Need advice - accounts hacked

Discussion in 'other security issues & news' started by Tannor, May 30, 2010.

Thread Status:
Not open for further replies.
  1. Tannor

    Tannor Registered Member

    Joined:
    Jul 30, 2005
    Posts:
    22
    I currently run nod32 v3 on both my laptop and desktop and followed the instructions here on how to set it up

    This week, my gmail account was hacked, and my paypal about 4 days later.

    I am guessing I have some sort of keylogger,

    Does anyone have any recommendations on what other software I can run? If nod32 did not pick up anything? I also ran malwarebytes and came up totally cleaned.

    Thanks
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    I suggest to format and not try to clean the system. Keep in mind that you should not format if you intend to investigate the data theft and/or ask the help of your local authorities for digital crime.

    You should not trust again the system if you don't format the boot hdd and check very carefully all your external storage devices and your other internal hdds.
     
  4. Tannor

    Tannor Registered Member

    Joined:
    Jul 30, 2005
    Posts:
    22
    Thanks for advice, my laptop was recently reformatted when i installed windows 7 about 2-3 weeks ago, so i doubt it is that machine but who knows.

    I really hate to reformat unless I have no choice, I just want to know which machine really was infilitrated

    I will check out those links posted
     
  5. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    I guess there is a reason your sticking to V3 but V4 has better detection or so I'm told.
     
  6. Tannor

    Tannor Registered Member

    Joined:
    Jul 30, 2005
    Posts:
    22
    I just have not upgraded yet on my main desktop.

    I did for my laptop since it was a reinstall

    I originally made a mistake in my first post, i thought i had v3 on both but when i went to check i must have downloaded the latest version
     
  7. Tannor

    Tannor Registered Member

    Joined:
    Jul 30, 2005
    Posts:
    22

    well i upgraded to nod 32 v4 on my desktop and ran all sorts of online security including gmer to make sure i don't have any rootkits

    both my laptop which I knew would be clean, and my desktop is

    The odd thing is i have not logged into my paypal account in 2 months, i am wondering if my work machine is infected, i know it has symantec and is up to date but who knows, i think that is where i logged in paypal. Luckily paypal is going to reverse the charges to nexon american they did 2 payments of $30 each to nexon

    and my gmail account was used to send spam

    i already changed my passwords
     
  8. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Hi Tannor,

    When you decide to reformat (I also think it is probably the best thing to do for your peace of mind) my suggestion is to install something like Shadow Defender, Returnil, DeepFreeze, which will run quickly and easily virtual sessions. Rebooting the system with any of these applications will make sure that any nasty that might have made it onto your system will be deleted. It is however imperative to install such programs on clean systems, and to use them with any web activity.
     
  9. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
  10. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    If your work PC turns out to be infected, that might make me feel better that it's not your home PCs.

    Keep in mind that NO AV/Antispyware is perfect. Eset, Symantec, you name it. They may all provide very good protection but that cannot detect it all. At work, we use a standard AV on each PC but they are preceded by a firewall based intrusion protection package that includes malware, content and website filtering. And above and beyond that, email is filtered by Postini. And sometimes I still wonder if that is enough!

    Anyway, I agree that you should consider using something else to supplement your AV @ home. Osaban's suggestion of running full operating system virtual environments is absolutely helpful but they weren't for me. I didn't like the idea of needing to reboot every time I needed to exit the virtual environment.

    I prefer something like Sandboxie or DefenseWall. They take about 2 to 3 minutes to install (and this counts the one time needed reboot) and from that point on, you have very strong protection. I'm using Sandboxie right now and when I close my Firefox session today, everything in it gets closed/dumped.

    I recently set up a middle aged friend with his first PC. He knows nothing about this stuff and I was confident he would run into something like the fake AV nasties pretty quick. Sure enough, within the first 2 hours he called and asked what the pop-up meant on his screen. I told him it was fake and had him close the sandbox. After he closed Sandboxie, the fake AV was gone and his PC remained clean. If he had only relied on his real AV, I'm not as sure he could have escaped safely.
     
  11. Tannor

    Tannor Registered Member

    Joined:
    Jul 30, 2005
    Posts:
    22
    I am starting to think it has nothing to do with it

    I ran wireshark on all 3 pc's, my work, laptop, and desktop since yesterday and looked at protocols like ftp and email, because I went on some hacking forums to see how they set up these keyloggers, and they use either email or ftp to send the info back.

    They also talked about how they get around av's by writing their own keyloggers using vb6..but it not perfect


    So far I have not seen any pc make a call using any of the above methods.


    It just so weird how my paypal and gmail account got hacked in same week and using different email and password.
     
  12. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
  13. Tannor

    Tannor Registered Member

    Joined:
    Jul 30, 2005
    Posts:
    22
    I have since reformatted and installed Windows 7 64 bit on main desktop.

    I went with Avast this time because NOD32 is making my machine so sluggish


    I left my laptop alone since that is a new install only two weeks in, and I know I have never logged onto paypal on that system, so it could not have come from there.
     
Loading...
Thread Status:
Not open for further replies.