What do I do? D:

Scan your computer as soon as possible then change your Habbo passwords etc.

Scan your computer as soon as possible then change your Habbo passwords etc.

It's undetectable... and apparently it's IP-keylogged or something

:S
when did you realise you'd been keylogged?

Reboot your system but make sure you save anything you need like cvs schoolwork on a usb and just reboot it. Will wipe it off

:S
when did you realise you'd been keylogged?

When he stalked me, shouted my pass out in the room, and then he told me... lol. He says pay him a t for my own keylogging site and to remove it... He'd probably lying anyway. Storing all on a friends account

Post in http://habboxforum.com/forumdisplay.php?f=134

you will get a much better response from tech guys..

Reboot your system but make sure you save anything you need like cvs schoolwork on a usb and just reboot it. Will wipe it off

Apparently he's keylogged my IP

Dont type any passwords with your keyboard, use the onscreen keyboard

Apparently he's keylogged my IP

Somehow i doubt that, What people say and do is two seperate things.

Dont type any passwords with your keyboard, use the onscreen keyboard

He said that dont work


Somehow i doubt that, What people say and do is two seperate things.

Hmm, i've asked him if he knows my brothers pass, he's not answering.. lol

He said that dont work



Hmm, i've asked him if he knows my brothers pass, he's not answering.. lol

Typing passwords with onscreen does work unless hes got you with something that takes screenshots, Although i doubt he would of set it to every 1 second otherwise it would be spamming up his ftp / email.

That being said your relatively safe to use on-screen.

Typing passwords with onscreen does work unless hes got you with something that takes screenshots, Although i doubt he would of set it to every 1 second otherwise it would be spamming up his ftp / email.

That being said your relatively safe to use on-screen.

ill try, using a friend to store 1t 58hcs, duno if i can trust her, but owell..

I'm loling

Edited by Mr-Trainor (Forum Moderator): Please do not post pointlessly, thanks!

sounds like he's just trying to scare you. xfer ur ferniz onto a diff account using on screen keyboard and tell him to hump a stump........

I'm loling

Hmm, I get why...


sounds like he's just trying to scare you. xfer ur ferniz onto a diff account using on screen keyboard and tell him to hump a stump........

I liek the idea of the last bit :) Already doing first bit too.

Don't give your furniture to this person if you don't trust her. Change your password using the OS-keyboard and wait for someone else you can trust :P

And yea the OS-keyboard should be safe :)

Don't give your furniture to this person if you don't trust her. Change your password using the OS-keyboard and wait for someone else you can trust :P

And yea the OS-keyboard should be safe :)

Thanks, I've trusted her with 64hc before... I've traded it now, so owell... lol.

Oh if shes been trusted with 64hc before then it should be ok :P hope it all turns out ok :)

Oh if shes been trusted with 64hc before then it should be ok :P hope it all turns out ok :)

Me too, :) I reckon he's been threatening me with the ip-keylogs and the OS-Keyboard not working. We'll have to wait and see I suppose...

Did they shout out your actual password? I don't see why they wouldn't just go straight on your account (especially after you declined their bribe). Anyway, do you remember trying to download anything or going on any unusual websites recently?


When he stalked me, shouted my pass out in the room, and then he told me... lol. He says pay him a t for my own keylogging site and to remove it... He'd probably lying anyway. Storing all on a friends account

Even people you think are your friends can scam you. You would have been better off storing your stuff on your clone.


Dont type any passwords with your keyboard, use the onscreen keyboard

This is good advice. To find it (on Vista) go to; Start / All Programs / Accessories / Ease of Access / On-Screen Keyboard

In the meantime, if your anti-virus scanner can't find anything, try downloading one called McAfee (free trial here (http://home.mcafee.com/Store/FreeTrial.aspx) although I'm sure there's a full free version elsewhere). I was advised to use this when I thought I had a key-logger once.

He said that dont work


Why are you putting your faith in someone who's already went out of their way to hack you?
Anyway sounds like he's got you convinced when there's no threat at all. You say he shouted your password but then blackmails you in attempt to get a T out of you? If the first was true, why wouldn't he just take it for himself?

Anyway, practical solutions. Turn off trading for a start and if you're convinced that you are keylogged just get yourself banned (easy way is to post a random string of numbers in a GB and call it a phone number, then report it. That's a 30 day ban). Also get some antivirus software. :rolleyes:

Depending on the keylogger it might show up with ALT + CRTL + SHIFT + G all at the same time thats with most pre built ones, however if hes made it himself then press CRTL + ALT + DELETE and screen shot the processes section of the window that will open and post here and ill tell you which one it could be a simple end process will kill it intil reboot, however once you know the name then it wont be hard to remove it.

