security concern .....! email address got hacked ...

[myidisbb]

was he using a cyber cafe over there?

[majithia23]

the strange thing is that , the mail was sent to every contact in my friends address book. and that too not once but twice .

That is a matter-for-concern. Hope your pal has changed his password. It would help if he changed the 'Secret Question' used to reset the Password of his Email account, too.

was he using a cyber cafe over there?

yup,

he s changed his entire password collection including the security questions .

had to write down all of them so as to remember . :lol:

must have been a firewall intrusion or a key logger .

and no , it wasnt a cyber cafe , thats the irony ,

but his own personal desktop !

[DKT27]

I'm tellin you it would be a password stealer. Did you scan by MS tool(MRT)?

And I will reply your PM tomorrow.

[El_Burro]

OK. You are lucky guy. I had faced the same problem few months ago. The story is a long story and a lot of problems. After one week of trouble, I finally found that my PC was infected by a stealer(pass stealer). As far as I know, pass stealers are not easily detected by a AV or AM. I wasted my whole week to solve it, scanned my PC with ESET two times, MBAM two times, Ad-Aware one time and some more scanners. And finally I scanned my PC with Microsoft Malicious Software Removal Tool. It was able to successfully remove the stealer. I changed my pass afterwards, after that no one is ever trouble the people who are added in my account. :)

You can Download Microsoft Malicious Software Removal Tool from here - http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

please can you tell me the name of these pass stealers?

Maybe there is some little tool just to fix it,instead of installing a full program...

Thanks in advance

[majithia23]

I'm tellin you it would be a password stealer. Did you scan by MS tool(MRT)?

And I will reply your PM tomorrow.

my friend dint take any risk .

he was so pissed , he backed up all the data and just reformatted the entire hd and rebooted the windows ! :o

i told him to scan it mrt but it was late , he had allready done the job !

they (antimalwares..) all suck ,, is what he said !!!! :lol:

ok dkt no probs !

was worried as to what could have happened and so wanted to know , if you could figure out ..

[majithia23]

OK. You are lucky guy. I had faced the same problem few months ago. The story is a long story and a lot of problems. After one week of trouble, I finally found that my PC was infected by a stealer(pass stealer). As far as I know, pass stealers are not easily detected by a AV or AM. I wasted my whole week to solve it, scanned my PC with ESET two times, MBAM two times, Ad-Aware one time and some more scanners. And finally I scanned my PC with Microsoft Malicious Software Removal Tool. It was able to successfully remove the stealer. I changed my pass afterwards, after that no one is ever trouble the people who are added in my account. :)

You can Download Microsoft Malicious Software Removal Tool from here - http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

please can you tell me the name of these pass stealers?

Maybe there is some little tool just to fix it,instead of installing a full program...

Thanks in advance

password stealer is a malware .

and it is not something u need to fix ,,,,,,, u need to scan for it and just terminate it /eliminate it from your machine !

or unless you are comfortable with compromising your password and id for various logins . ( ...i dont care , any one can use my password , m happy with it ...!!!!! )

and you dont need to install MRT .

if you have a genuine windows , it is automatically up dated every month !

just follow what dkt adviced .

start+r and then type mrt in run dialog box .

[majithia23]

@dkt

allright , i did my pc scan with MRT .

thankfully it came out negative .

all is clean ,,as of now !! :)

but it took around 7hrs30mins to scan my 250 gigs !!

is that ok ?

[HX1]

If you want password stealers.. there are tons of them around everywhere and posted vulnerabilities in sites all over the web for any from MySpaz.. to Facialbook..There are also various forms of keyloggers/trojans/malware that can also do the job.. not to mention quite a few registry hacks that can be written into installers to allow communication of your system with other systems rendering complete control..to an attacker... who can basically monitor everything your doing.. People can alos do some sort of packet 'forking' where its sort of like someone listening to a phone conversation.. and they can receive the same info your sending or receiving.. ( Reason we look for good encrypted connections, and check SHA values and so on.. ) You never know what is going to happen.. or what repercussion you may render upon your person.. or from where..

I would advise you not to ... even in trying to make sure your site or vulnerability not doesn't exist or you don't have this problem.. There are several security bulletins that you can read through.. and resources on the web that you can use to make sure and test for these issues.. Problem is in some cases the exploitations are only found by those who spend their time trying to do so... and at that .... You have to know code and know it well.. to hack.. and keep from being hacked..

But yeah who in the hell wouldn't want to fix it..

[majithia23]

If you want password stealers.. there are tons of them around everywhere and posted vulnerabilities in sites all over the web for any from MySpaz.. to Facialbook..There are also various forms of keyloggers/trojans/malware that can also do the job.. not to mention quite a few registry hacks that can be written into installers to allow communication of your system with other systems rendering complete control..to an attacker... who can basically monitor everything your doing.. People can alos do some sort of packet 'forking' where its sort of like someone listening to a phone conversation.. and they can receive the same info your sending or receiving.. ( Reason we look for good encrypted connections, and check SHA values and so on.. ) You never know what is going to happen.. or what repercussion you may render upon your person.. or from where..

I would advise you not to ... even in trying to make sure your site or vulnerability not doesn't exist or you don't have this problem.. There are several security bulletins that you can read through.. and resources on the web that you can use to make sure and test for these issues.. Problem is in some cases the exploitations are only found by those who spend their time trying to do so... and at that .... You have to know code and know it well.. to hack.. and keep from being hacked..

But yeah who in the hell wouldn't want to fix it..

+1 -_-

[DKT27]

@El_Burro: This is not a hackin site lol. :P

If you wanna get, or wanna get infected read the post by heath. ;)

If you wanna remove it, follow majithia23 advice.

@majithia23: That scanning time is normal for MRT. It takes 5 hours on my 120GB.

Note: MRT also scans image files(ISO, mdf, uif, etc). I dont think that normal AV or AM scans image files. Well I dont think that ESET or MBAM scans ISO files. As the image files can be big and may contain a lot of files, it can take time, if you have them on your PC.

[majithia23]

@majithia23: That scanning time is normal for MRT. It takes 5 hours on my 120GB.

Note: MRT also scans image files(ISO, mdf, uif, etc). I dont think that normal AV or AM scans image files. Well I dont think that ESET or MBAM scans ISO files. As the image files can be big and may contain a lot of files, it can take time, if you have them on your PC.

hey thanks ,

dkt .

and yes i agree , ! :)

[El_Burro]

of course i was asking the name just to search for a patch to remove it,without installing new full software!

anyway i think i've got something different,because that microsoft program didnt find anyrhing.

Yet sometimes i see some email coming back because the user doesnt exist,of course i've never sent that emails! All of these addresses are from china.

did a scan with almost every programs,but didnt find anything :fear:

Thanks for the help

[DKT27]

First, let me tell you I was jokin about gettin a stealer. ;)

Now as majithia23 mentioned, MS Tool is already installed on your PC if you download the windows updates. And if that didn't find anythin with the full pc scan, you did a full scan?, then you should try a normal Anti virus or malwarebytes anti malware(MBAM in short).

All of these addresses are from china.

Can you tell me more about it? As the person who had sent emails to my contacts, was traced to china (by me). Believe me or not, now its my turn to trouble him. I'm gonna make his life miserable for hackin my account.

[El_Burro]

First, let me tell you I was jokin about gettin a stealer. ;)

Now as majithia23 mentioned, MS Tool is already installed on your PC if you download the windows updates. And if that didn't find anythin with the full pc scan, you did a full scan?, then you should try a normal Anti virus or malwarebytes anti malware(MBAM in short).

All of these addresses are from china.

Can you tell me more about it? As the person who had sent emails to my contacts, was traced to china (by me). Believe me or not, now its my turn to trouble him. I'm gonna make his life miserable for hackin my account.

thanks a lot for the tips! i did a scan with MBAM and find out :

Trojan.BHO

Spyware.OnlineGames

both of them has been removed anyway some of the emails were from the domain 126.com or something like that. Hope not,but if i receive them i'll tell you better!

Thanks another time anyway these MBAM seems really good and its free also

[DKT27]

Please give me the full name of both the infections. And the folder name in which they were found.

126.com seems a emailing service. Here is the McAfee SiteAdvisor page that can give you some hints - http://www.siteadvisor.com/sites/126.com . ;)

MBAM is a great software. You can enable full real time protection in it by buyin it or downloadin the keygen from the frontpage. ;)

[El_Burro]

Please give me the full name of both the infections. And the folder name in which they were found.

126.com seems a emailing service. Here is the McAfee SiteAdvisor page that can give you some hints - http://www.siteadvisor.com/sites/126.com . ;)

MBAM is a great software. You can enable full real time protection in it by buyin it or downloadin the keygen from the frontpage. ;)

[DKT27]

For the infections found by MBAM. Did you download some sort of toolbar example smileyarcade or Zwinky etc?

So you said you already tried scanin with MS Tool (MRT), MBAM, etc. and the problem is still there?

Now make sure you have KeyScrambler runnin all the time. There are some infections that cannot be detected easily, KeyScrambler can help you against some normal keyloggers. And you should also install a HIPS software, Comodo firewall is a great one. These both program will help you a lot.

Now did you changed your pass? I would advice you to scan your PC again, full scan, by MBAM, a AV and MS tool. To make sure that your PC wouldn't be infected. Now you can change your pass. If your PC is still infected, there wouldn't be any use to change the pass.

If you still get the same problem, I will suggest you a good program, but you need to be good in PC, to use that program. First do what I wrote above.

[El_Burro]

thanks DKT27!

did a new and complete full scan with Nod32 v.4 , MAW and a-squared and nothing has been found.

Meanwhile i keep getting somethimes these damned emails.

Oh bytheway,im using PC since the 286-386 era so im not really a beginner ^_^

[DKT27]

Well good to know that you are not a beginner, as I have to think like one and then post a solution a person can easily understand.

ANW did you change your pass? Do it.

If you still get the emails after changin the pass, there would be some program still infectin your PC.

You can try a protocol Analyzer called WireShark. Go here - http://www.wireshark.org/download.html