Discussion Topic |
|
This thread has been locked |
Messages 1 - 55 of total 55 in this topic |
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Original Post - Dec 27, 2012 - 02:26pm PT
|
Not sure how it happened but it did. I am not sending links to anyone so beware. Sorry for the inconvenience!
Death to those f*#king hackers!
|
|
donini
Trad climber
Ouray, Colorado
|
|
Dec 27, 2012 - 02:31pm PT
|
Just got one.....deleted.
|
|
Jingy
climber
Somewhere out there
|
|
Dec 27, 2012 - 02:40pm PT
|
window?
|
|
10b4me
Boulder climber
Somewhere on 395
|
|
Dec 27, 2012 - 02:43pm PT
|
Death to those f*#king hackers!
by which method?
|
|
zip
Trad climber
pacific beach, ca
|
|
Dec 27, 2012 - 02:58pm PT
|
Yep, got your e mail.
So you can't get me a deal on Viagra?
|
|
survival
Big Wall climber
Terrapin Station
|
|
Dec 27, 2012 - 03:02pm PT
|
Fuk, I clicked it without thinking.
It was blocked as a trojan horse. Thank gawd for avast.
Hope there's no more to it......
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 03:05pm PT
|
So, I have avast. I didn't click on anything that would give this to me.
I have windows XP. Before you go all apple on me, it is a university issued machine.
How does this happen?
And for hackers - death by AR-15 of course!!
Do I need to do anything other than change passwords? Any advice is welcome.
|
|
John M
climber
|
|
Dec 27, 2012 - 03:08pm PT
|
So does this mean that you aren't leaving brassnuts and coming to california to be my slave girl?
Dang!!#$@@!
Damn those rat bastard hackers. I even took a bath.
|
|
GhoulweJ
Trad climber
El Dorado Hills, CA
|
|
Dec 27, 2012 - 03:09pm PT
|
Feeling left out :(
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 03:12pm PT
|
Maybe I managed to stop it before it got to GhoulweJ.
I hope I stopped it. Scared to touch anything on this dang machine now.
|
|
Ghost
climber
A long way from where I started
|
|
Dec 27, 2012 - 03:41pm PT
|
I feel so left out...
|
|
philo
Trad climber
Is that light the end of the tunnel or a train?
|
|
Dec 27, 2012 - 03:49pm PT
|
Hackers don't deserve death by boobies.
|
|
zBrown
Ice climber
chingadero de chula vista
|
|
Dec 27, 2012 - 03:55pm PT
|
Ahem, are you using protection?
That's a good place to start.
|
|
zBrown
Ice climber
chingadero de chula vista
|
|
Dec 27, 2012 - 03:56pm PT
|
Have you noticed any symptoms that you can elaborate on?
|
|
zBrown
Ice climber
chingadero de chula vista
|
|
Dec 27, 2012 - 04:00pm PT
|
OK now for some remediation. Though it is advised by some not to run this unless instructed to by an expert, I would download and run ComboFix.
Do not download it from anyone other than bleepingcomputer and follow the instructions carefully. It can take a while and it can require multiple runs.
Did I say it's free?
This is what eradicated the ugly rootkit mentioned above but it does a nice cleanup job in toto (not the dog).
http://www.bleepingcomputer.com/download/combofix/
|
|
zBrown
Ice climber
chingadero de chula vista
|
|
Dec 27, 2012 - 04:13pm PT
|
email hacking, as far as I've read, is usually fairly benign. I've opened a few, but I usually delete them without opening. The ones I've seen are easily identified by having an improbable linkup between the sender and the topic.
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 04:16pm PT
|
My machine has malwarebytes and hitman pro. Wrong in earlier stmt about avast. Running malwarebytes in safe mode right now. Maybe my machine is not compromised and only email and facebook were. I do not use the same password on email and other places. Just Wonder how this happens.
Does this just sometimes happen? Or did I likely do something to allow it?
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 04:16pm PT
|
Also never saw a weird link. Not sure where it came from.
My keyboard has been a bit possessed but I thought I just needed a new one. I go thru them pretty regularly.