If hes hidden it from the processes menu and it doesnt fit into the cat above then a better AV might be needed what anti-virus are you currently using and operating system?

As for IP logged there's no such thing, hes storing your keystrokers via a FTP or email depending on the set up, it all of the above fails then scan your PC using a packetsniffer and it will tell you all outgoing connections and where to once you've determinded the IP its sending it to then you can choose to block all connections to it or even go further into finding the FTP/email username and login and taking it over and changing so he cant access.

Software
http://www.etherdetect.com/

Did they shout out your actual password? I don't see why they wouldn't just go straight on your account (especially after you declined their bribe). Anyway, do you remember trying to download anything or going on any unusual websites recently?



Even people you think are your friends can scam you. You would have been better off storing your stuff on your clone.



This is good advice. To find it (on Vista) go to; Start / All Programs / Accessories / Ease of Access / On-Screen Keyboard

In the meantime, if your anti-virus scanner can't find anything, try downloading one called McAfee (free trial here (http://home.mcafee.com/Store/FreeTrial.aspx) although I'm sure there's a full free version elsewhere). I was advised to use this when I thought I had a key-logger once.

I am alreadu using McAfee full version. Also using OS Keyboard.And I trust my friend enough.


Why are you putting your faith in someone who's already went out of their way to hack you?
Anyway sounds like he's got you convinced when there's no threat at all. You say he shouted your password but then blackmails you in attempt to get a T out of you? If the first was true, why wouldn't he just take it for himself?

Anyway, practical solutions. Turn off trading for a start and if you're convinced that you are keylogged just get yourself banned (easy way is to post a random string of numbers in a GB and call it a phone number, then report it. That's a 30 day ban). Also get some antivirus software. :rolleyes:

I changed pass on another PC + turned off trade pass, thats why he dint take the T


Depending on the keylogger it might show up with ALT + CRTL + SHIFT + G all at the same time thats with most pre built ones, however if hes made it himself then press CRTL + ALT + DELETE and screen shot the processes section of the window that will open and post here and ill tell you which one it could be a simple end process will kill it intil reboot, however once you know the name then it wont be hard to remove it.

If hes hidden it from the processes menu and it doesnt fit into the cat above then a better AV might be needed what anti-virus are you currently using and operating system?

As for IP logged there's no such thing, hes storing your keystrokers via a FTP or email depending on the set up, it all of the above fails then scan your PC using a packetsniffer and it will tell you all outgoing connections and where to once you've determinded the IP its sending it to then you can choose to block all connections to it or even go further into finding the FTP/email username and login and taking it over and changing so he cant access.

Software
http://www.etherdetect.com/

Thanks for the detail, using McAfee atm.

McAfee isnt the best in all fairness i would opt for something like ESET even though you might have to pay for it.

Depending on the persons actually knowledge of cryptography and the ability then it might appear undected to most AV's for a while intil a update of the AV with a new database of virus' to look for etc.

at the most a simple change of AV might actually be better then using McAfee and rescan your harddrive/s. If all then still fails then system restore might be the problem, and also a revision of how you could of been keylogged by backtracking your steps and the files you've accepted in recent times.

if you dont know what cryptography is then read the spoiler
By definition cryptography is the process of converting recognisable data into an encrypted code for transmitting it over a network (either trusted or untrusted). Data is encrypted at the source, i.e. sender's end and decrypted at the destination, i.e. receiver's end.

In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext using different encryption algorithms.


The Purpose :-
* Authentication : The process of proving one's identity.
* Privacy/confidentiality : Ensuring that no one can read the message except the intended receiver.
* Integrity : Assuring the receiver that the received message has not been altered in any way from the original.
* Non-repudiation : A mechanism to prove that the sender really sent this message.

In general cryptographic algorithms are classified into three categories as follows :

1) Secret Key Cryptography (SKC) : Uses a single key for both encryption and decryption.
2) Public Key Cryptography (PKC) : Uses one key for encryption and another for decryption.
3) Hash Functions : Uses a mathematical transformation to irreversibly "encrypt" information.

Secret Key Cryptography :- With secret key cryptography, a single key is used for both encryption and decryption. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.

Secret key cryptography algorithms that are in use today include :

1) Data Encryption Standard (DES) : DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES uses a key of only 56 bits, and thus it is now susceptible to "brute force" attacks.
Triple-DES (3DES) and DESX are the two important variants that strengthen DES.

2) Advanced Encryption Standard (AES ) : The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits.

3 ) International Data Encryption Algorithm (IDEA) : Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally.

