Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible infection or hacked? [Closed] [Solved]


  • This topic is locked This topic is locked

#16
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK just trying to confirm that DrWeb is EUFI compatible
  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Meanwhile you could try this version which runs from the desktop http://www.freedrweb.com/cureit
  • 0

#18
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts

No problem. I've attached a zip file. My browsers crashed when I copy/pasted, and it was too large without compressing. Thanks!

Attached Files


Edited by queendom, 23 July 2015 - 09:15 PM.

  • 0

#19
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Well I think that we can now say that there are no known bad files on the system.. How is it behaving now ?
  • 1

#20
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts

Oh great! Glad to know its clean. I'm still receiving alerts about suspicious attempts on various accounts, so I'll continue to change passwords and just keep an eye out overall. Thanks so much again!


  • 0

#21
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are they all online accounts like mail etc...
  • 0

#22
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts

Yep mail, message boards, shopping accounts, etc. Some are tracked to my IP while others are linked to another state or a cloaking service. The ones linked locally only occur when the computer is on.


Edited by queendom, 26 July 2015 - 05:01 AM.

  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do you use the same e-mail address or username for these accounts
  • 0

#24
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts
No they're different addresses and usernames. About 10-20 email addresses and 5 different website accounts.
  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK .. Sort of long range Q&A on this :)

When you have changed the passwords do you still get attempts to access them ?

I am thinking here that someone has access to all your e-mail addresses (probably via a copy of your address book) and is trying them out to see if the password can be cracked

The best way to confirm this would be to create one new e-mail address and see if that is attacked
  • 0

Advertisements


#26
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts
Ok I will try that. :)

The attempts on my email addresses are a mixed bag. I think there were 1-2 addresses with attempts even after changing the password. Otherwise, they'd stop after a password change. The suspicious website login attempts only happened once, regardless of whether or not I changed my password. There was one online store account that had 5 password reset requests within one hour. No other attempts after that.

I try to keep many of the email addresses separate. For example, I won't exchange emails between different addresses nor save alternate addresses within account settings. I do this with some but not all addresses.
  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Sounds like an opportunist attack rather than something based on data from your computer
  • 0

#28
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts

Understood. I'll just keep monitoring then. Thanks so much!


  • 0

#29
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What I will do is remove my tools for now but, leave the thread open for a few more days in case you come across something else

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#30
queendom

queendom

    Member

  • Topic Starter
  • Member
  • PipPip
  • 68 posts

Just checking in. Think we're in the all-clear. So far so good! :yeah:


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP