New Life Games Tech Forums

Anyone else get a questionable email from another member today.
It came with nothing but the link and it was from a trusted member, but when I tried to go to the link it made my investment in symantec worth every penny. I'm wondering if the members email got hijacked

Not sure if it got hijacked or faked/
Let me see if I can look at the headers.
I got the same e-mail.

It looks like it got hijacked.

Thanks Foster :131-

I got it too. Fios caught it before any damage. fid anyone tell him yet?

I semt PM to  him.

Don't open anything from me!  :37-
Somebody got my email and is sending out junk!!! 
I just changed my email at 11:20 PM EST

I'm so sorry!
What was it because I cannot see it!?!?!?

It showed your sex tape then deletes your hard drive....the last part was Ok....

YOU ^((%@%&()___(&^$$%^*)_+_+++)*&^&*)(__+_(&^%$$%&()_ :58- :58- :58- :58- :58-

 :262- :262- :262- :262- :262- :280-

Just kidding, I just had to yank your leg a littlle I did not go to the link in the email. I am overly cautious when it comes to email, especially ones that do not have personal greetings or messages in ones own words... My NIS did not say anything, but I did not try the link, so that is probably why.

Were you Hijacked, or a Virus Victim? That Sucks!!!!!!!!!!!!!

CH :95-

Except for that poor sheep, baaaa, baaaaa, baaaaa

I'll never get to sleep tonight

 :97- :97- :97- :97- :97- :97- :97- :97- :97- :97-

DON'T Open anything from me!

It's NOT me sending it!! PLease!!!
I don't know what to do!
SLOTSX...and Kirk! I didn't send that! Somebody else is doing this!  :37-


This is a screenshot from my computer!...>>>

Don't let it beat you up Mark, could happen to any of us and those that get mad about it can go piss up a rope. Not like you did it yourself or on purpose. Pardon my language, but fuck'em if they don't understand you got attacked

Oh lord...
I just looked at my email....87 messages went out!!  :8-
Jesus...I didn't send this crap!

Foster...PM me your phone number.
I'll call you right now if you need any info or password or anything to stop this !
Does anybody know what to do to stop it?


It started at around 5:26 PM EST I think!
Gee! I was in my car driving home from work!!!!  :37-

Here's a screenshot of my email page!...>>>

Mark if it helps That is when I got mine. close to 5:30. Not your fault!

Just from now on use a different e-mail when on the porn sites

I don't use my hotmail on porn sites!  :37-
I don't even go to porn sites!!!! AaaarrrrrrrrRGHHHH!

I am so pissed but also so sorry it happened somehow.
Even my ex-mother-in-law got hacked into too I think! jesus!

Oh crap!....I'm getting returned, "undeliverabled" email messages from hotmail like crazy now!
Oh hell! Now I see that "I" wasn't able to send an email to my college proffessor I wrote to about 11 years ago?!?!?!?  :279- :25-

On Kirk's uh...angry response....I can see that he got some sort of a "bloodmountainphp" link....
If that's it....don't open it!!
I don't know what it is and it IS NOT from me!!!

Hey everyone needs to go easy on poor Mark, it is not his fault that he got Hijacked!!!! Don't make it worse for him by sending him NASTY MEAN emails! Bad KARMA WILL CATCH UP TO YOU! If you are just joking around like I was hoping to in my post here to give him a laugh make sure that it is stated as that!!!

Poor guy is pulling his hair out over this! :277- :277- :277- :277- :277-

CaptainHappy :95-
:admin-

This is common. Download Malware bytes ... The free version cleans this.
Make sure you reboot afterwards even if doesn't ask.......

Thanks guys...I will do it right now!

OK...downloaded Malware Bytes and it found 3 things.
I attached a screenshot below...>>>
Should I check all 3 and "quarantine" them?
But I think the problem is on my work comuter because the php links in those other emails started
as I was driving home from work!  :37-
So there's probably something on my work computer?

Gee ...how in the hell do they get all my email addresses?
Even the one's I haven't used for years?

kill them all and change your passwords. Before you change them though, make sure you check that any email password change notifications are sent only to you and not whoever did this. Also change the answers to any security questions you use for lost password  identification. My wife had this happen a couple years ago and it sent out the stuck in a foreign country and can't get home email to every one on her contact list

Thanks cowboy....
I deleted every one of my email contacts too.
I am totally wiping out that email....no more Hotmail.com for me even though I've had it for about 12 years.

Just make sure I get your new address Bunker :89-

I will...I saved everybody's email addy's on a plain wordpad sheet.
I'm still thinking about wiping out the hotmail email account
but I will wait until Monday when I can get to my other computer at work.

HEY bunker i got one to about 5:27 . got a mac so i think I'm OK . deleted email  no hard feelings sh--t happens

Thanks plunger!
Sorry somebody sent you that!
I noticed they all have different php links.

It's definitely the work of some ad agency someplace.... :30-

I completely agree! If anyone is that STUPID to think you sent that, they can go uh...do what's quoted above!  :wtf1-
It takes about one iota of common sense to figure out your e mail was compromised.  
Sorry to hear that happened to you!!

