Hacked Steam Account

N

Not Bman

Guest
So guess what happened to me, yes that's right, hacked.

I was playing COD4, for about 3 hours or so, finished up the game and got out of it. After I play a game for awhile I check my steam community page where normally you don't have to log in or anything. Well it asks me for my password and all that, I am like wait thats not normal. I close down Steam, and restart it thinking it just needs a refresh. And to my surprise it wont let me in, says password wrong or account does not exist.

WTF, so I search around thinking maybe its a problem with the program, but with no luck at all, and I read and they tell me to post the problem on the steam help forums (not forums, the place for tickets). I made a ticket about it and am waiting for help (taking FOREVER).

Meanwhile someone is screwing up my games and ****. I don't know how they did it, i use crazy codes as passwords. I am so MAD!!!


Anything like this happen to you guys before?
 
N

Not Bman

Guest
That link is what I did. They don't reply right away, I hate that, they should reply the same day, I bet it will be 3 days or more.

How do I check for keyloggers/rootkit? Does Antivirus/spyware programs do that?

I wasen't really asking for a solution lol, I was stating how pissed i am lol But thanks.

EDIT*

right when I posted this, I got a message back giving me a new password saying it was hijacked. Glad it didn't take that long.
 

American Zombie

Moderator
Staff member
Political Access
Joined
23 Jun 2004
Messages
2,964
If you had a good password in the first place then you better figure out how someone got it or your account will get jacked again.
 
N

Not Bman

Guest
That is what I am wondering. I make good passwords, numbers and letters that are totally random. I didn't give it out, nor does anyone know that I even use Steam. I never had password problems before, cause I take care of my system and know what to do with files and all that, we all do here at OSNN.

That's what I don't get. Does AVG Antivirus & Windows Defender look for keyloggers and that type of thing, or what should i get to double check my system?
 
N

Not Bman

Guest
I don't believe my computer has rootkits or anything, I keep very good care. But I ran AVG Anti-Rootkit program and it didn't find anything. Now I am scared.

I guess I will have to see if anything more happens, and then do something extreme about it.
 

j79zlr

Glaanies script monkey
Political Access
Joined
16 Feb 2003
Messages
2,725
Please download Rootkit Revealer (link is at the very bottom of the page)
  • Unzip it to your desktop.
  • Open the rootkitrevealer folder and double-click rootkitrevealer.exe
  • Click the Scan button (bottom right)
  • It may take a while to scan (don't do anything while it's running)
  • When it's done, go up to File > Save. Choose to save it to your desktop.
  • Open rootkitrevealer.txt on your desktop and copy the entire contents and paste them here.
** NOTEBefore performing a scan it is recommended to do the following.

1. Physically unplug the cable from the PC to the internet connection.
2. Close down All Scheduling/Updating + Running Background tasks etc.
3. Launch and run the program.
4. While it is scanning DO NOT use your computer at ALL until the scan has been completed.
5. Save your Log File, and then Enable those things you closed down, or Reboot, and ONLY then Reconnect to the Internet.

This will ensure you have a simpler and clearer log file to analyze.
 
N

Not Bman

Guest
I did the scan and this is the result.

----------------------------------------

HKU\S-1-5-21-790525478-1326574676-725345543-1003\Software\Adobe\MediaBrowser\MRU\illustrator\ApplicationPath 1/3/2008 6:18 PM 91 bytes Data mismatch between Windows API and raw hive data.
HKLM\SECURITY\Policy\Secrets\SAC* 12/30/2007 1:50 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 12/30/2007 1:50 PM 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Classes\Installer\Products\B3D5AC652003B7E409EF70D1F8FD8341\ProductName 12/30/2007 11:46 PM 26 bytes Data mismatch between Windows API and raw hive data.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{56CA5D3B-3002-4E7B-90FE-071D8FDF3814}\DisplayName 12/30/2007 11:46 PM 26 bytes Data mismatch between Windows API and raw hive data.
HKLM\SYSTEM\ControlSet001\Services\d346prt\Cfg\0Jf40 1/30/2008 11:16 PM 0 bytes Hidden from Windows API.
HKLM\SYSTEM\ControlSet001\Services\d346prt\Cfg\0Jf41 1/23/2008 1:38 PM 0 bytes Hidden from Windows API.

-----------------------------------------------------

And this might be unrelated but...AVG Antivirus says these progams are viruses. Is this a mistake, I'd hope so, why is it saying that.
 
Last edited by a moderator:

tdinc

OSNN Veteran Addict
Political Access
Joined
6 Dec 2003
Messages
3,508
AVG seems to be turning up false positives. your safe with both Bman.
 

j79zlr

Glaanies script monkey
Political Access
Joined
16 Feb 2003
Messages
2,725
Yea that rootkit log looks fine. Check if there are any updates for AVG, restore those files from the vault, if they are there, and do another scan.
 
N

Not Bman

Guest
Yea updated AVG (there are always updates lol) and did another scan, seems to be normal again. I guess my computer is fine, and the hacked Steam account was some flook of a chance or something. I will have to pay attention this next little while and see if anything else happens.

Thanks for the help guys!
 

Dark Atheist

OSNN Veteran Addict
Political Access
Joined
8 Apr 2003
Messages
6,376
spybot search and destroy and hijackthis! are good tools to have also
 

rotjong

OSNN Senior Addict
Joined
24 Jan 2004
Messages
573
Dr Web CureIt might turn something up. It's rather handy and self-contained. That truly blows to have something like that happen. :mad:
 
N

Not Bman

Guest
spybot search and destroy and hijackthis! are good tools to have also

Yea I have used Search & Destroy many times, but didn't know it looked for rootkits and things like that. Now that I think of it I guess those are considered spyware lmao!
 

Dark Atheist

OSNN Veteran Addict
Political Access
Joined
8 Apr 2003
Messages
6,376
not too sure it looks for root kits but it will look for key loggers and other such nasties :)
 
N

Not Bman

Guest
Paypal just came to me and said they made my account limited because they think someone was accessing it. Have to change password, and question and get them to contact me to confirm address.

Same deal as Steam, no way anyone can do this. Yet the rootkit tools don't find anything? What can I do..... The only thing I have not ran is Spybot...think it would make a difference..
 

Shamus MacNoob

OSNN Veteran Addict
Political Access
Joined
8 Jan 2002
Messages
4,199
AVG is good for about what 65% of problems? dont think it is much better than that .. I would run every single anti spyware you can find I like Avast for a free anti virus scanner cant hurt to try that ...
 
N

Not Bman

Guest
I ran Spybot and it found stuff

It found Statcounter & WebTrends Live which both say are cookies, so I'd say they aren't bad really. And it came up with Windows related stuff, which should not be showing up anyways.

I ran Windows Defender and it came up with nothing.

I ran Rootkit revealer and well you guys saw that it came up with nothing.

Running AVG Antivirus again, but I doubt it.

Could it be random, and not be a rootkit/keylogger? Or is there another way someone could be doing this?


EDIT

I was reading the reason why they made my account limited and it says they think they MIGHT have been a third party access to the account.

Now earilier today I signed up for an account on gamewallpapers.com and when it brought me to the payment paypal screen it was all in weird german written and all that. The next log in was when I found this out. Could they have thought that company was the unknown third party by accident?
 
Last edited by a moderator:

Members online

No members online now.

Latest forum posts

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,011
Messages
673,478
Members
5,607
Latest member
rohitprabhakar