Jump to content

I've been hacked, for the second time

ckbeme

By ckbeme
in Resolved Malware Removal Logs

 Share

Recommended Posts

ckbeme

ckbeme

Posted
Posted

I was hacked in August 2016, got help from another forum and thought it cleaned desktop.  When we thought my data was clean, AND Windows 10 Pro, I did 3 backups, formatted hard drive,

and did clean Windows install. My backup drive failed, so I've spent the last 2 months trying to recover my data. That was ALL my important data. 

Recently I noticed my new USB wifi adapter showed Network Type: Access Point, and I said NO during setup to use it as access point. Don't know if that's why, but I ran First.exe today and found 2 of the same files that were in the First.txt and Addition.txt in August. I don't know how access points work, but I'm thinking since I didn't do anything to secure an AP, anyone could get into my PC.

Do you guys have to accept my request for assistance, then you ask me to submit files? I can't find anything on the forum that tells if we submit data on first post.

Thanks for any help.

 

ckbeme

Link to post
Share on other sites
ckbeme

ckbeme

Posted
  • Author
Posted

Hi Twin,

thanks for your quick response. I have * in both of my attached reports. I deleted the C:\ProgramData\sdpsenv.dat file that was found when I ran Frst.exe and I hope that doesn't screw you up. It was a knee jerk response, because I knew that file was on my PC before the cleanup in August. Promise I won't misbehave again.

 

Addition.txt

FRST.txt

Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

FRST.gif Fix with Farbar Recovery Scan Tool

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif


icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites
ckbeme

ckbeme

Posted
  • Author
Posted

Well, it's a bit early to say. I just got home and I just turned on my desktop. Did you find only minor issues?

Because when I was hacked in July, the guy that helped me said I had a backdoor trojan. And he had me run several programs that created reports that he reviewed.

And can you tell me what you found?

 

Thanks

Link to post
Share on other sites
ckbeme

ckbeme

Posted
  • Author
Posted

sdpsenv.dat - This file is related to Opus? Well can I ask you this - does that mean the hackers infected that program? And can you tell me what the heck I can do to prevent another attack? After the July one, I changed and hid my SSID, changed passwords on wifi and router, changed my External IP address. I have ESET Smart Security w/Firewall, Windows Firewall, and my Netgear Router has firewall. 

I don't go to pirate sites, I don't use any social networks, I just don't believe this happened again.

Do you know of anyway I can find out who (what IP address) hacked me? Or do you know of a list of ports that are known to be evil - then I can block them in my firewall(s),

Or any ideas how I can protect myself? I still haven't recovered from the July hack. And when the other guy helped me with the July hack, I told him I couldn't clean the laptop for awhile. I need my desktop. The laptop is merely a convenience. But I'm to the point now, since my backup drive failed and I'm missing so much data, I can get some of it from the laptop. So would you be willing to give it a go? Or do I need to create a new post?

Link to post
Share on other sites
TwinHeadedEagle

TwinHeadedEagle

Posted
Posted

No, they did not infect this program, it is creating this file because it needs it. I don't see any malware and I don't see any sign that you were hacked. 

Since there is no malware on your machine if you need additional help or advice, I suggest to open new topic here:

https://forums.malwarebytes.org/forum/6-general-windows-pc-help/

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept