Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HAVE I BEN HACKED?


  • Please log in to reply

#1
OZDOUG

OZDOUG

    Member

  • Member
  • PipPipPip
  • 117 posts
I entered what was basically a dodgy web site (I know that now!) & a flashy page came up telling me my PC had been accessed & my files encrypted....unless I paid some 'fine'. I naturally panicked & got of the web & shut down my PC quick-smart.
I rebooted with my Wi-fi & internet modem disconnected...everything looks fine, but I notice two of my folder icons are now different (see attached screen capture, 'screen icons'). I see the icons for 'Libraries' & 'Local Disk'.
I did a search through Google Images & found the same icon for the 'Libraries' one on my PC which apparently means a hacked folder.....I am unable to find out what the changed 'Local Disk' icon means.
I updated my Malwarebytes Anti-Malware & ran a full scan (log attached). It did detect something called a 'Hijacker Application' which I selected to delete but the new icons still remain.........
Can anyone help please?

Attached Thumbnails

  • hack folder.jpg
  • hacked icon.png
  • screen icons.jpg
  • hack folder.jpg
  • hacked icon.png
  • screen icons.jpg

Attached Files


  • 0

Advertisements


#2
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts
I'm 23red, and it'll be my pleasure to assist you with your problem. :D

I'd be grateful if you would note the following:

• As I am currently in training, I will be helping you under the supervision of our Expert Teachers. As such, there will be a delay between posts.

.• Please make sure to carefully read every post completely before doing anything.

• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!

• Please do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.

• Please stick with me until all malware is gone from your system. This is not an instant process, the logs do take time to go thru. Just because you no longer see any symptoms it does not necessarily mean your system is clear of malware.

• Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.

• Thanks for your understanding and patience ;)

Let's get started!

Please download OTL to your desktop.

• If it saves to another location, right click the OTL icon and select Cut then right click on Desktop and select Paste.

• Please right click on Posted Image on your Desktop and Run as Administrator, then accept UAC prompts to start the program.

• Please make sure the following boxes are checked:

• Scan All Users

• LOP Check

• Purity Check

• In the Extra Registry box select Use Safe List

• Copy the lines from the quote box(do not copy the word quote) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click on the blue highlighted part and choose Copy)





netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
dir C:\ /S /A:L /C
[CREATERESTORPOINT]






• Under Posted Image
in the textbox at the bottom, right click and paste the text there. Or click in the window to get the cursor there and press CTRL + V.

•Click the Posted Image button.

• Let the program run unhindered. Do not change any settings unless otherwise told to do so. The scan wont take long.

•When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL ~ Desktop

•Please copy (Edit ~> Select All, Edit ~> Copy) the logs it produces in your next reply.
  • 0

#3
OZDOUG

OZDOUG

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 117 posts
Hi 23red, & many thanks for getting back to me.
I have to say that in a strange twist my problem has been solved.......my Laptop was stolen!!!!!
I spent 3 days checking what I had on there for sensitive/private content, then cleaned everything off before I was going to get back on to the web.....& then the unit was stolen from my car!
Anyway, since then I have noticed that almost every PC I have been using since then is showing those same icons which still leaves me with the original questions as to what they signify.....any ideas on that?
BUT, thanks again for getting back to me on the other potential malware problem! :)
  • 0

#4
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts
Hi OZDOUG
:o I'm so sorry someone swiped your laptop. That totally sucks! <_<

Unfortunately, without scans to help there's really no way to tell.
The icons I see look normal. The menu item is unfamiliar, definately. Though again, without any scans it's difficult to figure what may have been going on.
  • 0

#5
OZDOUG

OZDOUG

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 117 posts
Thanks anyway 23red.....now I'm on the hunt for a new PC....exciting but irritating at the same time as I will have to start all over again!!
All the best!
  • 0

#6
23red

23red

    Trusted Helper

  • Malware Removal
  • 1,797 posts
You are more than welcome, OZDOUG! All the best to you as well :thumbsup: Good luck!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP