Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

E-mail got hacked. [Closed]


  • This topic is locked This topic is locked

#31
rose86420

rose86420

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
I did disable the two Java Plug Ins. What if something needs Java to run? How do I know if it's safe to allow Java?

The computer is running fine. The only thing I notice is that when I turn on my computer for the first time for that day, I see a rectangular box that disappears quickly when the computer boots up. I never noticed that before but it is so briefly displayed, it could be I wasn't really paying attention.
Is this anything I should be concerned about?

Also AT&T sent me an email regarding the fact that my account was compromised



"Please be aware that the account can be compromised again if you do not take the necessary action to prevent the spammer's from re-obtaining your new password information. Several other individuals with compromised AT&T Internet accounts have also reported compromised bank accounts, Paypal accounts, etc. Since most accounts are billed to credit card, a bank account or Paypal account would not be linked in any way and this therefore points to the possibility of a Trojan "keylogger" that is able to capture keystrokes, typed IDs and passwords, etc. You should be aware there is a strong possibility that there is such a Trojan installed on at least one computer that was used to access the account."

Have you seen anything in my scans that indicate I have had a Trojan "keylogger" on my computer? What should I be watching for?

Thanks again for all your help! You can see I have a lot to learn.

Rose
  • 0

Advertisements


#32
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Thanks rose.

I'll answer your questions very shortly. My Teacher {Speaking of a lot to learn} is reviewing my response to you.

Joe
  • 0

#33
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi Rose,

What if something needs Java to run? How do I know if it's safe to allow Java?


In my case I have uninstalled all Java and have never had a need for it. As far as knowing if it's safe or not to allow it, I'm not a hundred percent sure about that.

I see a rectangular box that disappears quickly when the computer boots up. I never noticed that before but it is so briefly displayed, it could be I wasn't really paying attention.
Is this anything I should be concerned about?


That's hard for me to identify exactly what that is or could be. If you could would you elaborate about this a bit more.

Also AT&T sent me an email regarding the fact that my account was compromised


Yes. We know that and changing the password should take care of that for you as was advised.

Have you seen anything in my scans that indicate I have had a Trojan "keylogger" on my computer? What should I be watching for?


Your logs look clean, and so is the ESET On line scan, no indication of a key logger or any Trojan. As an extra caution you could change your passcodes to any banking sites if you use on-line banking, to me it looks like just your E-Mail was compromised. It happened to me not to long ago, I changed my password from a different computer, using a different computer is a step to take just in case there is a keylogger on your computer.
  • 0

#34
rose86420

rose86420

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Never would have thought of that but using a different computer to change your password is a simple thing to do for a whole lot of peace of mind.


So in the future, what should I be doing to periodically keep myself free from all the stuff that was deleted? Are the scans I used with you something I should attempt to do on my own? Any advice is welcome.

Also, let me know if there is anything further I need to do.

Thanks for all your time!
Rose
  • 0

#35
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi Rose, Sorry for slight delay here...

I see no infections present in your logs anymore. If you are not having any further problems, Please follow through, and find tips and prevention steps below: You already have Malwarebytes so I would consider running that maybe once a week, keep Malwarebytes updated.

After disinfection it is useful to delete all system restore points so that they do not go up, inadvertently, To do that follow instructions below:
  • Click Start, Run and type CLEANMGR and press Enter
  • Select the hard disk partition and press OK
  • At the top of the dialog, click the tab More Options
  • Under System Restore section, click the button "Clean up"
    Now, all the System Restore points (except the recent one) are cleared.

    Next
    Lets clean up a little and some advice for you as well.

    Please Run AdwCleaner and select uninstall
    Posted Image

    CleanUp with OTL
  • Make sure you have an Internet Connection.
  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTL to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You should be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Turn On Automatic Updates:

Turn On Automatic Updates
1. Click Start, click Run, type sysdm.cpl, and then press ENTER.
2. Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them.

If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site that apply to your computer. Updates are downloaded automatically in the background, and you are not notified or interrupted during this process. An icon appears in the notification area of your taskbar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.

or visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Antispyware programs:

I would recommend the download and installation of some or all of the following programs (all free), and the updating of them regularly:

  • WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.

    Update Checker

    Download and install FileHippo update checker and run it monthly. It will show you which programs on your system need to be updated and will provide a download link for you.

    WOT = Web of Trust
  • WOT, (Web of Trust), warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory.
  • WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
  • Green to go
  • Yellow for caution
  • Red to stop
  • WOT's has an addon available for Firefox, Google Chrome, Internet Explorer, Safari and Opera.