I had something like this happen to me from my yahoo e-mail

I wish I could tell if it was something that got put on a persons computer that waits until it detects the user being idle or AFK and then sends out the e-mail or a script that loads when some sites are visited and if it finds that user logged into hotmail,yahoo, gmail, or even ISP web based e-mail account does its dirty work.

I just had a little panic of the timing of my email from Bunker thinking I got mine alot earlier than everyone else, 4/27/2012 2:27:15 PM
Then I pulled my head out of somewhere pretty dark, and realized mine is PST, which is 5:27 EST... :279- :97-

FWIW, mine was a text email with the following in it which was not clickable as an active link, maybe the computer protected me from that? If I just moused over it it was just an I bar, not a clicky cursor. Also the below is just a copy of what was in the text without the "dot php" at the end of it.

h t t p : / / whyzine.com / images / mvsd55x2 EDIT I ADDED SPACES AS THE FORUM SW SAW IT AS A LINK FIRST TIME!
4/27/2012 2:27:15 PM

CH :95-

P.S. FOSTER, what is AFK??? Away From Komputer??  :5- :200- :208- :208- :208-

Bunker, I'm insulted, I didn't get one.   :208- :208-
Good luck getting all taken care of.
Ford

Thats ok you can have ours  i only opened the email  , Am i safe?

If you didn't open link you should be OK

nope I didn,t this time  :3-

Mark ,OMG I was wondering what that email was about. I did receive it Also... John

I'm so sorry capt happy, shorttrackskater, steve, westec1, john...everybody!   :8-
I think it went to everybody on my email!
So far, I've found that it sent out about 87 emails! arghh!
I still may get reponses from about a 150 more people!  :25- :279-

I didn't send it and DONT open the link!

Thanks!

ps
what time did you get yours?
Everybody is reporting it started at about 5:26 or 5:27 yesterday.
I've completely cleaned out my computer with a Malwarebytes full scan and 3 infections were found last might.
They were from 2 ad companies....you can see it in the screenshot in Reply #19...


That hotmail account is okay now but I had 253 contacts on it
and everyone of them got an email with some sort of a PHP link....DONT OPEN THE LINK! PLEASE!

The time on My email , was 4/27/20012 5:26 PM :103- :200-
I fixed the Time I received that email

That's strange....since when you live in California john?  :72-

OPPS , I meant 5:26 , sorry was looking at another email!!! Want me to forward that over to you? I seen the email , but didn't click on anything... Thank GOD

no...just delete it but if you can...delete it with the message drop down dialog box that says "My friend's mail was hijacked!"
or something to that effect.
That way Hotmail knows it wasn't from me actually.
Not every email company has that option so just plain deleting it will be okay I think.
I had to remove everyone's email from my Hotmail account
and saved them in a separate Wordpad for now until it's all straightened out at Hotmail...argh!
 

I got one too. Obvious it was a hijack spam or virus/worm.
Logged on to NLG and found this post.
Thanks for posting! Just verified what I suspected.
Not the first time this has happened, won't be the last.

Jim

I'm glad you didn't click on the link Uniman!  :3-
Ohhh!...the internet world we live in....argh!

If anybody clicked on the stupid PHP link they put in there...go to malwarebytes.org
and get the cleaner recommended by Jay.
My computer is working great now! whew!
It took about 5 minutes on the quick scan to get it out.
Only problem now is some bloody advertisement company has everybody's email addresses now.... :276-
I think whoever did that should be thrown into jail!

Below is what my computer looks like now after performing the malwarebytes scan for the second time...>>>

Mark, I am sure you know, but i got it too, actually for quite a while now I have gotten emails from you at random that say you have sent me some pictures...
I never opened them , since you had not told me you were sending any...   Its a common "virus"  goes around a lot on the net!

PM me your new email, when you can..

i got it too im glad i opened it on my cell it wouldnt let me click the link i just deleted it....

I hate to admit it, but I got it and clicked on the link yesterday.
It started to load with a green progress bar and I knew something was wrong.
I closed the page quickly. Checked and it looks like my anti-virus software did it's job.
Checked and did scans with the anti-virus and Malware and nothing showed up.

Good thing because I just got this computer. Good news I haven't loaded any of my address book yet, so they didn't get any info from me.

Been off here for a while and just now saw this thread.

Bunker...This is a Hijack...not a Virus.

To stop this do as cowboygames said and Change your Passwords.
I too have suffered a hijack and know the frustration you are going through.

FACEBOOK is riddled with these attacks. That was the source of my hijack.
You have to be VERY careful of any links/posts you click on there. They are
disguised as some really interesting story to entice you click on them. When
you do, they extract your saved passwords on your pc...specifically targeting
email so they can mass spam out their crap. It is Not Hotmail's fault and you
will be able to continue to use your Hotmail acct after you change your password.
Problem is the "damage" has already been done but anyone who knows you
should realize you did not send this on purpose.