4) Rivest Ciphers : Named for Ron Rivest, a series of SKC algorithms.

RC1 : Designed on paper but never implemented.
RC2 : A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268.
RC3 : Found to be breakable during development.
RC4 : A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length.
RC5 : A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040.
RC6 : An improvement over RC5, RC6 was one of the AES Round 2 algorithms.

5) Blowfish : A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from 32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products.

credit to carb0n @ HH

McAfee isnt the best in all fairness i would opt for something like ESET even though you might have to pay for it.

Depending on the persons actually knowledge of cryptography and the ability then it might appear undected to most AV's for a while intil a update of the AV with a new database of virus' to look for etc.

at the most a simple change of AV might actually be better then using McAfee and rescan your harddrive/s. If all then still fails then system restore might be the problem, and also a revision of how you could of been keylogged by backtracking your steps and the files you've accepted in recent times.

if you dont know what cryptography is then read the spoiler
By definition cryptography is the process of converting recognisable data into an encrypted code for transmitting it over a network (either trusted or untrusted). Data is encrypted at the source, i.e. sender's end and decrypted at the destination, i.e. receiver's end.

In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext using different encryption algorithms.


The Purpose :-
* Authentication : The process of proving one's identity.
* Privacy/confidentiality : Ensuring that no one can read the message except the intended receiver.
* Integrity : Assuring the receiver that the received message has not been altered in any way from the original.
* Non-repudiation : A mechanism to prove that the sender really sent this message.

In general cryptographic algorithms are classified into three categories as follows :

1) Secret Key Cryptography (SKC) : Uses a single key for both encryption and decryption.
2) Public Key Cryptography (PKC) : Uses one key for encryption and another for decryption.
3) Hash Functions : Uses a mathematical transformation to irreversibly "encrypt" information.

Secret Key Cryptography :- With secret key cryptography, a single key is used for both encryption and decryption. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.

Secret key cryptography algorithms that are in use today include :

1) Data Encryption Standard (DES) : DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES uses a key of only 56 bits, and thus it is now susceptible to "brute force" attacks.
Triple-DES (3DES) and DESX are the two important variants that strengthen DES.

2) Advanced Encryption Standard (AES ) : The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits.

3 ) International Data Encryption Algorithm (IDEA) : Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally.

4) Rivest Ciphers : Named for Ron Rivest, a series of SKC algorithms.

RC1 : Designed on paper but never implemented.
RC2 : A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268.
RC3 : Found to be breakable during development.
RC4 : A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length.
RC5 : A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040.
RC6 : An improvement over RC5, RC6 was one of the AES Round 2 algorithms.

5) Blowfish : A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from 32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products.

credit to carb0n @ HH





So you recommend I get ESET?

He says he can break my computer from his house? Lol, and he says it's a RAT not a keylogger?

Edited by Nicola (Forum Moderator): Please do not multiple post within the 15 minute edit time.

So you recommend I get ESET?

from my experiance of using it then its the best i've came across however im not promising that it will remove your "keylogger" however i can say its better then McAfee
http://www.eset.co.uk/Products/Antivirus

opt for that one as its cheaper, im sure other people will soon but in this thread and say use AVG, use Kaspersky etc but everyone has there own opinions on what to use but ESET one of the best to spot "incorrect" outgoing connections.

However if its coded out of Visual Basic and sends via an email then its not gonna show up on your Anti Virus software and your gonna have to packetsniff to find the outgoing connection.

from my experiance of using it then its the best i've came across however im not promising that it will remove your "keylogger" however i can say its better then McAfee
http://www.eset.co.uk/Products/Antivirus

opt for that one as its cheaper, im sure other people will soon but in this thread and say use AVG, use Kaspersky etc but everyone has there own opinions on what to use but ESET one of the best to spot "incorrect" outgoing connections.

However if its coded out of Visual Basic and sends via an email then its not gonna show up on your Anti Virus software and your gonna have to packetsniff to find the outgoing connection.

whats a RAT?

Go to an interent cafe, change the pass there. then reboot your system wipe everything off and then come back it should be cleared.

Go to an interent cafe, change the pass there. then reboot your system wipe everything off and then come back it should be cleared.

I've stuck to the on-screen keyboard for now.

If you see any unusual processes, kill them and disable them at startup. Personally I reckon CCleaner is good for disabing startup processes.

theres the old http://www.nerdhelp.com/forums/ they know a hell of a lot but seeing from the replys here the replys u might get on there is pritty much the same really lol

Do you use firefox? theres a hacking tool out that sends the person your stored passwords.. So if you have chosen on firefox for it to remeber your password he might of got it from there.

to keylog you he has to send you a file so hes *REMOVED*







Edited by Bolt660 (Forum Super Moderator): Please do not avoid the filter.

I ould personally use AVG to get rid of this. It always detects any problems I may have - if not try and find what file the keylogger is in (doubt he has keylogged your ip)

He can break your PC from his house, it's a RAT (I guess he means a Remote access trojan) he is keylogging your IP and the OS keyboard won't work. And instead of hacking your account he is asking for a throne.

This is where you laugh at his idiocy, I don't even see the need for you to scan unless you downloaded something from him.

You'll need to clean your computer so there will be no virus's left.

What you can do and is completely fine.

Disconnect all the wires and make sure there is no power going through the modem, then get a basin and fill it with water and then leave your modem soaking in the water for about 20mins works fine for me.

Iv'e tried it and it works for me but don't quote me if you die

You'll need to clean your computer so there will be no virus's left.

What you can do and is completely fine.

Disconnect all the wires and make sure there is no power going through the modem, then get a basin and fill it with water and then leave your modem soaking in the water for about 20mins works fine for me.

Iv'e tried it and it works for me but don't quote me if you die

Not the ideal advice, I don't think, Richie :P He probs hasn't got a modem anyway! :D

As other people have said if you haven't received any mail from the person concerned then it's highly unlikely you have been.

Somehow i doubt that, What people say and do is two seperate things.


to keylog you he has to send you a file so hes *REMOVED*



Edited by Bolt660 (Forum Super Moderator): Please do not avoid the filter.


No, he didn't keylog your IP, he must've injected a keylogger into an open port (which is your fault on your behalf for not protecting/encrypting/closing open ports).

Basiclly, get ESET NOD32, scan everything and it should be gone.

Immediately after do a scan and close all ports, google can help you.. type in "How do I close open ports".

Hope this helps, and p.s some of the posts in this thread are no help to you.

Apparently he's keylogged my IP
Impossible. Cough.

He can break your PC from his house, it's a RAT (I guess he means a Remote access trojan) he is keylogging your IP and the OS keyboard won't work. And instead of hacking your account he is asking for a throne.

This is where you laugh at his idiocy, I don't even see the need for you to scan unless you downloaded something from him.

RAT = Remote Administration Tool, I've still got all my stuff, so I think he's over exaggerating quite a lot...


You'll need to clean your computer so there will be no virus's left.

What you can do and is completely fine.

Disconnect all the wires and make sure there is no power going through the modem, then get a basin and fill it with water and then leave your modem soaking in the water for about 20mins works fine for me.

Iv'e tried it and it works for me but don't quote me if you die

Lol


If you see any unusual processes, kill them and disable them at startup. Personally I reckon CCleaner is good for disabing startup processes.

I've looked through these, it's hard to tell if he's called the process scvhost.exe or something lol.


theres the old http://www.nerdhelp.com/forums/ they know a hell of a lot but seeing from the replys here the replys u might get on there is pritty much the same really lol

ok, thanks lol


Do you use firefox? theres a hacking tool out that sends the person your stored passwords.. So if you have chosen on firefox for it to remeber your password he might of got it from there.

I know that program :P But I think I'm kind of sorted now.


to keylog you he has to send you a file so hes *REMOVED*







Edited by Bolt660 (Forum Super Moderator): Please do not avoid the filter.


I downloaded something from his fake site.. Lol


I ould personally use AVG to get rid of this. It always detects any problems I may have - if not try and find what file the keylogger is in (doubt he has keylogged your ip)

AVG isn't the best option and if it's scantime and runtime FUD then it's pretty pointless...


Not the ideal advice, I don't think, Richie :P He probs hasn't got a modem anyway! :D

As other people have said if you haven't received any mail from the person concerned then it's highly unlikely you have been.

I downloaded his program :P lol


No, he didn't keylog your IP, he must've injected a keylogger into an open port (which is your fault on your behalf for not protecting/encrypting/closing open ports).

Basiclly, get ESET NOD32, scan everything and it should be gone.

Immediately after do a scan and close all ports, google can help you.. type in "How do I close open ports".

Hope this helps, and p.s some of the posts in this thread are no help to you.

I know :P All my ports are closed, except for ones I opened AFTER downloading it for my own... ...purposes.
I were thinking of getting ESET NOD32, my brother has it and it works very well :P, there are some other good ones aswell.


Impossible. Cough.

Lol, I think I've realised :P

Reinstall your OS. You can't be ip banned. Don't transfer any files, they could be infected.

Omg ;[ Sorry to hear it.