Category Archives: Browser Hijacks
can banks security get hijacked?
Question by soozypoo: can banks security get hijacked?
a week ago when logging into online banking with lloydstsb,i was asked to verify my debit card linked to my current account as extra security measure.It asked me to provide card number,exp date,and 3 digits on the back.I didnt trust it and signed out.
I closed my browser,opened it again and manually typed in the web address again, after logging in with my normal details it told me,before i could view my accounts i had to provide my card details,as i needed to know my balance before making a withdrawal and due to the bank having my wrong date of birth nobody on the phone would speak to me regarding the matter(stupid robot voice,when promted for my dob told me its wrong and the call wont go further,and when i do speak to a human they say the same,even tho i’ve been in branch numerous times with my passport to change it) i went ahead and entered the details.
They have since called me about dodgy transactions on my card,there was also a large sum of money transferred from my savings account to my debit card account the same day i logged in and was asked to provide those extra details.
The bank told me that my pc is infected and that they never ask for any additional details.I have ran various scans and all have come back clean,yet they are still adamant it is my end,however i mentioned this to my partners dad yesterday about any other scans I can run and when explaining why,he became concerned as when he logged in the same week as me, he also was asked to verify debit card details before he was allowed to view his account,this is from a pc at a different address to mine,so surely something doesnt add up here.
My banking has all been closed down and a bar put on my accounts until I have got rid of the virus i’m told,which i appreciate as I wouldnt be happy if my money went awol.how am i meant to prove to them my system is clean?
What Im questioning also is the fact that if it was their system that had been compromised,they wouldnt admit it surely for fear of public backlash and compensation claims.Just who do you trust these days lol,would be interesting to know if any other lloyds tsb users got the extra security question come up in the last 2 weeks as i know now i wasnt the only one
the bank cancelled my card and locked down my account on sunday,which is when they called me regarding the suspicious activity,so i cant get a statement to check where the ‘suspicious’ payments have gone from.
They hadnt noticed £1500 transferred from my savings to my current account it wasnt until i mentioned it,they were questioning a £100 debit card payment to a company called lalico/lalibco kelly enterprises or something like that,call wasnt very clear,
i went in branch today to again change my dob it was branch manager who i spoke to but he said i have to deal with the internet fraud team and didnt give me a statement so i could check for myself.
Ive used internet banking for 8yrs without problems with the same avg antivirus software so i am a bit miffed how it has happened and i cant recall any card readers in shops looking suspicious.
Will defo look for more protection tho i feel if someone wants your details bad enough they will get it no matter how protected you are
Thanks
i have found out it wasnt my pc that was infected,it was in fact the purchase i made on sony playstation network for my son,i finally put 2 and 2 together yesterday,i’d heard about the hack but didnt know exactly what had happened,when i’d been speaking to someone and they suggested it could possibly be that.
My new passwords etc have arrived from the bank and i logged on to find b4 they closed the card down someone topped up a tmobile phone with £30 from my account,my bank are refunding this and i mentioned to them id used my card 2 weeks ago to make a purchase on playstation network and that id checked my pc for virus and nothing came back,she told me it was 99% certain that these transactions and my details being compromised were due to sony getting hacked,and is informing the fraud dept that I had made a purchase on the network
thanks for all the answers guys
Best answer:
Answer by Nicky Tan
That is very possible. The US government had ever been hacked before and their security level is generations ahead of a bank security.
Give your answer to this question below!
Desktop Spyware Protection Added to Sunbelt Software
Orlando, FL (PRWEB) June 6, 2005
Microsoft Tech.Ed – Sunbelt Software today announced the general availability of a major upgrade to their enterprise antispyware solution, CounterSpy Enterprise, which now includes desktop spyware protection. This upgrade offers organizations leading edge, enterprise-wide protection from spyware. The new Version 1.5 of the spyware protection software has even greater capabilities to detect and remove spyware threats with new Active Protection Monitors that deliver spyware protection on users
Max Secure Spyware Detector: Eliminate Spies, Avoid Identity Theft and Speed your PC
Silicon Valley (PRWEB) July 4, 2005
Max Secure Software, developer and global leader in privacy and security products varying from a broad range of security software solutions, and services designed to help individuals, small and mid-sized businesses, and large enterprises security announces release of new and improved product, Spyware Detector Home Edition.
Your computer could be under surveillance at this very moment from spies. Spyware, the new threat to Data Security, Intellectual Property and loss of your Identity, is responsible for this. The risks from spyware and adware are increasing steadily, becoming a major challenge for computer users. Spyware puts users at risk for decreased productivity, loss of privacy, slow browsing, slow and crashing PC
SecureMyPC Spyware Defence and Removal v2.0
(PRWEB) August 6, 2005
GSI Concepts is proud to release the SecureMYpc® line of products. Cost effective, ease of use and feature rich are trademarks of all our software. Spyware Defense and Removal Version 2.0 breaks new ground in design and functionality. Our utility detects, removes and protects your computer from thousands of spyware, adware, malware, trojans, keyloggers, spybots and malious threats.
Spyware Defence and Removal v2.0 key features:
Fast Scanning Engine
Phishing, Account Hijacking Myths Exposed
(PRWEB) August 12, 2005
One of the challenges facing internet users today is the growing problem of account hijacking, also called
My google results are hijacked!! Need help. HJT log?
Question by Matt M: My google results are hijacked!! Need help. HJT log?
Two days ago I did a search on google and noticed it was going slower than usual, then the font was larger than normal. I clicked on a link and it redirects me via go.google to spam and spyware sites. Copying and pasting the urls work, but for some reason i’m not able to access tech support sites. Every other site works, but when I try to go to techsupportforum, techguy, ect it says that IE is not able to display the page, even though the connection is fine. I ran Trendmicro and Spy Sweeper multiple times but they hav’nt fixed the problem. Please help me. Here’s my HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:39 AM, on 10/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 – HKLM\..\Run: [SunKistEM] “C:\Program Files\Digital Media Reader\shwiconem.exe”
O4 – HKLM\..\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”
O4 – HKLM\..\Run: [VTTimer] VTTimer.exe
O4 – HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 – HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [BJCFD] “C:\Program Files\BroadJump\Client Foundation\CFD.exe”
O4 – HKLM\..\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 – HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 – HKLM\..\Run: [CaAvTray] “C:\Program Files\Yahoo!\Antivirus\CAVTray.exe”
O4 – HKLM\..\Run: [CAVRID] “C:\Program Files\Yahoo!\Antivirus\CAVRID.exe”
O4 – HKLM\..\Run: [UfSeAgnt.exe] “C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe”
O4 – HKLM\..\Run: [UserFaultCheck] C:\WINDOWS\system32\dumprep 0 -u
O4 – HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 – HKCU\..\Run: [Veoh] “C:\Program Files\Veoh Networks\Veoh\VeohClient.exe” /VeohHide
O4 – HKCU\..\Run: [Yahoo! Pager] “C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 – Extra button: Yahoo! Services – {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} – C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 – Extra button: Real.com – {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} – C:\WINDOWS\system32\Shdocvw.dll
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) –
Best answer:
Answer by Sly_Old_Mole
Try this:
Run ATF cleaner (tick all boxes)
http://www.snapfiles.com/get/atfcleaner.html
Then download & run (free):
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
Then lets us know if your still having problems.
What do you think? Answer below!