Have I been hacked?

2

Comments

  • RussJK
    RussJK Posts: 2,359 Forumite
    bryanb wrote: »
    O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll (file missing)

    Other than the leftover traces from having Hotspot (considered adware), the log looks clean to me. Lots of bloat, but clean :p

    Still leaves the mystery of how your payment was redirected, if it really was. How did HitmanPro scan go btw?

    As Santer says, it seems strange that the criminals would need anything more than what was on the apparently fake transaction you made. Doesn't quite make sense really.
  • RussJK
    RussJK Posts: 2,359 Forumite
    Could you right click on the link given in the phishy email, and select 'copy link location' or the equivalent. Then left click on my name on the side RussJK, and select 'Send a private message to RussJK'. In that private message, right click and paste the URL please.
  • i have been hacked in the past and it sounds like you have been minorly hacked:):):):):):):):):):):):):):):):):):):)
  • bryanb
    bryanb Posts: 4,985
    First Post Combo Breaker First Anniversary
    Forumite
    RussJK wrote: »
    Other than the leftover traces from having Hotspot (considered adware), the log looks clean to me. Lots of bloat, but clean :p

    Still leaves the mystery of how your payment was redirected, if it really was. How did HitmanPro scan go btw?

    As Santer says, it seems strange that the criminals would need anything more than what was on the apparently fake transaction you made. Doesn't quite make sense really.

    Thanks for your input, it really is appreciated. HitmanPro scan went ok, I think, Plenty of tracking cookies, mostly sites I recognise. A couple of pornsite ones - moi? non!
    One labelled as a Trojan (What's that?) It was a nudeman clock I had set as screensaver (Recommended by a friend)
    Not sure what you mean by bloat. I can guess, but I'd probably be wrong. How do I remove it?
    Going to monitor the card account carefully for a while though.
    This is an open forum, anyone can post and I just did !
  • RussJK
    RussJK Posts: 2,359 Forumite
    bryanb wrote: »
    Thanks for your input, it really is appreciated. HitmanPro scan went ok, I think, Plenty of tracking cookies, mostly sites I recognise. A couple of pornsite ones - moi? non!
    One labelled as a Trojan (What's that?) It was a nudeman clock I had set as screensaver (Recommended by a friend)
    Not sure what you mean by bloat. I can guess, but I'd probably be wrong. How do I remove it?

    It's possible to get cookies from sites you've never directly visited (including !!!!!! sites) just because of ads on pages you have :)

    See if you can upload the nudeman clock to https://www.virustotal.com. You have to click on the 'Upload' button, then navigate to the folder that contains the nudeman clock file. After you upload it, please give the link/URL to the report so we can see.

    Don't worry about the bloat so much for now - but there is a 'slow PC' thread in the stickied threads. (just unnecessary programs running, that cause slow down)
  • bryanb
    bryanb Posts: 4,985
    First Post Combo Breaker First Anniversary
    Forumite
    RussJK wrote: »
    Could you right click on the link given in the phishy email, and select 'copy link location' or the equivalent. Then left click on my name on the side RussJK, and select 'Send a private message to RussJK'. In that private message, right click and paste the URL please.

    I think I've done that, not sure the PM went though.
    This is an open forum, anyone can post and I just did !
  • bryanb
    bryanb Posts: 4,985
    First Post Combo Breaker First Anniversary
    Forumite
    RussJK wrote: »

    See if you can upload the nudeman clock to https://www.virustotal.com. You have to click on the 'Upload' button, then navigate to the folder that contains the nudeman clock file. After you upload it, please give the link/URL to the report so we can see.

    Already deleted Nudeman clock.

    Thanks for the help so far, got to go out now. BB
    This is an open forum, anyone can post and I just did !
  • bryanb
    bryanb Posts: 4,985
    First Post Combo Breaker First Anniversary
    Forumite
    My apologies, The card we were using was a new one in the wife's name. This morning she was checking her account when she asked - Should I have activated that card before using it?
    The Sagepay email was obviously genuine, notwithstanding poor grammmar and spelling mistake, plus a Yahoo address.
    Sorry for the waste of time, but at least I've learned a lot about security etc!
    This is an open forum, anyone can post and I just did !
  • RussJK
    RussJK Posts: 2,359 Forumite
    Thanks for letting us know. Still, kind of strange that Sagepay would use a yahoo email to ask you to verify a transaction...
  • RussJK wrote: »
    Thanks for letting us know. Still, kind of strange that Sagepay would use a yahoo email to ask you to verify a transaction...

    Yeah my thoughts too. Unless the email was from the vendor and not actually Sagepay.
This discussion has been closed.
Meet your Ambassadors

Categories

  • All Categories
  • 342.2K Banking & Borrowing
  • 249.8K Reduce Debt & Boost Income
  • 449.3K Spending & Discounts
  • 234.4K Work, Benefits & Business
  • 606.7K Mortgages, Homes & Bills
  • 172.7K Life & Family
  • 247.2K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 15.8K Discuss & Feedback
  • 15.1K Coronavirus Support Boards