General Question

rockfan's avatar

Do you think my computer may have been hacked? What can I do to fix it?

Asked by rockfan (3363 points ) May 4th, 2014

Yesterday I noticed that the bug “Heartbleed” appeared on my anti-virus icon, but I’m not sure if it’s the actual virus. And today, I changed my Google acount password for Youtube, but after I logout, I’m unable to sign back in. However, I can still change my password each time and gain acces to my channel. But if I sign out, I can’t log back in again. What do you think is the problem?

Observing members: 0 Composing members: 0

18 Answers

Wealthadvisor's avatar

Heartbleed is an actual virus. If your anti-virus software has recognized it, you need to make sure the software has removed the virus. Open your anti-virus software and perform a deep scan of your system. Your software should find the virus and isolate it and then remove it.

You are probably having trouble signing in because you anti-virus software has blocked access because it is determining that this is the source of the virus.

Go to this site and watch the video and read the information concerning “Heartbleed.”

http://community.norton.com/t5/Norton-Protection-Blog/Heartbleed-Bug-What-You-Need-to-Know-and-Security-Tips/ba-p/1120128

Wealthadvisor's avatar

Note, the virus may not be on your system. But, the anti-virus has found it is somewhere in the site you are using. Do the deep scan anyway and then Google Youtube , and see if they have installed the protocols to block the virus.

XOIIO's avatar

Heartbleed is not a virus, it is an exploit and bug in the way SSL certificates were handled on servers, it doesn’t affect your computer.

Clear your internet cache, you don’t have a virus, I’m guessing some leftover data is messing with the login and that is all

XOIIO's avatar

@Wealthadvisor That link has barely any info on the actual workings of the exploit/bug, and that’s what it is, not a virus, there is a big difference, media just threw the “virus” label on it because the average person won’t really know the difference and it helps sensationalize it.

rexacoracofalipitorius's avatar

@Wealthadvisor NO, Heartbleed is not a “virus”. It is a vulnerability in OpenSSL, which has been patched in newer versions. OpenSSL is encryption software which is run by servers on the Internet, not (usually) by your home computer. If you (i.e., regular home computer user) don’t know whether or not you have OpenSSL on your computer, then you almost certainly don’t.

The problem with Heartbleed is that it allows an attacker to retrieve passwords and other sensitive information from a compromised server (that is, one which is running an unpatched version of OpenSSL.) If you are seeing a warning about Heartbleed from your anti-virus software, it probably means that antivirus software monitors your internet connection and tests for Heartbleed vulnerability on each new socket. If this is the case, then the warning means that you are at risk for having information you send over your internet connection intercepted and read by a third party.

I’m using a browser plugin called “Foxbleed” to accomplish the same purpose: that of testing for the vulnerability and warning me if found.

More information: heartbleed.com

Test sites for vulnerability: https://filippo.io/Heartbleed/

johnpowell's avatar

This isn’t a virus that resides on your computer so Norton can’t do anything but try to sell you a product. However servers you connect to can leak your login info to 3rd parties so I do suggest changing them to random passwords on sites you frequent. Never use the same password twice.

Norton could possibly check for that a site you visit isn’t vulnerable and warn you. But that is about all it could do.

jerv's avatar

@Wealthadvisor Heartbleed is not a virus in that it doesn’t self-replicate. It’s an inherent flaw in OpenSSL; a buffer overflow to be precise. It’s no more a virus than most animal’s need for oxygen; it’s a design flaw.

I will say that your explanation is a nice attempt to try to make a complex idea understandable to the computer-illiterate, but it’s an oversimplified to the point of inaccuracy. Those claiming it’s a virus are either talking down to people by playing to the lowest common denominator, or just plain lack computer knowledge, and those who lack knowledge can (and should) be discounted in technical discussions.

Wealthadvisor's avatar

I give up. There are so many people on this site that have no idea what they are talking about. Google “Heartbleed”.

It says. ”The Heart Bleed Virus has been causing serious security issues across the globe over recent days, potentially affecting sites that millions of Internet users log into every single day, posing a massive security risk for personal financial information. It says VIRUS.

XOIIO's avatar

@Wealthadvisor Heh, ok then, I’m sure the first Google result you clicked on is absolutely right. Hopefully no one else takes your tech advice when you don’t even understand the difference between the basic workings of a virus vs a bug or exploit.

I figured this kind of stubbornness would come from someone who linked to a site called christianpost

dappled_leaves's avatar

@Wealthadvisor You are going up against the heaviest hitters on Fluther in the area of computer and internet security. They are right. Heartbleed is not a virus. Just accept that they know what they’re talking about and let it go.

Wealthadvisor's avatar

Yep, @XOIIO you are just the smartest bulb on the planet. Good that you can show you total lack of decency by bringing religion into something that has nothing to do with religion.

From the Norton website:

Heartbleed is a bug in some versions of OpenSSL, a set of software tools used widely across the Web for security. This bug may reveal your name, passwords and other private information.

(If you visited a website that uses a vulnerable version of OpenSSL during the last two years, your personal information may be compromised. You can use this tool: http://safeweb.norton.com/heartbleed to check if a particular website is currently impacted

OK, definition of bug. A virus that attacks web sites and computers.

XOIIO's avatar

@Wealthadvisor Are you kidding me? You just quoted something that says it is a bug twice, and you are using that to argue that it is a virus?

Good thing you show a typical amount of ignorance and lack the humility to accept when you are wrong and stick blindly to what you think is correct.

jerv's avatar

@XOIIO I think the point has been made. Just back off and calm down.

@Wealthadvisor Given Norton’s reputation as a resource hog that, traditionally,is better at marketing than virus detection/removal, I would be charitable by saying that that is also an inaccurate oversimplification. To many, anything that makes a computer function poorly is a virus, especially to a company that makes money selling antivirus software.
Citing a post seen as more Biblical than technical, then going from someplace seen with derision by many, all in a discussion with people that each have decades of computer repair experience is…. unwise. Please, for your own safety, just walk away.

rexacoracofalipitorius's avatar

@Wealthadvisor You don’t know what a bug is. You don’t get to define words to suit your own purposes.

Here’s a more authoritative definition. A bug and a virus are two different things. A virus may be the result of a bug, or it may exploit a bug, but it’s not necessarily a bug (if it is, then it’s probably not a very effective virus.) A bug may be viral, but most are not.

What exactly makes you thing that “Christian Post” is an authoritative reference on computer security? Do you know what a CVE is? Do you know the difference between authentication and authorization? Do you have a public key?

Some of us do this stuff for a living. Some of us have been doing it for decades. You can choose not to believe me when I say you’re wrong, but by doing so you don’t improve your map. Surely learning things is more valuable than defending your ego?

Wealthadvisor's avatar

@dappled_leaves I agree with you and your point is well taken. What I don’t like is someone who instead of saying “here is a link as a way to explain the difference, they jump all over someone. I goggled heartbleed and it returned the site I cited. I did not look to see if it was Christian, Jewish, or what ever. I just listed the source. Then we get what makes me think the Christian Post is an authoritative source. I have been using computers in my business since the first Osborne. While I may not know everything, I have seen a lot. No one is ever 100% correct.

dappled_leaves's avatar

@Wealthadvisor People did try to calmly explain the difference to you, and you were belligerent about it. It’s hardly fair to accuse them of “jumping all over” you.

The fact that you made a mistake is not a big deal. But it’s important to be able to recognize when one is out of one’s depth, and not dig your heels in, particularly on technical questions. The point is to help the OP. Doing a virus scan is not going to “fix” vulnerability to Heartbleed, and it’s better that he should know that.

rexacoracofalipitorius's avatar

To more directly address the question: the warning does not itself mean that your computer has been hacked. Unless you use the same password for logging-in to your computer as you do for logging in to websites (which no one should ever do) then your local password won’t have been exposed by Heartbleed.

With Heartbleed the thing to worry about is that your login credentials for sites which have not yet patched OpenSSL might be compromised. If you don’t know whether or not a site has been patched, don’t log in to it and don’t change the password until after it’s been patched. Use the tools cited above to check, and if you still aren’t sure or you need to use a site which checks out as vulnerable, contact the site administrator.

It’s possible that your computer might have been compromised, but there’s no reason to think so based on the information provided.

Answer this question

Login

or

Join

to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther