anyone ever get spyware or a virus thru AOL msgr??

sidriptide

sidriptide

nobody of any consequence
Location
western massachusetts
i think i got one this weekend... i got an IM from a friend who i know thru a club that i havent talked to in a long time on msgr he wasnt in my list but i was apparently in his..
it was a "shaded" msg that said "how do they do THIS" and "THIS" was a link.. i know the name so i clicked it assuming it was a pic or sonething.. my firewall went crazy but my out-dated norton just sat there doing nothing... i may have clicked a prompt window right before the firewall went crazy requesting internet acces for some unknown program....

i knew i was F'd right then.

i ran my spyware programs and it came up with a bunch of cookies and a "known hijacker" program called 180assist... isolated and quarantined it.. restarted the machine and something was trying to access the internet ithout permission.. was trying to go to "MYNBX247.info" but only gave me a blank IE window that said "done" at the bottom left...

again i knew i was F'd then.

next step was a sytem restore to a point a week ago and it remedied the self-starting IE window... thought i might have been out of the woods and just in need of a new anti-virus and some past due maintenance on the machine.

this all started on sunday AM when i got hit and finally did the restore monday night.

today, thursday i go to the bank to get some lunch $$.... it tells me in have insufficient funds..... DOUBLE U TEE EFF!?!?!?
i deposited $400 cash wednesday and am positive i have access to $20 for lunch... ATM says i'm $171 in the red.

?

the customer service agent i sit with shows me a "visa authorization" (visa debit card on the checking account) purchase i made for $596 2 days ago.

?!

he says are you disputing this? HELL YES!

NEWEGG COMPUTERS , Whittier Ca seems to think i made a purchase.. there sure as shit better be a PC in the mail to me if thats the case!

he tells me someone will probably call me in a week or so. but i will get it back.

A WEEK?!

so my check tommorow will be sucked up by my big negative until then.

here's where i am unsure of exactly what happened and when....

the card they used is one i used for an online purchase on tuesday night... THIS IS ALL QUADRATEC'S FAULT!

so did the "hijack" take a snapshot of my harddrive and send it out right away? or maybe have a "keystroke" recorder in here that sent it after i used the card?

i am taking drastic measurs to protect myself but hindsight isnt much help now is it..

am i overdoing it by saying F everything i have in the machine and not try to backup any of it? i have over 1000 pics and documents i really need but i'm not sure how well these things hide themselves and i'll likely get a new hard-drive just for the peice of mind....

how deep do i need to clean house?

i'm a lil hesitant to do this all until i know for sure that the purchase is directly linked to this, and not a mere coinsidence.

:dunno:
 
whenever you are running windows, you are one big red target. Whenever you use internet explorer you are just another bullseye. What happend through you was your friend had a virus and the virus affects AOL instant messenger allowing it to send you messages as if it were from that person. In this case it sent you to a site that has even more exploitive programs integrated within the code. Since you were running internet explorer, they were able to infultrate your computer through known holes in the code.

Most viruses though are hoax viruses. A real key logger or a real or active trojoin are somwhat rare. I would not purchace another hdd because you can reformat *see later on

At this point you have a few options. Probobly the best at this point would be to purchase a program called "spy sweeper" its made by a company named webroot and it is your best option right now. Next would be to run your virus scan only after you update your deffinitions. Also keep it a rule of thumb to update the deffinitions twice as week because those programs are only as good as the signature deffinitions it has to work with.

Another good avenaue to persue would be to switch operating systems. I run Linux myself. Windows, being the most widely used and having the most exploits is the hackers and virus creators choice because they can hit more users with less effort. Programs designed for other operating systems will not work on others. Take the effected operating system out of the equasion and you have also removed the issue. However linux is a bit more difficult to use and it is kind of hard to get the hang of, especially if you arent too particularly technically savvy.

If you dont want to switch (probobly not the best choice) then you can use the reformat and restore option. This will bring everything back to factory defaults and elimitate the program. The threat will be removed but also at the expence of all the data on your machine, all the programs on your machine, and all of the settings on your machine. Use this only if your other options fail you or if you just dont want to deal with it all. Restores can be done via the restore CDs that came with your computer.

