Upgrading account and spyware concern

I'd like to upgrade from Basic to Premium account... If the credit card # is stored in the Linden Labs database... Would a single click of the mouse on the 'Upgrade' button be futile when I'm sure I have malware in my computer?

If you're sure you have malware on your computer, get it off, now. Try downloading and running AdAware, from http://www.lavasoft.com .

It looks to me like the credit card number is obscured in your account settings, just showing the last five numbers. This means that malware on your computer will not automatically get your credit card number even if it watches you upgrade your SL account. It can get the password to your SL account, though, which is bad.

I don't see why you should be harboring malware. I think you should try to remove it as soon as possible.

Shooot..... I'm glad I asked!...

It's kinda complicated...yes I did use Adaware and other programs... they may have removed most Trojans...but there is one that I'm sure is still in the computer... something called Trojanspy.html.smitfraud.c - a nasty new critter that's hard to get rid of I'm just waiting for a friend to do a complete system format..... guess I should just be more patient Thanks Lex!

heres a helpfull webpage, yeah the url is wierd

http://www.doxdesk.com/parasite

Alot of info about spyware, trojans, and how to get rid of them

note- smitfraud - is a virus/trojan (desktop highjacker),
you really need to get rid of it asap ,

I'd unplug my modem til this thing was gone.

It IS possible that you could be running malware that logged your keystrokes. That's pretty unlikely, but they could get your credit card information that way. If you're that concerned, try upgrading your account from a friend's house.

Run AdAware and Spybot Search & Destroy. (http://www.safer-networking.org/en/index.html) SpyBot S&D is my personal favorite, but I still run them both, just to be sure. Malware has an uncanny habit of adapting to malware removers.

#%$^@*#^$&$* !! Aargh. Sorry it's just frustrating as hell. Never again am I using Internet explorer - I owe that to you, Thili - that website you gave me has incredible info on how to prevent these things from happening; things I didn't know up until now. thanks
Thanks Kim and Catherine too...for caring...Guess it's time for internet cafe for a couple of weeks.

Best of hope on getting that crap out of your system, Nimue.

I also recommend SpywareBlaster in addition to the above -- it works as a shield, so stuff doesn't get in, in the first place.

http://www.javacoolsoftware.com/spywareblaster.html

Good.

For those of you not following along, Internet Explorer is the computing equivilent of sticking your hand in a sack full of dirty needles and just rummaging around for a while. I recommend switching to Firefox. Functionally, it does everything IE does, with the exception of not infecting your system with tons of crazy malware.

Prepare to laugh.


Wait for it...


Waaaaait for it...


I suggest using Spybot, Ad-Aware, SpywareBlaster and Microsoft Anti-Spyware Beta.

Each will get what the other is weak at grabbing, and SpywareBlaster will plug up some of the holes.




*Why MS Anti-Spyware?
Microsoft bought Giant, who originally had the program, and folded it into their own collective.
Surprisingly, it's a pretty darn good tool, getting what Spybot wouldn't get on my old install.

Hm... I'm not sure if I like having my CC # stored on LL's servers...

That's how it is in most recurring-payment based online services, not just here.

If it's that much of a concern, depending on where you are, a prepaid debit card may be an inexpensive option (-- an option that I personally use) as a 'security shield'.

I do not want to start a "The World vs Microsoft" discussion here, but I think everyone that goes around telling people that a simple switch to Firefox and Linux will take care of all of their security problems, is doing the online world a disservice by providing those folks with a false sense of security.

Any system, regardless if it is based on Linux, Windows, UNIX or any other OS, if not properly configured, secured and maintained, sooner or later will be owned.

As a security engineer at a Fortune 100 company, it scares the heck out of me when I hear "technical" people make claims on Linux and Firefox's invincibility, and offer it as a solution to solve the security problems of the world, while I see vulnerabilities in those two and many other products reported and exploited time and time again.

Just this week, there were two "extremely critical" vulnerabilities reported on Firefox, for which zero day exploits have been released to the wild. Mozilla has yet to release a patch.

http://www.eweek.com/article2/0,1759,1814056,00.asp?kc=EWRSS03119TX1K0000594

http://www.enterpriseitplanet.com/security/news/article.php/3503751


What I am suggesting is that instead of being evangelical on the "wonders" of Linux/Firefox/Opera, etc. and the evils of Micro$oft Windoze, we educate users on the importance of securing what they already have and how to go about doing so.

Please realize that people will continue to use Windows regardless of what the Linux/Open Source community feels about it.

What some folks are doing is like telling people having unprotected sex that they will be saved from contracting HIV by becoming Catholics and abstaining. No! We must realize that we can be far more effective by providing safe sex education, not by trying to convert them. But then again, zealotry and evangelism tend to get on the way...


But anyway, for Windows users, this is good place to start:

http://www.microsoft.com/athome/security/protect/default.mspx

And yes, if properly configured, secured and maintained, MS Windows can be secure.

Be safe!


Note: I operate in a Solaris, Open-VMS, Windows, Linux environment and believe each and every operating system its better than the others at specific tasks and that each one of those OS's can be easily owned if not properly managed or be safe if properly secured. Blame not Sun, HP, Microsoft or Linus - blame the system administrator for not doing his/her job!

I fully agree Catherine. Was wondering if someone would mention this.

While I was using Internet Explorer, I was picking up 3-4 viruses a week.... just by surfing. When I switched from IE to OPERA... viruses vanished. Totally. Opera does not have the security issues IE has... and it is a very good browser.

Same goes for email. Get away from Microsoft and use EUDORA or a similar email client. Stop downloading and opening programs unless you are 100% sure of the source. Have anti-virus and anti-spyware programs installed on your computer. Because otherwise, goodbye privacy!

Oh, one other item: install a hardware firewall such as a router. It's a $50 investment that blows software firewalls away, doesn't lag your system and doesn't interfere with most interenet access.

Heck if *I* would go to an internet cafe and start typing credit card numbers!!!

That's not what I'm doing

Question: I have a Netgear router...does that make everything much safer?

(In simplest terms, what does it do anyway?)

Should provide the safety you need.

Almost all routers basically hide your computer from the internet. They have routines built in to them that kinda tell the internet that "yes, there's someone online here, but you don't know exactly where they are." Therefore, vandals can't find the "address" your computer resides at in order to hack it.

That's kind of a simplified explanation, but basically the router provides a "wall" between your computer and the internet.

I was praying for an answer Thnx Wayfinder! Yeah that's kind of amazing. I did a firewall test last night and the website basically told me I'm invisible which is ideal for the average user. Ok, one last question then!
So with all of my anti-virus software, ZoneAlarm included (last time I checked the programs found nothing) and the router, should I still be worried about keylogging? Thanks again ~^-^~

Well, that's the question of the hour, and it's a semi-complex one.

Any company that accepts your credit card or personal information across internet lines should be using a SECURE SERVER line. Most that are on secure servers will actually have a notice telling you this is the case. In such instances, your key input is encoded so that only your computer and the actual server can decode the data.

Without such a secure server then yeah, there is an unlikely but possible chance that someone could intercept web data and be smart enough to grab your personal info. They would have to really know what they're doing and be able to examine data from literally millions and billions of coded chunks... but they can write software to do the heavy work for them. So bottom line: never provide personal information unless you are: a) Positively absolutely sure of the integrity of the party you are providing this information to and b) the server is secure