virus and anti-malware because simply put, I don't need them... I know enough about windows to know what's wrong and when to fix it.
If this isn't enough to convince you this isn't a keylogger, how about this -- I myself have used her computer to log in and play maple on several accounts.. almost all of them have substantially more gear, money, and loot that would be more useful -- and some that have quite a bit less (fame mules, etc). If her system was keylogged, why was her account the ONLY one to get nailed?
As a last resort, I used one of my linux systems to change all our passwords on all our accounts since her incident. If any of my accounts are hijacked I will know 100% for fact that it is neither my systems nor my network connection giving away my account information.
Some tools you guys might be interested to check your own systems:
Cain and Abel (packet sniffer)
Process explorer (mandatory)
Check your router logs
netstat -ano
Those are pretty standard tools to use to figure out if your system is compromised. Watching your router (or any system outside a suspected compromised system) will give you insight if the system in question is completely borked -- ie, hacks have replaced critical files and reporting bogus information.
Hope this helps, I'm completely unconvinced this was the work of any keylogger and again, we do NOT share our account information -- not even with each other.
I spent several hours researching her system, my network configuration and monitored ALL network traffic in and out of her system to detect any rogue connections -- if there was ANY keylogger on her system, I would have seen the suspicious BEHAVIOR simply by the fact that I can watch any and all network connections whenever they happen and to where both in her system and through my router.
I gaurantee that her system is clean of any sort of spying software. The only thing she uses the computer for is to play maple, check her email, and write school papers. Everything else she's too paranoid to check out because she thinks she'll get hacked (not to mention I have a fairly oppressive blacklist hosts files of ips and domains blocking a huge amount of questionable material). I do random security MANUAL audits on my systems and network without the aid of anti virus and anti-malware because simply put, I don't need them... I know enough about windows to know what's wrong and when to fix it.
If this isn't enough to convince you this isn't a keylogger, how about this -- I myself have used her computer to log in and play maple on several accounts.. almost all of them have substantially more gear, money, and loot that would be more useful -- and some that have quite a bit less (fame mules, etc). If her system was keylogged, why was her account the ONLY one to get nailed?
As a last resort, I used one of my linux systems to change all our passwords on all our accounts since her incident. If any of my accounts are hijacked I will know 100% for fact that it is neither my systems nor my network connection giving away my account information.
Some tools you guys might be interested to check your own systems:
Cain and Abel (packet sniffer)
Process explorer (mandatory)
Check your router logs
netstat -ano
Those are pretty standard tools to use to figure out if your system is compromised. Watching your router (or any system outside a suspected compromised system) will give you insight if the system in question is completely borked -- ie, hacks have replaced critical files and reporting bogus information.
Hope this helps, I'm completely unconvinced this was the work of any keylogger and again, we do NOT share our account information -- not even with each other.

