computer gremlins!!

[kevtherev]

sat on the laptop last thursday when it crashed," internet explorer has encountered a problem and has to shut down" , not the 1st time its happened so it shuts down and then all hell breaks loose, tells me i have a virus and should scan so starts a scan, then thought that might be the virus, so stopped it but it had come up with 2 threats detected:1,something about a worm and 2,a trojan horse. this basically buggered the laptop, wouldnt run a program or connect to the internet...
so next day just to be on the safe side me and the other half went cash point to check our bank balances and she has had 300 quid withdrawn via paypal. someone had hacked her paypal and requested money to be sent from her bank account to her paypal then when its there they would have sent it whereever they wanted. we found this out by logging on to her paypal account, and the date of the transaction was the tuesday BEFORE the virus infected the laptop!!
long story short called paypal customer services and cancelled the transaction, was told they would reimburse the money in 72hrs(still waitin for that)
went bank cancelled it there too, and the debit card.
got the bro in law to totally clear the old operating system and installed a new one so all up and running again now, and a scan was performed too but it couldnt find the virus
so a couple of quick questions coz i'm not very up on computers and i know there are some very computer savvy people around here
would the virus (worm,trojan horse) be able to get details required to do this??(i have been told its unlikely)
could the virus have been undetected for 2 days thats why the paypal transaction was 2 days before i knew i even had a virus?? or is it a complete coincidence??
i have a paypal account too, all set up on the same computer so why hasn't mine been affected??
would appreciate peoples input/advice on this as like i say i aint no bill gates

[lozz]

ihad a simalar thing happen,
but luckily ive a differnt password for everything iuse,
if iwouid of used the same password for paypal as ido for Msn they wouid of got into my pay-pal account,
Msn stumbled on it straight away and blocked my account, had to send them my phone number and they sent me a Re activation code, to sort everything out,

Make sure you use differnt password for pay-pal as what you wouid use for emails,

Hopefully pay-pal shouid resolve your problem and have who ever responsible charged with fraud

[sirwiggum]

would the virus (worm,trojan horse) be able to get details required to do this??(i have been told its unlikely)

They could've got your paypal password a number of ways:

- Keylogger (from a worm/trojan horse) - In which the software records keystrokes, so perhaps it records that you went to ebay/paypal, then later entered a username and password. All of this is sent to a hacker's central repository.

- The fake site (possibly a DNS redirect from the worm/trojan horse) - I must admit that this is one that got me. I was idly browsing the car pages, and all of a sudden ebay asked me to log in. So I logged in, but not a lot happened. Then, a while later, all sorts of stuff happens on my account - selling fake cars in the US etc. Had to contact ebay support who were grand. What happens is it redirects to a site, for example http://[email protected]/ - Its a copy of an ebay page, the URL looks ebayish, but it is actually on another domain.

could the virus have been undetected for 2 days thats why the paypal transaction was 2 days before i knew i even had a virus?? or is it a complete coincidence??

Possibly. The virus alert could either be a fake anti-virus, or if the fake anti-virus was already ran, it could have disabled your real anti-virus.

Fake virusscans - I've seen a lot of people come up a cropper with these. They browse the net then a supposed popup alerts them that they have a virus. It tells them to download a virus removal tool. This tool then "scans" the PC, shows "threats" and prompts the user to buy the anti-virus with their credit card.

i have a paypal account too, all set up on the same computer so why hasn't mine been affected??

Your paypal account exists on the paypal system, not your local machine, so luckily you didn't login to the method that they used to get the details.

My advice is to use a reputable virusscanner (eg. Avast Free), open it up and get to know the user interface. Anything that doesn't look like it is going to be a fake virus alert.
Use Firefox or Chrome instead of IE. IE is targeted and is as secure as a barn door flapping in the wind.
You could go all out and install a Linux partition, avoiding Windows viruses totally. The likes of Ubuntu is very user friendly, easy to install and has a lot of driver support.

[FarmerPug]

on the subject of paypal beware of fake paypal emails i got one last week saying my account was limited because someone else had logged in, and had a web address to get in, looked like a fairly genuine paypal email, except for the sender it come from
You go to the web address which doesnt have the https, or even paypal in its url which gives you a double of their website, where you must log in, but thats all it would allow you to do, no other links actually work, and i bet the worst thing imaginable would be to log in.
So if you do get such an email forward it to paypals spoof email address and they will take it into account.