And finally! Some of my own tips for safe computing :

  • Make sure Realtime AV scanning is enabled. A Firewall is a definite plus.
  • If you can't afford a cost effective virus protection then use some free online tools.
  • Don't trust pop-ups that tell you that you may have spyware on your machine. Most of these are money making schemes designed to get you to buy their removal product, which in some cases also contain malware.
  • Make back-ups of your most personal files frequently by whatever means you have available, i.e. Tape, CD, DVD, USB Drives, Ghost programs, etc. You never know when you'll have to reformat and start from scratch and without current backups of your personal files, you're basically at a lose. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.
  • Be careful where you "surf". If you know you are going to click a site that is questionable, then at least be intelligent enough to disable javascript, java, ActiveX installations, etc... You "surf" these sites at your own risk.
  • Uninstall and quit using P2P networking programs like uTorrent, Kazaa, BearShare, eMule and Limewire. These are your most likely weakest links if you're using them. Primarily most stuff transferred is illegally obtained and if you won't give it up you eventually pay the consequences.
  • Don't give access to your computer to friends or family who appear to be clueless about what they are doing. Otherwise you'll come home from school/work one day and your computer will be trashed.
  • In my opinion, a PC is just that, a PC (Personal Computer). Don't allow your children to talk you into any Windows cracks, hacks, or tweaks that could turn your computer into an expensive doorstop.
  • When in doubt -- don't download it and don't install it until you've researched it.

Here are a few links you might find interesting that will educate and enhance your online surfing abilities:

"So how did I get infected in the first place?" by Tony Klein and updated by Corrine
How Malware Spreads - How did I get infected by quietman7

If you have any questions or concerns please don't hesitate to ask! Any member on this site will be more then happy to guide you in your quest for safe surfing and to prevent infection.

Happy and safe computing!

Joe :)
  • 0

#36
rose86420

rose86420

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Hi Joe,
I want to do my best to do what you have told me. I hope I'm not wearing down your patience.

I'm trying to delete the previous restore points, something I never would have thought of and something I never knew you could do. When I run CLEANMGR, I get to choose between the OS © drive and the (Q) drive, not the hard disk partition as you mentioned. I tried the C drive but I don't have tabs to get to System Restore options. I am using Windows 7. Not sure where to find this?
Rose
  • 0

#37
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi Rose,

You are certainly not wearing down my patience.


I'm sorry rose it's been very busy, I have been checking my E-Mail and I never got the notification that you posted. Let me get back to you as soon as possible. I have read your post and preparing a response to you.

sincerely,

Joe
  • 0

#38
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi Rose,

Once again sorry for my late response to you.

Lets try this set of instructions below

1 Open Disk Cleanup by clicking the Start button In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup.

2 If prompted, select the drive that you want to clean up, That will be C for you Rose, and then click OK.

3 In the Disk Cleanup for (drive letter) dialog box, click Clean up system files. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

4 If prompted, select the drive that you want to clean up, and then click OK.

5 Click the More Options tab, under System Restore and Shadow Copies, click Clean up.

6 In the Disk Cleanup dialog box, click Delete.

7 Click Delete Files, and then click OK.

Let me know how that goes for you.

Joe
  • 0

#39
rose86420

rose86420

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
I'm sorry to frustrate you again. I can follow all your instructions but I do not have a "More Options" tab to open to select System Restore and Shadow copies. I know you are busy and my big problems have been fixed. Maybe there is another way to get to these shadow copies.
Don't feel you have to jump on this. I have been very busy myself. These are the fine points which you very carefully laid out for me. I greatly appreciate all you have done for me. Now I can use my computer with confidence.
Thanks again,
Rose
  • 0

#40
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi Rose,

I'll run this by my teacher. Not to worry.
  • 0

Advertisements


#41
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi rose,

I do not have a "More Options" tab to open to select System Restore and Shadow copies


Lets try this,

Click on Start (Windows 7 Orb) >> All Programs >> Accessories >> System Tools >> right-click on Disk Cleanup and select Run as Administrator.

Joe

Edited by zep516, 23 April 2013 - 05:14 PM.

  • 0

#42
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi Rose,

Are you still with us.

Joe
  • 0

#43
rose86420

rose86420

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Sorry for my delay. I will get to this as soon as I can.
  • 0

#44
rose86420

rose86420

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
So sorry for the long delay. When cleaning up old restore points, I come to this statement.

In some editions of Windows 7, restore points can include previous versions of files, known as shadow copies, and backup images created with Windows Complete PC Backup. These files and images will also be deleted. For more information about System Restore, see What is System Restore?


Is there anything in this process that I could lose that I would need? I don't know what these "complete PC backup files are".

Thanks again,
Rose
  • 0

#45
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,799 posts
Hi Rose,

No problem with the delay. I'm struggling for time myself. I will run the question across my instructor.

Joe
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP