allans

CLOSED Microsoft email meltdown

Recommended Posts

I signed up for your service last month because of infections I had, various trojans, etc. Just last week I was notified by Microsoft, I guess, that my email of 15 years (on their MSN.com system) was hacked. My email is so old I can't even recall the answer to the security question ... or I got it right and I'm being tricked. Microsoft, being the idiots they are, refuse to respond to their own request for help and offer no assistance even though they closed the account. But my question is how did I get hacked when your system was up and fully operational? Assuming I'm being tricked and the messages aren't really from Microsoft, this means the hackers got by your system. If not, how can MSN (which is basically Hotmail) get so hacked that even they cannot open my account? I'm confused and angry. Allan

Share this post


Link to post
Share on other sites

There are numerous ways that someone could have gained access to your account. It is fairly easy to replicate the look of the Microsoft MSN, Hotmail, LIVE, etc. login pages and fish for passwords. It is also possible that, if you tend to reuse the same password for multiple accounts, that someone who found your password for another service tried it on your e-mail account and got in. It is also possible that they were able to randomly guess your password, or even the answer to your security question.

Of course, it is also possible that a key logger was responsible, however you should have been notified by the Behavior Blocker in Emsisoft Anti-Malware even if our real-time scanner does not detect it.

Share this post


Link to post
Share on other sites

What is a key logger? If it is the case that someone stole my password, why can't I find any way to get Microsoft to allow me to get in and change it? Do they regularly do this, make it necessary for people just to abandon their emails when someone gets in? I've had the MSN account since before Hotmail was even invented. So I do take it for granted. I suspect that this is an effort by Microsoft to run the old, free accounts out of business ... but regardless ... there is no way that you know of to get around this to regain access? I called Microsoft and resorted to asking for Bill Gates. Their computer said she was not authorized to connect for a message ... sounds like a big conspiracy to me. I need to get back into this account ... somehow. Can we make sure someone is not using my system to send me fake Microsoft messages? Allan

Share this post


Link to post
Share on other sites

Just last week I was notified by Microsoft, I guess, that my email of 15 years (on their MSN.com system) was hacked.

How were you notified, by e-mail or by phone?

Share this post


Link to post
Share on other sites

I was notified by way of a notice when I tried to log in ... which means, either they got me there (which means it went through the Emsisoft protections) or did come from them. I cannot tell, except that when I go online to Microsoft Hotmail resource pages (Hotmail came after the MSN accounts, which tells you how old I am!) the pages for contacting MSN Hotmail are exactly the same ... These forms require me to tell them what I remember about passwords, secret questions, etc. and that they will get back to me in 24 hours. In reality, I then get a message saying I have to wait 5 to 7 days ... which I've waited and this is killing me. So I cannot verify whether I was hacked, how, etc. Microcrap essentially just shut me off and left me hanging. Not fair.

Share this post


Link to post
Share on other sites

It is not abnormal for popular e-mail providers to be difficult to get support from, and Microsoft is no exception.

As for a key logger, it is a malicious program that logs every key you press on your keyboard, and reports it all back to whoever created it.

On the subject of talking to Bill Gates, I am fairly certain that he retired a few year ago, although even if he did still work there it is doubtful that a company that large would allow the average customer to talk to their CEO.

Share this post


Link to post
Share on other sites

I was joking about Mr. Gates. So basically you have no suggestions about how to get around this problem? They can effectively simply cut me out of my email because they say, without verification as far as I can tell, that my system was hacked and then they simply refuse to do anything or allow any communication back to fix the problem? See what happens when we let computer geeks control the internet.... If there was a key logger on my system, I would have thought your system would have detected that and let me know, especially if it has been there for a while. Apparently your system is not competent to do this, which means we buy access to something that serves no protective purpose in something that is likely to be a serious issue. Sad. Thanks anyway ...

Share this post


Link to post
Share on other sites

After writing the note above, including adding angry comments about why they will not unlock my system, the following came up on the screen when I went back to try to log in today. What does this mean?

Server Error in '/security' Application.

Runtime Error

Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".

<!-- Web.Config Configuration File -->

<configuration>

<system.web>

<customErrors mode="Off"/>

</system.web>

</configuration>

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.

<!-- Web.Config Configuration File -->

<configuration>

<system.web>

<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>

</system.web>

</configuration>

Allan

Share this post


Link to post
Share on other sites

I signed up for your service last month because of infections I had, various trojans, etc.

So you likely have a problem that got on your system before you installed EAM. If so it may still exist or it may have harvested what it wanted and then deleted itself so that there's nothing for EAM to detect.

I scanned my system and the only place that I found "web.config" was in:

C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\web.config

If you're logging into what you think is a Microsoft site but it's not, then you need to get that fixed first.

If some one got your credentials before you installed EAM and then waited and only used them a week ago to cause your problem, then only MS will be able help you.

If you really want help, follow the instructions and provide the required information.

Share this post


Link to post
Share on other sites

Of course I cannot get access to the web.config file. NotePad cannot access it so I can't even make the change I'm told to make. Sorry ... but is there any guidance for this? Since there was a default "web.config" file as well as the regular one, I deleted the non-default and rebooted ... back to same problems. I guess this is God's way of telling me I have to go spend money somewhere to pay someone to clean out problems that didn't exist until the new Outlook was developed. Still seems unfair and unprofessional. Thanks.

Share this post


Link to post
Share on other sites

All I can say is that I can open mine with Notepad. If you are told that you don't have authority then something is definitely wrong.

Or can't you find it? My path is for W764bit and you have XP32bit so your folder/path will be different.

Have you considered posting in the MalWare Help section of this forum, asking for Help?

Share this post


Link to post
Share on other sites

No, not told I don't have authority. I am the administrator. I even restored my computer to a month ago to try to log on since I did not have a problem then. THe same message from MSN appears, meaning either the problem still exists or it really is MSN. Anyway, oh wait ... shit. I just checked on something. The computer said it couldn't open it so I let it go to the internet to find an option instead of selecting from the list. Now it opens. Sorry ... now I'll see if I can do what MS says ... assumming it is Microsoft. Thanks again.

Share this post


Link to post
Share on other sites

I have no idea where to put the code, and I really don't know whether to use the first or the second set of code. I'll try them both near the beginning.

Share this post


Link to post
Share on other sites

I even restored my computer to a month ago to try to log on since I did not have a problem then. THe same message from MSN appears, meaning either the problem still exists or it really is MSN.

If this is due to something that changed on the MS site 'a week ago' then restoring your computer won't 'fix' anything.

I hope you didn't restore any of the trojans....

Share this post


Link to post
Share on other sites

Now I'm just saving the web.config as a "web.config.txt" which I assume cannot be read. Can't figure out how to do this. Frustrating ...

Open Notepad and then from the File, open the "web.config"

Share this post


Link to post
Share on other sites

I have no idea where to put the code, and I really don't know whether to use the first or the second set of code. I'll try them both near the beginning.

Your call, do at your own risk, I can't tell if this is a legitimate thing to do.

Generally, a <tag> can be anywhere. A program will read through the file until it finds, or doesn't find, a <tag> that it wants, it doesn't matter where it is as long as it can be found. Everything following the <tag> is considered data for whatever purposes the program can handle, until it reaches end-of-file or another <tag>.

Putting both in won't do what you think. If the program is looking for the tag <customErrors mode> it reads until it finds the first <customErrors mode="Off"/>, it won't look for the second one.

If this is due to a malicious attack, you may be opening up your system to allow remote access to some one that doesn't have your best interests in mind.

Share this post


Link to post
Share on other sites

The computer said it couldn't open it so I let it go to the internet to find an option instead of selecting from the list. Now it opens.

What did it open with? (if not Notepad) I hope it didn't download some more malware that can 'open' the file and also do other harm.

You need to supply specific information, otherwise you won't be able to get useful help because no one will have any idea what your problem is.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.