Survivalist Forum

Advertise Here

Go Back   Survivalist Forum > General Discussion Section > The Tech Zone
Articles Chat Room Classifieds Donations Gallery Groups Links Store Survival Files



The Tech Zone Discussion on computers, software and games.

Advertise Here
Reply
 
Thread Tools Display Modes
Old 11-14-2012, 09:54 PM
America's Patriot's Avatar
America's Patriot America's Patriot is offline
LEGAL citizen
 
Join Date: Aug 2012
Location: Texas
Posts: 4,881
Thanks: 277
Thanked 8,573 Times in 2,875 Posts
Default



Advertise Here

You're probably okay, but this is why I tell everyone I know to stay away from the free public accounts. The only thing I use these accounts for is for when I'm filling out a form and it requires an email address.
Old 11-14-2012, 10:01 PM
Fight4Freedom's Avatar
Fight4Freedom Fight4Freedom is offline
Keeping Options Open
 
Join Date: Jun 2012
Posts: 3,472
Thanks: 4,239
Thanked 8,776 Times in 2,386 Posts
Default

You cannot rely on anti virus and malware detection software to prevent all computer viruses anymore.

They are coming out too fast and they are extremely well written. By the time most viruses are detected they are several days to weeks old and have already been morphed and have done their dirty work.

Be very careful if you have any "special" pictures of your wife or girlfriend on any computer in your network. I'm not by ANY means suggesting you would. But some might.

The number one industry on the Internet unfortunately is porn and much of the pornography is actually stolen right off people's private computers.

Very often, the ONLY way to completely clean a system is to wipe the hard drive with a product such as DBAN (which also cleans the MBR and boot sectors). Then reinstall from known clean recovery or reinstall disks.

Also install a product such as Peerblock and block those countries on the Spamhaus (and others) hot list. I block pretty much all countries except the USA, Canada and Austrailia. With Peerblock you can also see what IP addresses your computer is connecting to. I use a hardware firewall but they can get expensive.

Sorry you are having this problem.
Old 11-14-2012, 10:09 PM
Fight4Freedom's Avatar
Fight4Freedom Fight4Freedom is offline
Keeping Options Open
 
Join Date: Jun 2012
Posts: 3,472
Thanks: 4,239
Thanked 8,776 Times in 2,386 Posts
Default

Quote:
Originally Posted by Dude111 View Post
Somehow ppl are getting peoples passswords..... I have had 4 or 5 friends on Yahoo get thier password compromised (One got his compromised 2 times) and 1 on gmail.......

HOW IS IT DONE???? -- I HAVE NO IDEA!!!!!!
Normally this occurs because they use easily guessable passwords.

Some people actually use stuff like the Month and year (May / 2012) or 1234 / 4321 etc as their username and password. Or even their first name as the username and last name as the password. Duh.

No wonder it happens so often. There was a big article recently where they discovered that an unbelievable number of people use incredibly easy to guess username and password combinations.
Old 11-14-2012, 10:35 PM
fetzer85 fetzer85 is online now
Member
 
Join Date: Oct 2012
Location: Northern WV
Posts: 90
Thanks: 47
Thanked 134 Times in 39 Posts
Default

Quote:
Originally Posted by Fight4Freedom View Post
You cannot rely on anti virus and malware detection software to prevent all computer viruses anymore.

They are coming out too fast and they are extremely well written. By the time most viruses are detected they are several days to weeks old and have already been morphed and have done their dirty work.

Be very careful if you have any "special" pictures of your wife or girlfriend on any computer in your network. I'm not by ANY means suggesting you would. But some might.

The number one industry on the Internet unfortunately is porn and much of the pornography is actually stolen right off people's private computers.

Very often, the ONLY way to completely clean a system is to wipe the hard drive with a product such as DBAN (which also cleans the MBR and boot sectors). Then reinstall from known clean recovery or reinstall disks.

Also install a product such as Peerblock and block those countries on the Spamhaus (and others) hot list. I block pretty much all countries except the USA, Canada and Austrailia. With Peerblock you can also see what IP addresses your computer is connecting to. I use a hardware firewall but they can get expensive.

Sorry you are having this problem.
We don't have any pics/videos like that, thankfully. That would be bad!

