|
Warpe
|
04-16-2008, 08:55 PM
Post subject: ***Poker Tracker IDE POSSIBLE KEYLOGGER ALERT***
|
#1 (permalink)
|
|
Moderator
Join Date: Sep 2005
Location: Canuckistan
Posts: 3,905
|
|
We have reason to suspect that a piece of software known as Poker Tracker IDE may contain a keylogger or other malicious software that is being used to steal passwords to poker accounts. We don't know this for sure but players are advised to NOT download and install this software under any circumstances.
Also, many players have reported being contacted individually on MSN by someone trying to get them to install the software. DO NOT GIVE THIS PERSON ANY INFORMATION WHATSOEVER ABOUT YOUR POKER ACCOUNTS!
Related links here:
http://www.flopturnriver.com/phpBB2/...21.html#650687
http://www.flopturnriver.com/phpBB2/...60.html#675287
Be careful out there, people.
|
|
|
Play for FREE and practice your game at...
Join the FTR Poker Forum to disable these banners and start posting!
|
|
Warpe
|
|
Moderator
Join Date: Sep 2005
Location: Canuckistan
Posts: 3,905
|
|
Also posted on 2+2
http://forumserver.twoplustwo.com/sh...d.php?t=181440
and pocketfives
http://www.pocketfives.com/poker-for...02A00_-2795816
|
|
|
|
mrhappy333
|
|
Full House
Join Date: Jan 2006
Location: Hartford, CT
Posts: 1,078
|
|
didnt read yet, But is this only with new PTs or even existing ones?
|
|
3 3 3 I'm only half evil.
|
|
JL
|
|
Full House
Join Date: Jan 2006
Posts: 1,095
|
|
Quote:
|
Originally Posted by mrhappy333
didnt read yet, But is this only with new PTs or even existing ones?
|
This has nothing to do with PT at all. It's a scam software called pokertracker IDE.
|
|
|
|
poker_pup
|
|
Straight
Join Date: Apr 2007
Posts: 130
|
|
Thanks for the warning.
|
|
|
|
meeloche
|
|
Join Date: Feb 2007
Posts: 2,131
|
|
http://www.flopturnriver.com/phpBB2/...hh-t69760.html
In case nobody thinks it can actually happen...
|
|
|
|
Jack Sawyer
|
|
4-of-a-Kind
Join Date: Jan 2007
Location: Old School
Posts: 2,535
|
|
Do not even visit their website for now, as we are not sure how they infect the pc
It may use something about the buffer to infect the browser, and thus the pc. Do not visit the website (or at least not on your main pc. do it in a separate virtual machine or something if you wish)
|
My dream... is to fly... over the rainbow... so high...
Quote:
|
VHS is like a book and a book is like a stack of kindles.
|
Hey, I'm in a movie!
http://youtu.be/lGdnIrRKDTI
|
|
badgers
|
|
4-of-a-Kind
Join Date: Feb 2007
Location: Spewing
Posts: 3,372
|
|
Quote:
|
Originally Posted by Jack Sawyer
Do not even visit their website for now, as we are not sure how they infect the pc
It may use something about the buffer to infect the browser, and thus the pc. Do not visit the website (or at least not on your main pc. do it in a separate virtual machine or something if you wish)
|
Yeah exactly can someone block out all the links?
|
3k post - Return of the blog!
|
|
Halv
|
|
pro crastinator
4-of-a-Kind
Join Date: Aug 2005
Location: No hindsight for the blind.
Posts: 1,842
|
|
Quote:
|
Originally Posted by badgers
Quote:
|
Originally Posted by Jack Sawyer
Do not even visit their website for now, as we are not sure how they infect the pc
It may use something about the buffer to infect the browser, and thus the pc. Do not visit the website (or at least not on your main pc. do it in a separate virtual machine or something if you wish)
|
Yeah exactly can someone block out all the links? |
The links in this thread are auto-generated and lead to the real PT website (note how every time someone writes Poker Tracker a link is generated). I went ahead and edited out the links in the referred threads.
I visited the site back in february when the original thread surfaced (but didn't download/install anything), how worried should I be? Using Opera, AVG, ZoneAlarm, Snoopfree.
|
|
|
|
Warpe
|
|
Moderator
Join Date: Sep 2005
Location: Canuckistan
Posts: 3,905
|
|
From the sound of things you have to download the installer, so just visiting the site is not so bad. We don't know this for sure but it all adds up.
|
|
|
|
badgers
|
|
4-of-a-Kind
Join Date: Feb 2007
Location: Spewing
Posts: 3,372
|
|
Halv there's wtill a link in page 1 of wtf ahhhhhhhhhhhhhh. I don't know how worried you should be I'm sure you're far more computer savvy than me so idk.
|
3k post - Return of the blog!
|
|
Halv
|
|
pro crastinator
4-of-a-Kind
Join Date: Aug 2005
Location: No hindsight for the blind.