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 04:19pm PT
|
Thanks for the suggestions. Will see what I can do...
|
|
10b4me
Boulder climber
Somewhere on 395
|
|
Dec 27, 2012 - 04:24pm PT
|
Does this just sometimes happen?
that's been my experience. just change your passwords for email, and fb.
|
|
Karl Baba
Trad climber
Yosemite, Ca
|
|
Dec 27, 2012 - 04:27pm PT
|
My Yahoo and then Skype got hacked very recently and I'm an apple guy who'se usually cognizant of what not to click
Send blank emails out to a bunch of people on my behalf and talked to Taiwan using up my skype credit
Could have been worse and hope it doesn't get worse
peace
karl
|
|
zBrown
Ice climber
chingadero de chula vista
|
|
Dec 27, 2012 - 04:28pm PT
|
photos, games, sites streaming music or video, the dread porn, anything that's sending something to your machine
i've used malwarebytes before it's good
GMER is good too
|
|
Ksolem
Trad climber
Monrovia, California
|
|
Dec 27, 2012 - 04:38pm PT
|
Thanks for the heads up Crimp! FWIW I got an email from you with a link at 11:12am PCT, so whoever it is was still at it then...
Cheers.
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 04:44pm PT
|
Hack. Still hearing from those who are getting emails. Guess I can't stop that. Doh.
Just last night I signed up for instant view on Netflix and listened to Pandora radio for the first time this week. Bad ideas?
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 04:50pm PT
|
One thing I do is work with my emails logged in and open. Sounds like that is a bad idea, no?
|
|
murcy
Gym climber
sanfrancisco
|
|
Dec 27, 2012 - 04:58pm PT
|
It's very possibly nothing you did. Your return address might have been found among a friend's contacts, and the virus is spoofing emails "from" you.
|
|
SteveW
Trad climber
The state of confusion
|
|
Dec 27, 2012 - 05:09pm PT
|
Callie
I use avast on my Microsoft 7 computer. Never had any problems with
being hacked or infected since I've had it. But I'm no longer on FB,
and don't get netflix. . .
I hope you get it fixed without too much pain!
|
|
bvb
Social climber
flagstaff arizona
|
|
Dec 27, 2012 - 05:12pm PT
|
How come nobody ever hacks me? What, am I chopped liver?
|
|
Reilly
Mountain climber
The Other Monrovia- CA
|
|
Dec 27, 2012 - 05:19pm PT
|
So people will do anything to generate some email.
I didn't see any parrots in mine so I tweeted it to a flight into the nether.
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 05:58pm PT
|
I think it clearly originated from my machine as I got a zillion 'out of office' replies and tons of 'failure to deliver' (old email addresses I guess).
Ran the root kit thingy and malwarebytes and all came up clean. What a pain.
|
|
kunlun_shan
Mountain climber
SF, CA
|
|
Dec 27, 2012 - 06:03pm PT
|
How come nobody ever hacks me? What, am I chopped liver?
Just sent you a pm bvb, click on the link.
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 06:13pm PT
|
I knew you wouldn't email me on purpose =)
Boo on that Burchey. I definitely don't feel that way at all. For the record, there is only one person in all my years here on the taco that I would never communicate with. That certainly is not you!
Interesting though that you got it - I assumed it lifted addresses from gmail (which I know it did) but maybe it got them through the taco too? A mystery.
|
|
Mighty Hiker
climber
Vancouver, B.C.
|
|
Dec 27, 2012 - 06:17pm PT
|
I blame the parrots, but Pente was probably the mastermind.
Anyway, about our date on Saturday night...
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 27, 2012 - 06:26pm PT
|
My angel parrots were all napping. Pente on the other hand... Unlike birds, cats are post-fall creatures you know.
Haha!
|
|
hobo_dan
Social climber
Minnesota
|
|
Dec 27, 2012 - 08:49pm PT
|
I also received a hacked email from lynne leicthfuss. I clicked it and then deleted it--It then proceeded to send out random emails from me to others. They used the title RE: Hey (your name here). So this might be a supertopo thing. This was about a week ago and I have not had any more replies
|
|
froodish
Social climber
Portland, Oregon
|
|
Dec 27, 2012 - 10:41pm PT
|
XP? Good lord. 11 years old now - only 15 months until MS end-of-lifes it. I hope at least it's got service pack 3 on it.
Tell the uni IT department to give you a Win7 boxxen.
Oh, and Riley, why are you giving the spammers free column space? Remove that crap.
|
|
zBrown
Ice climber
chingadero de chula vista
|
|
Dec 27, 2012 - 10:44pm PT
|
OK now for some remediation. Though it is advised by some not to run this unless instructed to by an expert, I would download and run ComboFix.
Run ComboFix and run it.
http://combofix.net/
Got yer expert instruction now Crimpie. Damn! those Brauns think alike.
just saw this, very likely you're OK (Well certainly more than OK, IMO)
Ran the root kit thingy and malwarebytes and all came up clean. What a pain.
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 28, 2012 - 01:52am PT
|
Thanks Werner and others - combofix in the morning it is!
|
|
Patrick Sawyer
climber
Originally California now Ireland
|
|
Dec 28, 2012 - 02:49am PT
|
Yeah Karl, with the increasing popularity of Apple products, the scumbags will start targeting them more.
What's a good protection for a Mac? No jokes please.
|
|
matisse
climber
|
|
Dec 28, 2012 - 02:51am PT
|
I got one too. I feel special.
|
|
froodish
Social climber
Portland, Oregon
|
|
Dec 28, 2012 - 04:18am PT
|
Yeah Karl, with the increasing popularity of Apple products, the scumbags will start targeting them more.
What's a good protection for a Mac? No jokes please.
There was a good thread on this over at TidBITS recently:
http://talk.tidbits.com/Anti-Virus-Comparison-Test-td4657102.html
But honestly, I haven't run A/V software on a Mac since the days of John Norstad's Disinfectant.
Keep your Mac system software and browsers up to date, don't install Flash (use Google Chrome's built in Flash if you really need to view one of the dwindling Flash sites) or Acrobat, disable Java in your browser and don't 2-click suspicious files. That'll pretty much take care of things.
|
|
murcy
Gym climber
sanfrancisco
|
|
Dec 28, 2012 - 06:39am PT
|
I think it clearly originated from my machine as I got a zillion 'out of office' replies and tons of 'failure to deliver' (old email addresses I guess).
You get replies, which only means that the "From:", "Return path:" and/or "Reply to:" email addresses are yours, which is exactly happens with spoofing. A better test is whether some of those replies come from email addresses you don't recognize.
http://en.wikipedia.org/wiki/Email_spoofing
The basic idea of short emails with a link to the virus is the strategy of the old "Netsky" worm, which used spoofing. So anyway, if the scans come up clean, you may actually be clean.
|
|
SteveW
Trad climber
The state of confusion
|
|
Dec 28, 2012 - 09:45am PT
|
Hey Timid--I'm in jail in Nigeria and they're askin' for $500 bail!!!!
hee hee hee. . .
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 28, 2012 - 10:07am PT
|
Interesting Murcy. There were addresses I did not recognize. And there were many that are not in my address book but are places I sent a single email to...sometimes a year or more ago. Bizarre. Wonder if I can figure out more looking at all the returned emails I got.
|
|
zBrown
Ice climber
chingadero de chula vista
|
|
Dec 28, 2012 - 12:04pm PT
|
Graphically speaking, the idea is to keep all the bad stuff, portrayed here by Tinkerbell, from entering your private domain.
|
|
froodish
Social climber
Portland, Oregon
|
|
Dec 28, 2012 - 12:32pm PT
|
^^ Oh those Disney animators ;-)
As others noted email is easily spoofed but if you have a copy with the complete headers SpamCop is pretty good about determining the actual source:
http://spamcop.net
Was it a web mail account?
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 28, 2012 - 01:43pm PT
|
gmail account. I assume that is a webmail account??
|
|
Jingy
climber
Somewhere out there
|
|
Dec 28, 2012 - 02:47pm PT
|
I got ther email...
Completely forgot this post and only remembered after clicking....
No harm no foul
Similar thing happened a week or so ago with Lynne.
|
|
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
Topic Author's Reply - Dec 28, 2012 - 03:29pm PT
|
Thanks QITNL. Looks like I've done most of that. Still, I'd not seen these pages - they are really useful!
|
|
Karl Baba
Trad climber
Yosemite, Ca
|
|
Dec 28, 2012 - 05:12pm PT
|
Yeah Karl, with the increasing popularity of Apple products, the scumbags will start targeting them more.
I don't think it's a apple virus or anything. If they can get you to sign a phoney page that looks real, they get your info without regard to OS. Or they can just attack your account without involving your computer at all, or steal your info from a server that's not properly protected
Peace
karl
|
|
Lynne Leichtfuss
Sport climber
moving thru
|
|
Dec 29, 2012 - 12:52am PT
|
Sorry Jingy et al. I answered an email from a close friend. Turned out to be a false one. How can hackers know so much?
Anyway, when I answered I got slammed....then everyone on my email address list got slammed too. Again, sorry. Lynne
|
|
Messages 1 - 55 of total 55 in this topic |
|
SuperTopo on the Web
|