What to try. in this order.
1) update the deffinitions of what you have. Antivirus, spyware removers. all of it.
2) run the programs in their scan function. Try to see if it will go without a fight, though most likely not.
3) purchace aditional software if required. Dont go by what the box says. allways ask first. Different programs will work better than others.
4) if all else fails you have the last resort. Restore.


hope this all helped. if you need anymore information i would be glad to reply it. good luck ^_^
 
Interesting, I just had my sacrificial machine get something, my son uses it to surf randomly and I noticed that there was a high resouce usage. Shut it down and rebooted, win2kpro, BLUE SCREEN, no boot sector. Tried everything but could not repair, reinstall, recover or install, fdisk, format with ANY windows stuff, kept telling me that I had a damaged disk and it could not format put a new boot sector on, nothing, wasted 5 hours on it. I figured the disc died. As a last resort I booted with mandrake 9 [bx chipset ausus PII slot1 board] and let linux do the disc. Then quit when it wanted disc 2. Reinstalled win2k with no problem and it's been fine ever since. This happened over the weekend sometime and I know my son and daughter us IM and yahoo to talk to friends. Been running for a day and half now with no problem.
 
I had a YIM hijack about a month ago. Sent a bunch of my friends a version of the Nigerian Scam. Luckily it went to a bunch of Jeepers, we all know we are broke. Of course, noone saved any YIM logs, for me to forward.

I still haven't figured out how they got my Yahoo password though, and none of my others?????
 
Dump Norton and get Avast. It's free and does a better job. There was a warning out not too long ago about an AIM virus. Amy almost picked it up from a friends computer but Avast stopped it from doing anything. Came in the same type of message. You might try the program Active Eraser too. I let it overwrite my temp files, deletes and unused disc space at least a couple of times a week. Sorry to hear you got burned. Hope it doesn't start up an Identity Theft thing like Betty got caught up in.
 
heres what my spyware doctor had to say about the "hijacker". 180assist.

**************
Hijacker. 180search Assistant monitors websites you visit which are then sent back to its servers to display other websites related to your browsing, as stated in their privacy policy. We have documented many examples where it hijacks (redirects) your browser when you try to purchase something. It seems to do this by matching target addresses with a list that it downloads after installation. For example with PC Tools' own products Registry Mechanic and Spyware Doctor, it redirects a trial customer clicking the Purchase or Shopping Cart button to affiliate and competitor sites who one assumes are paying 180 Solutions (the host site during this hijack) for the redirection.
*************************

im sure i'll get the $ back but its a good lesson on how little we think about this important stuff. apathy will get you in the end.

i am going to try to reboot with the OEM disc and start fresh.. but i have don ehtis several times in the past and was told by a PC guru that even though you "over-write" the old with the new.. the "old" isnt really gone its just archived somewhere.
 
FU%$ERS got my paypal account TOO!

time to rip the cable out of the wall and walk away from the computer for a while...

:flamemad:
 
Get your hands on a linux install disc, it will rewrite the hard drive as a raw device and then format it, for windows virus's and such it's the equivilent of throwing an air breather into a methane atmosphere, it dies. At that point when you put the windows cd in and reboot it windows will fdisk and format then install. I also note you are still using IE, bad boy :D I mean, you wouldn't walk into a gay bar, drop your pants and grab you ankles would you ? If you would I don't want to know about it..... :laugh3: :laugh3: :laugh3: :laugh3:
 
WOW, another one, doing the same thing. Got a call from a customer and went to look it over. SOB is doing the same thing as mine did. Her kids were using IM and AOL this past weekend while she was in calif so I'm not sure where it came from. Think I'll spend some time on this tonight and see if I can nail it down a bit more than 'just a boot virus'...
At least after she's gotten burned twice she backs up her stuff now to a usb key.
 
how much should i panic since i also had tax returns filed on my PC at the time as well?

how do these viruses generally collect info? do they specifically look for PAYPAL and account #s or do they copy everything and sift thru it later? good luck getting a credit card with my credit history but thats probably a small part of the potential...

in dealing with my banks on this issue i have the feeling this "war on fraud" is along the lines of the "war on drugs"... futile and enforcement is so overwhelmed that there really no chance of anyone really getting caught.

the banks basically said "you'll get you $ back in a week and the fraud dept may call you."

sounds like theyre just paying the loss and hoping someone else like Visa is on the case.

kinda makes identity theft look like a pretty lucrative career. make your $ and get out quick. :mad:
 
You must log in or register to reply here.

Similar threads

Demonoid369
Anyone able to look up my ecu
Replies
3
Views
108
Demonoid369
Demonoid369
JeepGhost
Gas Milage, Engine Rebuild or Swap
Replies
8
Views
198
Goose_XJ88
Goose_XJ88
Four2score
XJ 4.0 cannot get auxiliary fan to run.
Replies
3
Views
301
SmartGI
S
T
Anyone experience this issue with a Detroit Truetrac?
Replies
10
Views
458
Evan03
E
N
Bulb for defog/rear wiper/fog light switches?
Replies
2
Views
168
N8N_99xj
N
Back
Top