Malwarebytes is an excellent program to help keep your PC safe but you really
need to take more measures for a deeper level of safety. In the world of freeware
I use Malwarebytes, CCleaner, Spybot, & AML Registry Cleaner. I've found that
no one program does it all. What one misses the other catches. Mbam & Spybot
are good malware cleaners and CCleaner & AML are good registry cleaners.
A lot of people don't realize that if you must keep your registry clean. You can
run a program to clear malware & viruses but if you don't clean the registry they
can sometimes come back. (cleaning your registry also boosts PC speed by getting
rid of crap that ties up resources)

Its a good idea to run these programs periodically to keep your pc clean/safe.
I would advise that anytime you run a registry cleaner ALWAYS back-up the
registry 1st cause sometimes they erase too much and can stop your pc from
running. Most programs such as the two I mentioned ask you if you want to
back-up the registry and will do it automatically when you select yes.

When searching for software, BE AWARE OF IMPOSTERS!!! There are many
that display the Windows insignia are the AVG insignia that are NASTY, NASTY
bastards that take over your computer. NEVER ever do any free online
computer checks no matter who they claim to be. Stick with your known &
trusted programs.

To that end, here are links to the programs I mentioned:

CCleaner:  http://www.piriform.com/ccleaner
AML Registry Cleaner:  http://www.amltools.com/
Malwarebytes:  http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
Spybot:  http://www.safer-networking.org/en/mirrors/index.html

These are all Freeware so no charge. If you like them you can donate or upgrade.
If using Spybot, I recommend NOT activating "teatimer" cause it really slows your
PC down but it is a 'running' program to keep you safe. I've had no issues without
it being active. Just remember to run these programs every once in awhile to keep
your PC clean and to keep the program updated.

ALL THE BEST!

tjkeller  :186-
 :nlg- Docs

I use a subscription registry cleaner called ARO and run it once a week. Anybody ever heard of it or have any comments on it? It backs up my registry before it starts it's clean each time

Hey tjkeller
Glad to see you back...I have a minor bug called the Search123 "virus"
sometimes redirects your home page, but mainly just sends a crap load of unwanted popups that I never click on..
I am running Zone Alrm extreme, crapclearner, and malwarebytes, but these wont find and fix it..

Suggestions?

When I got it, I pretty much knew it was not legit based on it just being a link and multiple recipients. 

Most of the times when people get e-mails like that, they are not even coming from the person it looks like it came from. Someone else's computer has a virus and is sending them out with a spoofed "from" address. Very hard to figure out who's computer is actually sending it.

One program I use to find this crap
 is "Supper AntiSpyware".
You can get it at supperantispyware.com
and it's a free program.

Looks like you will have to do some registry editing:
see:
http://www.removemalwarespyware.com/cant-remove-search-123-com-hijacker-virus-get-rid-of-search-123-com-manually/ (http://www.removemalwarespyware.com/cant-remove-search-123-com-hijacker-virus-get-rid-of-search-123-com-manually/)
http://blog.teesupport.com/remove-search-123-com-browser-hijacker-manual-removal-for-search-123-virus/ (http://blog.teesupport.com/remove-search-123-com-browser-hijacker-manual-removal-for-search-123-virus/)
http://www.exterminate-it.com/malpedia/remove-search123 (http://www.exterminate-it.com/malpedia/remove-search123)
http://www.pcfixessupport.com/how-to-fix-search-123-com-redirection-problem-search-123-com-hijacker-virus-removal-instructions/ (http://www.pcfixessupport.com/how-to-fix-search-123-com-redirection-problem-search-123-com-hijacker-virus-removal-instructions/)

Hey there folks,

Just wanted to say that it is nice that you are sharing your tricks to deal with all of this stuff... I am going to throw around some  :259- 's to all you guys here!  :50- KARMA STORM :50- :244- What a great FAMILY we have here! :244- :131- :244-

CaptainHappy :95-
:admin-

P.S. hey there TJ, good to see ya!

I am going to use all those helpful links TJ!
Thank you so very much for sharing with us!
Karma galore to you!  :3- :131-

Poppo was right about something, I never add more than one other email address
when sending an email to someone I know.
Multiple addresses should pop up a RED FLAG!!!

It is so frustrating when something like this happens.
I've always been very careful not to open up anything suspicious and I think TJ nailed the source right on the button.
I opened up a couple of Facebook stories and when I did - I thought it was very unusual to see the way they opened.
I can't describe it but I opened another story last Friday around lunchtime and all these new spam junk went out to everybody at around 5:26 or 5:27 EST.

Another friend of mine but not an NLG member, was getting "strange" email's from me but he stopped it by clicking on the "My Friend's Email is Hijacked!" button in the dialog box...I think it stopped that one but the Facebook story I clicked on might of started a new round of spam junk mails.

Again, thanks to all that didn't open or click on the link and I'm very , very sorry some of you clicked on that PHP link.
Usually when I send someone on NLG an email - they know ahead of time because I try to tell them via the NLG PM messaging thingy.

PS Capt...I pushed your karma to 600!  :89-
I'm giving everyone else a karma everyday for putting up with me.
I hope the other's survived but they're not posting!
I hope their computer's are okay! :8-