Thank you for the suggestions. I'll check out the peerblock, sounds worthwhile.

Also the Malwarebytes finished, 34min later 'no infected files found'. (keeping my fingers crossed)
Old 11-14-2012, 10:40 PM
fetzer85 fetzer85 is online now
Member
 
Join Date: Oct 2012
Location: Northern WV
Posts: 90
Thanks: 47
Thanked 134 Times in 39 Posts
Default

Quote:
Originally Posted by speedofl33t View Post
Check if the email is actually sent from your IP or if it just used a bogus sender.
How would one go about checking this?

When I log into her account and go to the sent folder, the message is in there. I'm guessing I need to do something else to check the IP...
Old 11-15-2012, 02:31 PM
speedofl33t's Avatar
speedofl33t speedofl33t is offline
Sundown dazzling day
 
Join Date: Dec 2007
Location: Sweden
Age: 44
Posts: 13,897
Thanks: 7,662
Thanked 13,057 Times in 5,932 Posts
Default

Somewhere in the options there is a "show original" which gives you the raw code of the email. You can follow the path through which the email is sent in there. I know, they didn't make it easy for you!
Old 11-15-2012, 05:25 PM
63B's Avatar
63B 63B is offline
Ginger
 
Join Date: May 2012
Location: Great state of illinois (cough)
Age: 32
Posts: 42
Thanks: 125
Thanked 38 Times in 18 Posts
Default

I had the same thing happen with my yahoo. Sent some spammy work at home emails with my name on it to a friend, my mother, and sister. They end up trying to get your bank account info. Deleted my email account and wiped my phone. Hopefully nothing still in there. About a week ago google admin emailed me that someone had tried to log in to my gmail on an unregistered device. Had to change passwords and stuff. Never be too careful anymore.
Old 11-15-2012, 05:34 PM
RZRBACK's Avatar
RZRBACK RZRBACK is offline
Ouch - that's my thumb!
 
Join Date: Aug 2011
Location: Arkansas
Posts: 305
Thanks: 244
Thanked 625 Times in 188 Posts
Default

It is a Spam marketing link to onlinenewmarket - a site also loaded with trojans. Be happy the redirect did not work. If you haven't already changed all of her passwords, you need to - anything that was ever communicated to or from that gmail account is now compromised - don''t stop with just changing the gmail p'word, change EVERYTHING.
Old 11-15-2012, 08:19 PM
Amra910's Avatar
Amra910 Amra910 is offline
"Not vengence Punishment"
 
Join Date: Jan 2009
Location: Republic of Texas
Posts: 1,257
Thanks: 3,398
Thanked 956 Times in 489 Posts
Default

Quote:
Originally Posted by fetzer85 View Post
We don't have any pics/videos like that, thankfully. That would be bad!

Thank you for the suggestions. I'll check out the peerblock, sounds worthwhile.

Also the Malwarebytes finished, 34min later 'no infected files found'. (keeping my fingers crossed)
Go get emsisoft. You may be surprised what you have. As of right now it is the only program that has been tested that can detect 100%. Malwarebytes is only 98%.

http://www.emsisoft.com/en/software/eek/
Old 11-15-2012, 10:59 PM
fetzer85 fetzer85 is online now
Member
 
Join Date: Oct 2012
Location: Northern WV
Posts: 90
Thanks: 47
Thanked 134 Times in 39 Posts
Default

Quote:
Originally Posted by speedofl33t View Post
Somewhere in the options there is a "show original" which gives you the raw code of the email. You can follow the path through which the email is sent in there. I know, they didn't make it easy for you!
OK, here's what I found...

Quote:
MIME-Version: 1.0
Received: by 10.50.82.104 with HTTP; Wed, 14 Nov 2012 00:18:51 -0800 (PST)
Date: Wed, 14 Nov 2012 03:18:51 -0500
Delivered-To: wife's [email protected]
Message-ID: <CAP5PXT4WZoxunLeKD7fv4C8UipW+9=otvc0ZCcsvmWJgSD02 [email protected]>
Subject:
From: wife's name <wife's [email protected]>
To: wife's [email protected], wife's work email, my [email protected],
dad's work email
Content-Type: text/plain; charset=ISO-8859-1

http://selfhelp.stupere.com/wp-conte...a/ugoogle.html
Could someone translate what that means for me?

Also I'm going to try emsisoft right now. Sorry Amra - I must have overlooked your first post telling me to do this.
Old 11-16-2012, 06:51 AM
fetzer85 fetzer85 is online now
Member
 
Join Date: Oct 2012
Location: Northern WV
Posts: 90
Thanks: 47
Thanked 134 Times in 39 Posts
Default

Emsisoft finished running, no objects found.
The Following User Says Thank You to fetzer85 For This Useful Post:
Old 11-16-2012, 07:50 AM
Hashashin's Avatar
Hashashin Hashashin is offline
Member
 
Join Date: Jul 2012
Location: Outer Banks, NC
Age: 30
Posts: 91
Thanks: 152
Thanked 98 Times in 42 Posts
Default

Sounds like email spoofing to me.


Probably has nothing to do with your computer or a virus at all.
The Following 2 Users Say Thank You to Hashashin For This Useful Post:
Old 11-16-2012, 02:52 PM
evialvatar evialvatar is offline
Prepared
 
Join Date: Nov 2012
Location: wisconsin
Posts: 270
Thanks: 21
Thanked 189 Times in 97 Posts
Default

sounds like a malware thing or email spoof. report it if you feel better doing so than watch what you access and make sure your virus scan software and firewall software are up dated.

Back when I played at hacking I saw similar items that were used to gather data on your IP address and user activity. The most common use of items like this now is to get you to buy scareware thinking you have a virus. Sometimes it's used to gather port data for an attack later or as part of an e-mail bomb to crash a particular companies servers and discredit them. (haven't heard anthing about an attack on google, but they are pretty silent most of the time til after the fact)


If you delete most of the host address junk you'll see it is actually a real site selling self help materials. They're mostly a scam Could be a way the website is able to send out adverts without getting in trouble for selling crap.
The Following User Says Thank You to evialvatar For This Useful Post:
Old 11-17-2012, 02:40 PM
Amra910's Avatar
Amra910 Amra910 is offline
"Not vengence Punishment"
 
Join Date: Jan 2009
Location: Republic of Texas
Posts: 1,257
Thanks: 3,398
Thanked 956 Times in 489 Posts
Default

Quote:
Originally Posted by fetzer85 View Post
Emsisoft finished running, no objects found.
Nice, good job. I thought my computer was clean using AVG, Malware ]bytes & Spybot until I ran it.

There is good chance she or someone opened and bad email that spamed out of the address book.

For passwords I use a password vault, CGPWord. It has no backdoor so if you forget your password to it, well don't. I also use it off a flash drive so it is not on the computer. Use it by copying and pasting. That way the only keystrokes seen are those but not what you are copying & pasting. Maybe look into something like that.

Also look into a random password generator like PCTools. I am even using it now for user names. User names between 8-10 cheracters. Passwords anywhere from 16-32 cheracters, depending on the web site. Financial gets 32, as long as they accept that length.

Those security questions that are asked on some sites. Do not answer with a real answer. By that here is an example. "What is your favorite color?" most people would answer, say, red. I answer with something like California. Better yet use PCTools. CGPWord has a notes field for stuff like that.

With the above advice, are you un-hackable? No, but there is no such thing. You will make it extremly difficult.

Just my humble advice for anyone who will listen.
The Following User Says Thank You to Amra910 For This Useful Post:
Old 11-17-2012, 03:09 PM
augoldminer augoldminer is online now
Trapper
 
Join Date: Jun 2011
Location: high desert calif at the edge of the big empty
Posts: 971
Thanks: 0
Thanked 831 Times in 436 Posts
Default

Email spoofing after some one hack someone on your wife's email list computer.

The problem is with someone else on the list's computer.
Old 11-19-2012, 04:00 AM
TheLastOutpost's Avatar
TheLastOutpost TheLastOutpost is offline
Tilt. Cock. Lock. Look.
 
Join Date: Jul 2012
Location: Halls Creek. WA. -En-route. ETA Next Thursday
Age: 44
Posts: 1,369
Thanks: 2,729
Thanked 1,919 Times in 834 Posts
Default

whois onlinenewmarket.com

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: ONLINENEWMARKET.COM

Registrant:
Ludwika Tomaszewska
Ludwika Tomaszewska ([email protected])
ul. Dlugi Targ 81
Gdansk
Gdansk,80-830
PL
Tel. +48.799093471

Creation Date: 18-Oct-2012
Expiration Date: 18-Oct-2013

Domain servers in listed order:
ns1.dnsexit.com
ns2.dnsexit.com
ns3.dnsexit.com
ns4.dnsexit.com


Administrative Contact:
Ludwika Tomaszewska
Ludwika Tomaszewska ([email protected])
ul. Dlugi Targ 81
Gdansk
Gdansk,80-830
PL
Tel. +48.799093471

Technical Contact:
Ludwika Tomaszewska
Ludwika Tomaszewska ([email protected])
ul. Dlugi Targ 81
Gdansk
Gdansk,80-830
PL
Tel. +48.799093471

Billing Contact:
Ludwika Tomaszewska
Ludwika Tomaszewska ([email protected])
ul. Dlugi Targ 81
Gdansk
Gdansk,80-830
PL
Tel. +48.799093471

Status:LOCKED
Note: This Domain Name is currently Locked. In this status the domain
name cannot be transferred, hijacked, or modified. The Owner of this
domain name can easily change this status from their control panel.
This feature is provided as a security measure against fraudulent domain name hijacking.

The data in this whois database is provided to you for information purposes only,
that is, to assist you in obtaining information about or related
to a domain name registration record. We make this information available "as is",
and do not guarantee its accuracy. By submitting a whois query, you agree that you will
use this data only for lawful purposes and that, under no circumstances will you use this data to:
(1) enable high volume, automated, electronic processes that stress
or load this whois database system providing you this information; or
(2) allow, enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations via direct mail, electronic mail, or by telephone.
The compilation, repackaging, dissemination or other use of this data is expressly prohibited without
prior written consent from us. The Registrar of record is Trunkoz Technologies Pvt Ltd. d/b/a OwnRegistrar.com.
We reserve the right to modify these terms at any time.
By submitting this query, you agree to abide by these terms.
************************************************** *********************************

Trunkoz Technologies Pvt Ltd. d/b/a OwnRegistrar.com
Jyoti Bldg, B Wing 2nd Floor
Behind Paradise Tower, Gokhale Road, Thane (West)
Mumbai Maharashtra 400602
India
91 (22) 6781-6658
[email protected]

OwnRegistrar is a White Labeled Domain Registrar which offers Domain Name Registration services to large corporates, small companies, Web Hosting providers, individuals, domain resellers, etc. OwnRegistrar offers all the top TLDs through its Channel Partners
************************************************** **************************************

My guess is that your addy was 'borrowed' by some anon users in India for one reason or another. Change the password to something complex or ditch the account. Also check your spam folder to ensure your user IDs aren't being used to sign you up for stuff at random
The Following User Says Thank You to TheLastOutpost For This Useful Post:
Old 11-19-2012, 09:41 PM
fetzer85 fetzer85 is online now
Member
 
Join Date: Oct 2012
Location: Northern WV
Posts: 90
Thanks: 47
Thanked 134 Times in 39 Posts
Default

Thanks to everyone for your help. I'll consider this one case closed unless something else comes up.
The Following User Says Thank You to fetzer85 For This Useful Post:
Reply

Bookmarks



Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
***Cheaperthandirt has been hacked*** RayInMS General Discussion 15 07-14-2012 08:00 AM
You have not been hacked cragmor Jokes, Humor & Music 1 11-08-2011 01:16 PM
I Think My Blog Was Hacked!!!!!!!!!!!!! FireWolf General Discussion 2 07-16-2011 04:53 AM
Weiner WAS hacked! Harmless Drudge Jokes, Humor & Music 3 06-20-2011 03:32 AM
Man charged with felony for reading his wife's e-mail to track an affair jma_1000 General Discussion 5 12-30-2010 01:41 AM


All times are GMT -5. The time now is 05:08 PM.


Powered by vBulletin®
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd.
Copyright Kevin Felts 2006 - 2012,
Green theme by http://www.themesbydesign.net