Password uncovered

I'm running a Mac with Leopard. THis morning I turned on the computer and found a file on my desktop from someone seeming to solicit email from me, and citing 3 URLs which I have not looked at yet. The name of the file is my SL password with file extension 'rtf'. I suppose the password can be gotten at for this purpose, but it scares me to see it there without any action on my part.

Should I call this to Linden Lab's attention, and if so, how? Or is it nothing to be concerned about?

Abd how do I go about changing my password?

Thank you all, folks.

DONT go to any URL listed in there!! You shouldn't have done whatever you did to receive this, which could have been either opening a bad email, (from a sender you dont know, or potentially one you do know that had some kind of malicious attachment in it) or going to a compromised site. At this point I recommend solving your problem before taking time to alert LL.

Sorry to sound alarmist here, but it sounds like you have a keylogger you need to get RID of before you change passwords yourself, or even type in a password that LL would give you. Because if this is the case, that would grab the new one anyway. You might even have a PWS trojan too or some other malicious critter.

I highly recommend you run through this majorgeeks malware removal procedure and get rid of any creatures, and then change your password.

http://forums.majorgeeks.com/showthread.php?t=35407

Those folks are experts there, and if you have a critter in your machine that procedure doesn't zap, they can help you with removal.

Once you are sure there are no keyloggers or trojans on your machine, then you change passwords here once you've logged into the secondlife website:

https://secure-web17.secondlife.com/account/password.php?lang=en

That change password link is found when you open the website at www.secondlife.com, log in, click on "my account" and then on the left side NAV bar you will see a hyperlink to CHANGE PASSWORD.

Oh and do your friends and family a favor, dont send them any email attachments until your machine is clear of any infection. If you sent any at all recently, at least warn them when you find out whatever stung your machine.

Seems possible that someone found you logged in and your screen unlocked.

Just to add to the advice:

When removing spyware/malware/viruses....... Literally DISCONNECT the internet from your computer.

Unplug the network cable or router.

Many of these annoying lil' programs like to bury some tiny bit of themselves deep in the registry, so when you find & try to remove their "main" part, it re-downloads itself.

Sneaky lil' monkeys.

Why are you people pointing him to Windows sites and talking about the Registry? He's running Mac OS X 10.5 ("Leopard".

/me thought the PR material said that no-one wrote malware for Macs . . .

Pep (. . . why bother for that tiny minority - the OP has probably jumped to conclusions.)

Those folks can help him too then:

http://forums.majorgeeks.com/forumdisplay.php?f=40

Nice tip, thanks.

The fact the file is on your desktop is somewhat disturbing, as well. If you didn't put it there accidentally somehow.

Do you use the same password for anything else? Is there a chance you've copy/pasted it inadvertently?

The Leopard has paws of clay?

Nobody with any credibility has said "nobody has written malware for macs".

Thing is, there's no reason to assume that there's any malware involved here. First, this is a really unlikely thing for a virus or trojan to do. Second, there are security problems, like leaving yourself logged in and your screen unlocked, that no operating system can protect against. The least secure component in any computer system is the one between the chair and the keyboard.

I've gone in to "remove viruses" on Windows boxes, and found that all that had happened was that the user had walked away and someone had walked up and moved icons around on the desktop. There's a classic prank that people do, where they take a screenshot of the desktop and make it the desktop wallpaper, then hide all the desktop icons in a folder they move offscreen...

I've had user's passwords revealed by someone opening Notepad and clicking "paste".

I've had someone tell me they downloaded a virus because they updated Flash player and it said it was version 10 and they "knew" the current version was 9.

To be honest, the only sure-fire way to clear out malware, viruses etc is a complete format / reinstall from the ground up.

That doesn't conflict with what I said.

Pep (How can you tell when a PR person is lying? Her lips move.)

that was the first thought that came to mind is .who else is in the house lol


i used to do that screen shot thing to keep my nephews off my computer..it's amazing how well it really does work with everyone lol

Good... then I know not to trust the mac guy on those commercials.

Of course not. He's a frigging actor. Sheesh.

On the other hand, you can trust the "Linux" guy:

if Linux guy was holding a ferret, I would be very worried.

OK- now i am the one freaking out- i just logged into sl and found a very polite im from THE OP :

THAT I HAVE NOW EDITED OUT IN CASE THE OP DOESN'T KNOW HE IS THE OP- WOULDNT WANT TO OFFEND HIM


I just went thru my trasactions from may 13 to today and find no record of having given this guy anything- now i do send things to people when they request stuff either here or in-world and sometimes dont even comment- just send it cause they needed it - but i dont remember him really and if i didnt do this- i might have need to check at home but wdnt it be on my transactionrecords? If i didnt then what the heck is this about?

I am calling LL right now about this in fact-

talk about naming names and posting chat logs!!!

Well hell i can edit it but he is the one who opened the thing- its not like he is pretending not to be

I think this is what we call, in the system admin business, a "PEBCAK" situation.

oh i have no horse in this race.
but people sometimes get mad when their IM's are posted hey. and its against the tao and the vaunted ToS

No ferret, but he recently bought a Tronguy-themed airplane:

I don't understand why you need a plane Argent. Your flight feather doesn't work in RL?

So- i got off live chat with LL - they recommended i file an abuse report with Governor Linden as the culprit and give them all this info so they can start looking into it- I contacted the OP in world to let him know i had no idea what was going on and i imagine i wil hear back from him plus now he can read here that LL is looking into it.