-
April 6th, 2006, 06:44 PM
#1
Junior Member
Windows Loginpassword shown
Hello guys, I have a very strange problem. Instead of hiding my login password with bullets, my Windows XP shows it in plain vanilla text during login. I tried the Process Explorer from SysInternals and the Rootkit revealer, none of them shows anything obvious.
I've also rebooted my PC, the problem persists. Any ideas? I don't know what I should google for...
-
April 6th, 2006, 06:54 PM
#2
What is your patching state like?
Do you have an up-to-date AV running? How about sypware...have you gone through the steps to see what might be installed?
I've not heard of this, and a google search for "Windows XP Not Masking Passwords" brings up a lot that isn't nearly filtered enough, yet.
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
-
April 6th, 2006, 06:56 PM
#3
Is this XP Pro or Home
Are you in a home evironment or work???
MLF
Edit> looks like its related to some password recovery tool....sound familar???
How people treat you is their karma- how you react is yours-Wayne Dyer
-
April 6th, 2006, 07:10 PM
#4
Junior Member
Hi Folks, thanks for your replies! I'm running Windows XP Pro and don't have a virus scanner running. I used to run Norton Antivirus but it kept slowing down my system to a crawl... Can you recommend one? I've tried Spybot Search & Destroy 1.4 with the most current updates, it only found tracking cookies from HitsLink and WebTrends live.
I have Service Pack 2 installed and cannot remember having installed some kind of password recovery tool lately...
-
April 6th, 2006, 07:20 PM
#5
Howdy.
Are you using the default login screen, the blue one that says welcome?
If so then you've been hit with a trojan that puts up a fake welcome screen thus your password is seen in plain text, and then stored. Once you connect to the internet it sends your credentials via email.
cheers
f2B
-
April 6th, 2006, 07:26 PM
#6
Junior Member
Could be. Any ideas where I could find it? And how to get rid of it? Does it have a name, so I could research a bit about it?
-
April 6th, 2006, 07:33 PM
#7
Greeting's
The most important thing here is to know if you system is patched. It doesnt matter if you have an anti-virus or firewall you system can still be hacked into if you dont patch it. Go to windows update and update it now. ONLY HAVING SERVICE PACK 2 WILL NOT HELP PROTECT YOUR SYSTEM
Second thing if your system is patched, then do you use admin account to surf the net ? If yes, then its bad. you must never use the administrator account, if you must then use it with DropMyRights
Get more information here :
http://msdn.microsoft.com/security/s...re11152004.asp
http://msdn.microsoft.com/security/s...re01182005.asp
Anyway get an online scan done at housecall or even at microsoft. Remember to disable system restore before you do this.
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
April 6th, 2006, 07:40 PM
#8
Well I guess it depends on your hardware...such as memory cpu harddrive speed and conflicts with other apps on how an av would affect your system
Maybe someone else has installed a password recovery tool amongst other things on your system..
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
April 6th, 2006, 08:59 PM
#9
The most important thing here is to know if you system is patched. It doesnt matter if you have an anti-virus or firewall you system can still be hacked into if you dont patch it. Go to windows update and update it now. ONLY HAVING SERVICE PACK 2 WILL NOT HELP PROTECT YOUR SYSTEM
Strong local security policies can prevent this type of occurence, with or without patches.
-
April 6th, 2006, 10:41 PM
#10
Strong local security policies can prevent this type of occurence, with or without patches.
I'm not trying to start a fight here because you are correct... But... How many times, in how many threads, are you going to use _exactly_ the same sentence without expanding on it sufficiently to be of use? It's beginning to get tiring on these old eyes....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|