Posts: 1,842
|
|
Woops, seems like I only cleaned up one of the threads, sorry. I've gone through the wtfaah thread now.
I'm running nightly scans with avg, spybot, adaware and crap cleaner, nothing has come up. I'd be a little surprised if you could get infected just by visiting the site, but I'm still gonna go the paranoid route and change all my passwords from a clean computer today. I change them all once a month anyway, now seems like a good time as any. If I was gonna go totally paranoid I would reformat, but I don't think that's called for with the information at hand.
|
|
|
|
will641
|
|
4-of-a-Kind
Join Date: Aug 2007
Location: getting my swell on
Posts: 1,610
|
|
i just dont get it. im running system suite for spyware and virus', and it says nothing is detected.
|
|
Cash Rules Everything Around Me.
|
|
jyms
|
|
Tilting Mod
Join Date: Feb 2006
Posts: 4,836
|
|
try posting your task manager processes, maybe someone can spot something running that shouldn't be
|
|
|
|
Warpe
|
|
Moderator
Join Date: Sep 2005
Location: Canuckistan
Posts: 3,905
|
|
Quote:
|
Originally Posted by will641
i just dont get it. im running system suite for spyware and virus', and it says nothing is detected.
|
Keyloggers work at the root so won't necessarily be detected. For all we know, they could've accessed the data while they delayed you online with that "Problem with promotional code" message.
The fact that your e-mail isn't working now is defintely a concern. Just wipe the fucker, though someone more tech savvy should tell you how.
|
|
|
|
will641
|
|
4-of-a-Kind
Join Date: Aug 2007
Location: getting my swell on
Posts: 1,610
|
|
Quote:
|
Originally Posted by Trainer_jyms
try posting your task manager processes, maybe someone can spot something running that shouldn't be
|
here is everything that is by me. i.e. not system programs
|
|
Cash Rules Everything Around Me.
|
|
Warpe
|
|
Moderator
Join Date: Sep 2005
Location: Canuckistan
Posts: 3,905
|
|
Download and run this:
http://free.grisoft.com/doc/download-free-anti-rootkit/
but srsly, I'd wipe it
|
|
|
|
Halv
|
|
pro crastinator
4-of-a-Kind
Join Date: Aug 2005
Location: No hindsight for the blind.
Posts: 1,842
|
|
Get snoopfree as well. It'll tell you anything that tries to hook the keyboard and/or scrape the screen. http://www.download.com/SnoopFree-Pr...html?tag=lst-1
I would also look into HijackThis.
I'm with warpe tho - reformat the HD and reinstall windows.
|
|
|
|
jyms
|
|
Tilting Mod
Join Date: Feb 2006
Posts: 4,836
|
|
I just ran that and found a keyhook in UltraMon. Does anyone know why this program needs it?
|
|
|
|
Halv
|
|
pro crastinator
4-of-a-Kind
Join Date: Aug 2005
Location: No hindsight for the blind.
Posts: 1,842
|
|
Typically a keyboard hook is related to a hotkey in the program. Ie "press ctrl+space to do this and that", that'll require a keyboard hook. Some applications require it for general text input, for example PartyPoker hooks the keyboard to use with the chat box (however typing bets works fine when blocked).
You'll also see programs taking screenshots when you access drop-down menus alot, I have no idea why they do it though. I typically just deny everything, then if there's a problem with using the program I'll manually allow it (if I've decided to trust the program).
|
|
|
|
Halv
|
|
pro crastinator
4-of-a-Kind
Join Date: Aug 2005
Location: No hindsight for the blind.
Posts: 1,842
|
|
will, check out usnsvc.exe
http://www.file.net/process/usnsvc.exe.html
|
|
|
|
jyms
|
|
Tilting Mod
Join Date: Feb 2006
Posts: 4,836
|
|
and stop using MSN and AIM. Get Trillian. One program and not a microsoft product
|
|
|
|
Warpe
|
|
Moderator
Join Date: Sep 2005
Location: Canuckistan
Posts: 3,905
|
|
woot! triple post!
new Computer Security Primer post in Tools. I love the internetz...
http://www.flopturnriver.com/phpBB2/...er-t69797.html
|
|
|
English
Deutsch
Español
Français
Italiano
Nederlands
Pусский
Svenska
05-26-2012, 03:08 PM Australia Legalized Online Poker coming up in next 6 to 12 Months
Linear Mode
