Pages: 1 2 3 [4] 5 6 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Ticondrius
Gallente Coreli Corporation
|
Posted - 2006.08.31 18:22:00 -
[91]
What's all this orc-talk about Anti-virus this and that? Get Ubuntu and get it overwith. Never get infected again. RABBLE! RABBLERABBLE!! |
Scarib
|
Posted - 2006.08.31 18:24:00 -
[92]
For anyone who needs to check their puter try these for a quick scan they might pick up something that has been missed by your own AV prog
http://vil.nai.com/vil/stinger/
http://www.lavasoftusa.com/software/adaware/
I use them both when required and stinger is a good first check prog, as ever try backing up any important data and remember some bugs hide in restore points on XP so follow your AV's removal advice
|
Meron
|
Posted - 2006.08.31 18:24:00 -
[93]
my main 2 account got banned today. and i got emails from the same guys. Looked at the pictures etc. I got system problems aswell i didnt know how to fix. keyboard/mouse not working like windows is corrupted etc. virus checked/search and destroy etc didnt find it. Just glad i read this thread and know the stuff now. I wiped my hard drive losing all my important files today because i couldnt fix the problem and reinstalled windows:( I am so angry |
Elexi
|
Posted - 2006.08.31 18:33:00 -
[94]
Originally by: Scarib For anyone who needs to check their puter try these for a quick scan they might pick up something that has been missed by your own AV prog
http://vil.nai.com/vil/stinger/
http://www.lavasoftusa.com/software/adaware/
I use them both when required and stinger is a good first check prog, as ever try backing up any important data and remember some bugs hide in restore points on XP so follow your AV's removal advice
I used both of those yesterday neither helped |
Zakgram
Apocalyptic Raiders Interstellar Starbase Syndicate
|
Posted - 2006.08.31 18:48:00 -
[95]
Originally by: Elexi
I used both of those yesterday neither helped
Commercial AV products will struggle since it's nearly impossible to tell the difference between a user-written program and a virus/trojan/whatever.
Best chance is some program that monitors other programs adding themselves to the start etc... though if you've ran the executable it's probably too late for it since the executable can do anything.
|
Tristan Acoma
Caldari The Eleventh Commandment
|
Posted - 2006.08.31 18:52:00 -
[96]
Edited by: Tristan Acoma on 31/08/2006 18:53:52 Edited by: Tristan Acoma on 31/08/2006 18:52:22
How is it people are still falling for stuff like this? It's one of the oldest email scans in the book translated to eve-mail.
Sucks it happened to you, but perhaps it will serve as a warning to others - SUSPECT all unsolicited mail that links to any content. Always.
And - remember, AntiVirus programs are -useless- against arbitrary executed binary code if it's done right. Only YOU can protect you from yourself.
Please resize image to a maximum of 400 x 120, not exceeding 24000 bytes, ty - Cortes |
Elexi
|
Posted - 2006.08.31 18:56:00 -
[97]
Originally by: Tristan Acoma Edited by: Tristan Acoma on 31/08/2006 18:53:52 Edited by: Tristan Acoma on 31/08/2006 18:52:22
How is it people are still falling for stuff like this? It's one of the oldest email scans in the book translated to eve-mail.
Sucks it happened to you, but perhaps it will serve as a warning to others - SUSPECT all unsolicited mail that links to any content. Always.
And - remember, AntiVirus programs are -useless- against arbitrary executed binary code if it's done right. Only YOU can protect you from yourself.
I had convo's with him ingame multiple times this wasnt just a automated style copy/paste email. he got all friendly before i accepted his email with attachment. |
nahtoh
Caldari Bull Industries
|
Posted - 2006.08.31 18:58:00 -
[98]
Ok again for the cheap seats...
Download the app called hijackthis and post the log somewhere perhaps in the known issues and workarounds forum?
If we can Identiy the entry (if indeed there is one) then we can help everybody that maybe sufering from this attack...
I will have a look at the logs and see if I can see anything dodgy in it I reckon a few others would help as well..A full nuke and pave may not be required on your system...
We have a helpfull commuity here with a nice range of expertise...why not try and use it? ========= "I am not saying there should be capital punishment for stupidity, but why can`t we just take the safety labels off everything and let the problem fix its self |
DukDodgerz
|
Posted - 2006.08.31 19:05:00 -
[99]
Originally by: Ticondrius What's all this orc-talk about Anti-virus this and that? Get Ubuntu and get it overwith. Never get infected again.
you do not want to see how bad a virus can infect a linux/unix box...you think it is tough to remove them from MS OS's...HAH
in case you are young and ignorent (being ignorent is not bad, it just means you do not know something), I will point to the history books...guess where viruses first came into the computer world?? (hint, DOS wasn't even around back then).
It is easy to write a virus for linux distros, but there is no "profit" to be gained on them. Windows has the lions share due to its foothold on MOST pc's in the world, not because it is any better or worse, just more popular. If linux had the the popularity, guess what would happen...
FRODO HAS FAILED; BUSH HAS THE RING!!! The HippoKing spots a new post |
MrTripps
Gallente
|
Posted - 2006.08.31 19:08:00 -
[100]
Quote: also; pif, prf, bat are also extensions that can be exe files in disguise.
Also, .com files. A HiJackThis scan would help find the bugger from the load point. A scan while in safe mode also could find it.
Sigs? We don't need no steenking sigs... |
|
DukDodgerz
|
Posted - 2006.08.31 19:12:00 -
[101]
Originally by: Elexi
Originally by: Tristan Acoma Edited by: Tristan Acoma on 31/08/2006 18:53:52 Edited by: Tristan Acoma on 31/08/2006 18:52:22
How is it people are still falling for stuff like this? It's one of the oldest email scans in the book translated to eve-mail.
Sucks it happened to you, but perhaps it will serve as a warning to others - SUSPECT all unsolicited mail that links to any content. Always.
And - remember, AntiVirus programs are -useless- against arbitrary executed binary code if it's done right. Only YOU can protect you from yourself.
I had convo's with him ingame multiple times this wasnt just a automated style copy/paste email. he got all friendly before i accepted his email with attachment.
social engineering....
FRODO HAS FAILED; BUSH HAS THE RING!!! The HippoKing spots a new post |
End Yourself
Core Domination
|
Posted - 2006.08.31 19:17:00 -
[102]
Originally by: nahtoh Ok again for the cheap seats...
Download the app called hijackthis and post the log somewhere perhaps in the known issues and workarounds forum?
If we can Identiy the entry (if indeed there is one) then we can help everybody that maybe sufering from this attack...
I will have a look at the logs and see if I can see anything dodgy in it I reckon a few others would help as well..A full nuke and pave may not be required on your system...
We have a helpfull commuity here with a nice range of expertise...why not try and use it?
oh, that's cool.
err wait... let's say you see something dodgy. and then you remove it. does this mean there aren't any other leftovers?!?
The only solution to a compromised system is a reinstall from trusted media. Whoever says otherwise either has no clue or is making profit selling those crappy tools(mcaffee, symantec...)
--- Fighting for peace is like screwing for virginity.
|
Gah'khaz
Caldari
|
Posted - 2006.08.31 19:17:00 -
[103]
ok all these ppl are correct when they say you need this or that program and etc but here is what you need to do BEFORE you install anything -> unplug any network cable and reformat/reinstall your OS... You have no idea about what accounts/backdoors etc he has added to your system, and/or even edited system files and who knows what to make his future access granted.
Then install all those pretty proggies that they talk about.
|
Jeshaman
|
Posted - 2006.08.31 19:20:00 -
[104]
dont expect ccp to help you out with getting your account hacked mine did i reported it in a petition under another account they immediately banned the account which i applaud them for but then the response later was basically tough the account will remain banned which is a total crock of crud
|
Gah'khaz
Caldari
|
Posted - 2006.08.31 19:21:00 -
[105]
pretty silly installing a bunch of programs to 'fix' everything when he might have done something as simple as add another user to your box with full access to everything :P
|
Xaen
Caldari Science and Trade Institute
|
Posted - 2006.08.31 19:25:00 -
[106]
So you ran an exe somebody send you and lost your account....forgive me if I don't sympathize.
And don't depend on virus scanners. They just plain don't work. None of them stop any 0 day threats and that's when they would be most useful.
Just don't run crap random people (anyone?) sends you.
People don't need costly resource hogging virus scanners, they need common sense.
And the one you have isn't very good if it didn't save you.
I wouldn't be surprised if CCP didn't reimburse you. ----------------------------------------------------------------- Theists should not try to use logic to prove their gods exist; it makes as much sense as spiders playing with matches. |
Elexi
|
Posted - 2006.08.31 19:33:00 -
[107]
Originally by: Xaen So you ran an exe somebody send you and lost your account....forgive me if I don't sympathize.
And don't depend on virus scanners. They just plain don't work. None of them stop any 0 day threats and that's when they would be most useful.
Just don't run crap random people (anyone?) sends you.
People don't need costly resource hogging virus scanners, they need common sense.
And the one you have isn't very good if it didn't save you.
I wouldn't be surprised if CCP didn't reimburse you.
Thanks for judging us based on knowing **** all. The guy didnt just randomly send us an email. He chatted with you asking for your advice 3 or 4 timers and didnt say hey i know i'll send you a exe file via email and steel ur gear. He would get you into a position where you almost ask him to mail you pictures. |
Cherybol
Trader's Academy Daikoku Trade Syndicate
|
Posted - 2006.08.31 19:39:00 -
[108]
Edited by: Cherybol on 31/08/2006 19:40:45 For all of you that are bashing ombey, and taylor04. I flip you the bird. (Middle finger for all you who don't know.)
Yes, They Ran an .exe. Yes, it infected there pc. Yes, they know they messed up a thousand times over. No, you cannot flame them with your 'awsome prowess with computers' because you want to feel cool for once. And yes, you can stick a baguette up your *** and give me millions of isk because you love me.
And for all you special guys out there that say they shouldn't get reimbursed. Think that statement over again. Because the hacker CLEARLY violated the EULA,and even RL laws. Hence, there intitled to there assets back. |
nahtoh
Caldari Bull Industries
|
Posted - 2006.08.31 19:39:00 -
[109]
Originally by: End Yourself
Originally by: nahtoh Ok again for the cheap seats...
Download the app called hijackthis and post the log somewhere perhaps in the known issues and workarounds forum?
If we can Identiy the entry (if indeed there is one) then we can help everybody that maybe sufering from this attack...
I will have a look at the logs and see if I can see anything dodgy in it I reckon a few others would help as well..A full nuke and pave may not be required on your system...
We have a helpfull commuity here with a nice range of expertise...why not try and use it?
oh, that's cool.
err wait... let's say you see something dodgy. and then you remove it. does this mean there aren't any other leftovers?!?
The only solution to a compromised system is a reinstall from trusted media. Whoever says otherwise either has no clue or is making profit selling those crappy tools(mcaffee, symantec...)
It all depends on what it was...the more info we can generate even if its only to help others find out if they are efected by it as well.
But hey if you like nuke and paves be my guest...
BTW hijackthis is freeware...its got sod all to do with Macffee or Norton, used to to clean my own system and have used it to clean other systems.
But like I say if you prefer people to nuke and pave in a panic without knowing what is on their systems (losing perhaps important documents like one other in this thread). ========= "I am not saying there should be capital punishment for stupidity, but why can`t we just take the safety labels off everything and let the problem fix its self |
DropZone 187
|
Posted - 2006.08.31 19:45:00 -
[110]
Originally by: Ombey
Originally by: Grey Area Get yourself a decent virus scanner...if it can't pick up an .exe file as obvious as that, whatever you are using now is pointless.
Try AVG free...it's (as the name suggests) free, and it captures pretty much everything. The company that makes it is called GriSoft...if I can find a link I'll post it.
I have a decent virus scanner- McAfee VirusScan v8.0, fully up to date, and a firewall.
|
|
End Yourself
Core Domination
|
Posted - 2006.08.31 19:50:00 -
[111]
Originally by: nahtoh It all depends on what it was...the more info we can generate even if its only to help others find out if they are efected by it as well.
But hey if you like nuke and paves be my guest...
BTW hijackthis is freeware...its got sod all to do with Macffee or Norton, used to to clean my own system and have used it to clean other systems.
But like I say if you prefer people to nuke and pave in a panic without knowing what is on their systems (losing perhaps important documents like one other in this thread).
The problem is:
Whatever you find you will NEVER know that you found all! So removing it will still leave a system you can NOT trust anymore.
More info is of course allways nice to help to _diagnose_ a compromised computer. Not to fix it.
--- Fighting for peace is like screwing for virginity.
|
Elexi
|
Posted - 2006.08.31 19:53:00 -
[112]
Originally by: DropZone 187 Edited by: DropZone 187 on 31/08/2006 19:47:49 Edited by: DropZone 187 on 31/08/2006 19:47:10
Originally by: Ombey
Originally by: Grey Area Get yourself a decent virus scanner...if it can't pick up an .exe file as obvious as that, whatever you are using now is pointless.
Try AVG free...it's (as the name suggests) free, and it captures pretty much everything. The company that makes it is called GriSoft...if I can find a link I'll post it.
I have a decent virus scanner- McAfee VirusScan v8.0, fully up to date, and a firewall.
Well it is quite ovious that you are wrong and that you don't.
Just because you got scammed irl by a vaporware company doesn't mean that you are secure - in fact it is that false sense of security that is potentially more damaging.
Honestly, you got what you deserve.
Snore.
i used 4 or 5 diffferent virus software all came back showing nothing. also used adware/spy bots etc nothing there either. |
Elexi
|
Posted - 2006.08.31 19:54:00 -
[113]
Btw anyone have an official response from ccp reguarding this problem? |
Sylvia Frost
Sniggerdly
|
Posted - 2006.08.31 20:12:00 -
[114]
Last year I quit Eve for Wow. I own three accounts. Two of them where fine when I returned a few months ago, one was gone, password changed.
This account was given back to me by CCP. No character on it. The character name was Glorious Destroyer. My reseach perfect builder refiner hauler alt guy with 4 level4 agents going for over a year.
Attempted 3 months ago when I returned by petition to find out what happened to my character. They sort of gave me the run around, then they finally told me that the character had been in an isk scam and now was on a banned account.
I am still waiting for a response now from another petition I made on getting my character back......its been a long time.
Only thing I can think of how it got taken is that I did let a few of my close pals use him to refine stuff from time to time, other then that I have no idea, and CCP isnt budging so far on giving him back. At this point I would give a **** less if anything was updated, clone, isk, ships, whatever.
Sorry this happened to you guys, but your not the only ones it appears..
|
Akira Kaneshiro
Caldari Associated Press
|
Posted - 2006.08.31 20:20:00 -
[115]
btw go to a police station and make a report for future reference. In my country is a good action to avoid future problems with banks/etc.
---- sig of truth ---- Stop whining. Deal with it or quit the game. |
Kalixa Hihro
|
Posted - 2006.08.31 20:21:00 -
[116]
Edited by: Kalixa Hihro on 31/08/2006 20:25:51 Edited by: Kalixa Hihro on 31/08/2006 20:24:38
Originally by: Grey Area Get yourself a decent virus scanner...if it can't pick up an .exe file as obvious as that, whatever you are using now is pointless.
Try AVG free...it's (as the name suggests) free, and it captures pretty much everything. The company that makes it is called GriSoft...if I can find a link I'll post it.
Virus scanners only recognize _known_ viruses in their signature subscription. A trojan != virus. Viruses destroy files. A trojan impersonates them.
Neither spyware removal or virus scanners will see this if it's new and unknown to the companies.
What probably happened is the rar file installed a keylogger or eve trojan which sent everything you typed to them, since the password is not stored on your computer.
As this is extremely illegal and dangerous stuff (in real life), I suggest you contact your local police department and report the incident. You should also contact the SANS institute and report it. Send them a copy of the RAR file so they can disseminate it to the spyware companies. They may have also stolen other creds, including credit card numbers, the id/pw to your bank etc. Anything you type on your computer is at risk until whatever this is is identified, to understand the risk, and removed.
You should also go to your folder options and uncheck "hide known extensions". People can take a gif, jpg or anything else and name it something.rar.exe. If you have hide known extensions checked, it shows up as something.rar. Unchecked it shows the real story.
Download and install ethereal (a packet sniffer) or get an IT pro you know to do it, and see if your computer is sending stuff to strange places. Note the IP's and include them in the police report. While sniffing the network, don't do anything. Turn off any internet applications etc, to minimize the noise. Run a trace for a while. Then start eve up and run a trace while that's happening. Save the traces and give them to the police on CD.
-Kal /*----------------------------------------------------------------------------------*/ My opinion in no way represents that of my corp or anyone I am associated with, and is probably entirely wrong. |
DropZone 187
|
Posted - 2006.08.31 20:26:00 -
[117]
Originally by: Elexi
Originally by: DropZone 187 Edited by: DropZone 187 on 31/08/2006 19:47:49 Edited by: DropZone 187 on 31/08/2006 19:47:10
Originally by: Ombey
Originally by: Grey Area Get yourself a decent virus scanner...if it can't pick up an .exe file as obvious as that, whatever you are using now is pointless.
Try AVG free...it's (as the name suggests) free, and it captures pretty much everything. The company that makes it is called GriSoft...if I can find a link I'll post it.
I have a decent virus scanner- McAfee VirusScan v8.0, fully up to date, and a firewall.
Well it is quite ovious that you are wrong and that you don't.
Just because you got scammed irl by a vaporware company doesn't mean that you are secure - in fact it is that false sense of security that is potentially more damaging.
Honestly, you got what you deserve.
Snore.
i used 4 or 5 diffferent virus software all came back showing nothing. also used adware/spy bots etc nothing there either.
Well once you realize that anti-virus companies are a real life scam then you can move onto the process of becoming 'enlightened'
Proper information security isn't about technology - it is mostly about user behaviour. In this case, the person accepted and ran something from an untrusted source. Now they pay the consequences, end of story. Had the person followed normal practices of not opening the file, we would not be having these discussions.
AV companies provide a false sense of security by protecting against what is 'known' to be running on the internet. They have nothing proactive as that is against their business model of milking unsuspecting users for subscription fees. Same theory of razors never going dull, light bulbs never going out - corporately it is suicide for them to actually put out a working product.
If users learned to follow good practices there is no need for av software. I myself don't run av software as I follow good computing practices and have never experienced a virus. Being a profesional in the field (and yeah I got tons of letters behind my name that are supposed to signify that I know more than anyone else) I also know that the effectiveness of av is quite limited as the current industry's response time is not nearly enough (or reliable) to be considered an effective control measure. Besides, if they didn't have virus outbreaks that got coverage on CNN, their shareholders and clients would dwindle over time.
So, go read so safe computing practices and get some good backup software. The backup software will cost the same as the av and provide much better use.
|
Elexi
|
Posted - 2006.08.31 20:40:00 -
[118]
Originally by: DropZone 187
Originally by: Elexi
Originally by: DropZone 187 Edited by: DropZone 187 on 31/08/2006 19:47:49 Edited by: DropZone 187 on 31/08/2006 19:47:10
Originally by: Ombey
Originally by: Grey Area Get yourself a decent virus scanner...if it can't pick up an .exe file as obvious as that, whatever you are using now is pointless.
Try AVG free...it's (as the name suggests) free, and it captures pretty much everything. The company that makes it is called GriSoft...if I can find a link I'll post it.
I have a decent virus scanner- McAfee VirusScan v8.0, fully up to date, and a firewall.
Well it is quite ovious that you are wrong and that you don't.
Just because you got scammed irl by a vaporware company doesn't mean that you are secure - in fact it is that false sense of security that is potentially more damaging.
Honestly, you got what you deserve.
Snore.
i used 4 or 5 diffferent virus software all came back showing nothing. also used adware/spy bots etc nothing there either.
Well once you realize that anti-virus companies are a real life scam then you can move onto the process of becoming 'enlightened'
Proper information security isn't about technology - it is mostly about user behaviour. In this case, the person accepted and ran something from an untrusted source. Now they pay the consequences, end of story. Had the person followed normal practices of not opening the file, we would not be having these discussions.
AV companies provide a false sense of security by protecting against what is 'known' to be running on the internet. They have nothing proactive as that is against their business model of milking unsuspecting users for subscription fees. Same theory of razors never going dull, light bulbs never going out - corporately it is suicide for them to actually put out a working product.
If users learned to follow good practices there is no need for av software. I myself don't run av software as I follow good computing practices and have never experienced a virus. Being a profesional in the field (and yeah I got tons of letters behind my name that are supposed to signify that I know more than anyone else) I also know that the effectiveness of av is quite limited as the current industry's response time is not nearly enough (or reliable) to be considered an effective control measure. Besides, if they didn't have virus outbreaks that got coverage on CNN, their shareholders and clients would dwindle over time.
So, go read so safe computing practices and get some good backup software. The backup software will cost the same as the av and provide much better use.
This isnt a case of lacking common sense etc, the guy didnt just randomly eve mail you hey give me your email address so i can send you a trojan. I spoke to him 4 or 5 times ingame and it got to stage i needed pictures to help him. so i asked him to send em to me he never once even hinted at emailing me pictures. So when they came in a .rar i just opened it without thinking twice and looked at the pictures seriously who asks for pictures then asks them to come unziped?. I didnt run anything that came out of the .rar apart from the 2 pictures. it looked perfectly normal. I even sent him a mail back stating my opinions on the character. |
Plutoinum
German Cyberdome Corp Veritas Immortalis
|
Posted - 2006.08.31 20:44:00 -
[119]
Edited by: Plutoinum on 31/08/2006 20:46:13 Sad to here, hope they solve it for you.
But another thing: If a virus scanner detects nothing, it doesn't mean that it's safe. If someone is just after eve logins and passwords, he maybe wrote that program himself just for that purpose and spreads it only in the eve-community. If the scanners don't know it, there is only a little chance that the scanner marks it as suspicious by some pattern match, if the guy use some known exploits/hacks/tricks/toolkits. A software firewall could have helped to stop someone else getting the login/keys, but that also depends on what the attacker really did. It's not 100% safe.
If you want it 100% safe, you shouldn't connect to the internet anymore. You can only try to minimize the risk and be careful.
|
Sphit Ker
|
Posted - 2006.08.31 20:46:00 -
[120]
Originally by: taylor04 ok, now im getting really really worried, (...) so will i need to change my paypal/bank accounts stuff, please someone who knows about this stuff get back to me on that pronto
thanks
You call the bank and explain to them what is going on. They have a clue how to work it out alright. Mine does.
Be extra careful before you start changing passords from the same computer tho.. use one of those Linux LiveCD for this, if I may..
|
|
|
|
|
Pages: 1 2 3 [4] 5 6 :: one page |
First page | Previous page | Next page | Last page |