I may have been hacked recently

Discussion in 'Security' started by Kevin Maloney, May 29, 2015.

  1. Kevin Maloney

    Kevin Maloney

    Joined:
    May 29, 2015
    Messages:
    6
    Likes Received:
    0
    As the above post mentions, I was the victim of a hacking job recently. I logged onto my computer, discovered that all my desktop icons, documents, and bookmarks were missing, and when I finally got onto my mail, I got messages from Facebook and Chrome about login attempts from unknown locations. I immediately went into safe mode, did a MWB scan (found 2 PUPs), changed all my passwords on everything, and had my bank account disable my card.

    That being said, I'm trying to figure on what to do next:
    -I have MalwareBytes, and had a free trial of AVG. Should I bite the bullet and buy Premium of something?
    -VPN: good idea?
    -Facebook says that my current IP address is Hong Kong (spoiler: I don't live in Hong Kong). What is this, and how should I correct it?
     
    Kevin Maloney, May 29, 2015
    #1
    1. Advertisements

  2. Kevin Maloney

    Kevin Maloney

    Joined:
    May 29, 2015
    Messages:
    6
    Likes Received:
    0
    BTW, it's worth noting that everything appears to be restored on my computer. That being said, I still want to be absolutely certain it's secure.
     
    Kevin Maloney, May 29, 2015
    #2
    1. Advertisements

  3. Kevin Maloney

    TrainableMan ^ The World's First ^ Moderator

    Joined:
    May 10, 2010
    Messages:
    9,132
    Likes Received:
    1,592
    Location:
    PA, USA
    Just FYI, PUPs are rarely viruses. PUPs simply stands for Possibly Unwanted Program. It is often an assigned classification to things like joke programs, for example I had one that would pop up a box saying "click here to close" but when you moved the mouse towards the box the box would always run away.

    Your desktop icons being moved deleted could simply be a problem with your registry.

    It does sound like your online presence at Facebook & Chrome may have been attacked or even compromised but that information is online and they would not need access to your computer to attempt access to those.

    So no I don't think you need a paid version. I do suggest you actually use the free tools you do have though. Such as keeping them up-to-date and running a full scan once a week, maybe AVG Wednesday nights and MBAM on Saturday nights. Once things calm down you can maybe go every week or two.

    BTW, the only way to be absolutely certain a computer is secure is to unhook it from the web and never put a USB stick or DVD in to it. Since this is impractical, all you can do is be vigilant: be wary of sites you visit, be careful of email links, and of links or calls that say they can speed up your computer, and keep your AV up-to-date and run full scans.
     
    TrainableMan, May 30, 2015
    #3
  4. Kevin Maloney

    Shintaro Moderator

    Joined:
    Mar 1, 2012
    Messages:
    2,137
    Likes Received:
    252
    Location:
    Brisbane, Australia
    You could do the following:

    1. Download and run TDSSKiller.
      1. Accept the "End User License Agreement"
      2. Accept the "KSN Statement"
      3. Select "Change Parameters" and Select:
        • Verify file digital signatures
        • Detect TDLFS file system
        • Use KSN to scan objects
      4. When the scan is complete the log file is in C:\ It will have a name like "TDSSKiller.3.0.0.34_04.05.2014_08.05.16_log.txt"
    2. Install Malwarebytes (Free Version)
      1. Select "Threat Scan"
      2. When it is completed, please upload the log file from: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
    3. Please download and run Windows Defender Offline.
      1. Click "Next"
      2. Click "I Accept"
      3. Select Either: (Typically it is either CD/DVD or USB)
        • CD or DVD
        • USB
        • ISO file
      4. Click "Next"
      5. It will create a CD / DVD / USB and will boot and scan your hard drive offline.
     
    Shintaro, Jun 4, 2015
    #4
  5. Kevin Maloney

    Kevin Maloney

    Joined:
    May 29, 2015
    Messages:
    6
    Likes Received:
    0

    When I do all of the above, do you want me to post the logs on this thread?
     
    Kevin Maloney, Jun 4, 2015
    #5
  6. Kevin Maloney

    Shintaro Moderator

    Joined:
    Mar 1, 2012
    Messages:
    2,137
    Likes Received:
    252
    Location:
    Brisbane, Australia
    Yes mate, best to post the logs so that we can have a look.
     
    Shintaro, Jun 4, 2015
    #6
  7. Kevin Maloney

    Kevin Maloney

    Joined:
    May 29, 2015
    Messages:
    6
    Likes Received:
    0
    Here you go.

    I also tried running Windows Defender as requested, and followed its instructions. When I tried to restart the computer with the CD in, however, nothing of note happened-- I didn't see any Defender menu pop up at all.
     

    Attached Files:

    Kevin Maloney, Jun 5, 2015
    #7
  8. Kevin Maloney

    Shintaro Moderator

    Joined:
    Mar 1, 2012
    Messages:
    2,137
    Likes Received:
    252
    Location:
    Brisbane, Australia
    Those look ok. But you really should run Windows Defender. Maybe it is a function key that needs to be pressed? So that it boots from the CD?
     
    Shintaro, Jun 5, 2015
    #8
  9. Kevin Maloney

    Kevin Maloney

    Joined:
    May 29, 2015
    Messages:
    6
    Likes Received:
    0
    I did the following with Defender:

    -1. Created the CD Drive, as requested
    -2. Let it transfer/load all the necessary content onto this CD
    -3. Tried to restart from the CD drive. I looked at their Help section, and they described this as restarting my computer while the CD is in the CD drive. I did so. Nothing special happened.
     
    Kevin Maloney, Jun 5, 2015
    #9
  10. Kevin Maloney

    Shintaro Moderator

    Joined:
    Mar 1, 2012
    Messages:
    2,137
    Likes Received:
    252
    Location:
    Brisbane, Australia
    What is the brand and model number of your computer / laptop?
     
    Shintaro, Jun 5, 2015
    #10
  11. Kevin Maloney

    Kevin Maloney

    Joined:
    May 29, 2015
    Messages:
    6
    Likes Received:
    0
    Specific model, or series number? For series, its an Asus Aspire 4752.
     
    Kevin Maloney, Jun 5, 2015
    #11
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.