Potential problem/situation, hacked?

Jsizzle · Sep 7, 2010

Hey there,

This may be a problem or I may just be paranoid. Hopefully, the latter.
About ~10 days ago, I downloaded a file from the file hosting service "FileSonic". Once the download was complete, I tried to download another file sometime after the first file had finished downloading. I received a download error " Download session in progress." I was not downloading anything at that time and this was the first time I recieved that error. I read that this is an error that can occur occasionally. But it usually occurs if you are living in the UK (which I am not).
I am concerned someone could have downloaded something to my computer without me knowing. My question is, is the possible? If so how could I find out?

I run the Norton Security Suite w/ firewall. When I ran the Norton scan, theis is what came up:

Code:

Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Trojan Horse
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Downloader
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved
 
 
Trojan.Gen
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy) 
Categories: Virus
Status: Fully Resolved

All of these were in my Appdata\locallow\sun\java\deployment\cache folder. I don't think any of these could have downloaded a specific file off of FileSonic, I am more concerned that a person could have physically done this. Future scans show everything as clean. I also scanned with Malwares Anti-Malware, which showed everything as clean.

Thoughts?

Jacee · Sep 7, 2010

Clean your Java cache with ATF Cleaner Welcome to the Frontpage - www.atribune.org
Click "Main" > check 'select all' (except prefetch) this first time using it, then click "Empty Selected". Do the same for FireFox or Opera if you use either of those browsers.
Next, go to Control Panel > Internet Options.
On the General tab under "Temporary Internet Files" Click "Delete Files".
Put a check by "Delete Offline Content" and click OK.

Jsizzle · Sep 10, 2010

thanks, any other opinions?

richc46 · Sep 10, 2010

My opinion is that something may have been downloaded and that you should take Jacees advice. She is an MVP in this area. If it turns out that it is not a download, we can resolve any other problem at that point. What Jacee is suggesting requires immediate attention, everything else can wait.

Jsizzle · Sep 10, 2010

I cleaned everything with the ATF Cleaner but I can't go to the normal Internet Options screen (its been this way for quite awhile). I can do the normal "Delete HIstory" but when I go to Internet Options, it acts as if I don't have a connection. But when I try to setup a connection I says I already have one.

I have included screen shots.

Jacee · Sep 10, 2010

Was this what you were after? Earn $300 in 7days with Filesonic
Payouts
We pay weekly, every Friday, for the same week
We make payments to Paypal, Webmoney and ePassporte. Payments via bank wire transfer are available on request
Minimum payout is $15

Did you download a 'crack'?

Jacee · Sep 10, 2010

Let's clean up your DNS cache and restore MS's Hosts file

Copy and paste these lines in Note pad.
@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0
Save as flush.bat to your desktop. Right click and run as Administrator.
Your computer will reboot itself.

Now, download Malwarebytes' Anti-Malware to your desktop
|MG| Malwarebytes Anti-Malware 1.46 Download
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location (desktop is fine). Copy and Paste that log into your next reply.

Jsizzle · Sep 11, 2010

Jacee said:
Was this what you were after? Earn $300 in 7days with Filesonic
Payouts
We pay weekly, every Friday, for the same week
We make payments to Paypal, Webmoney and ePassporte. Payments via bank wire transfer are available on request
Minimum payout is $15

Did you download a 'crack'?

No, I don't know anything about that.
I was downloading a normal video file as a free user.

I'm running anti-malware right now, will post log when complete.

Jsizzle · Sep 11, 2010

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4595
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
9/11/2010 7:49:27 PM
mbam-log-2010-09-11 (19-49-27).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 337593
Time elapsed: 1 hour(s), 30 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)

Jsizzle · Sep 15, 2010

so i guess thats it?

Jacee · Sep 27, 2010

Please forgive me! I visit so many forums and I totally missed you

MBam doesn't show any malware. Tell me how your computer is acting.

Jsizzle · Sep 29, 2010

Jacee said:
Please forgive me! I visit so many forums and I totally missed you

MBam doesn't show any malware. Tell me how your computer is acting.

Don't worry about it, no problem.

It seems to be ok.

I noticed a few things but I don't know if I'm getting overly suspicious.
Like a few days ago there was an extra tab opened in my IE and I was trying to remember if I opened it.
Another day I was looking at word documents on my computer, I opened mutiples ones at the same time and one was opened that I couldn't recall if I opened.

Jacee · Sep 29, 2010

Jsizzle, I'd like you to scan your machine with ESET OnlineScan

Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
Click the

button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
1. Click on
  
  to download the ESET Smart Installer. Save it to your desktop.
2. Right click on the
  
  icon on your desktop, and run as Administrator.
Check
Click the

button.
Accept any security warnings from your browser.
Check
Push the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push
Push

, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Push the

button.
Push

Debbie935 · Sep 29, 2010

My computer tech told me that when you download anything, you will usually get a window that needs your approval to continue. If you click the accept button, you just downloaded your virus. Your antivirus software will not catch it because you just gave it permission to download. If this is the case...

Before downloading, save the file to your desktop and scan the file, remove viruses, then install. If it won't install, its because the virus was needed to install. If this is the case. Delete the file.

In your case, you will have to do what I did, take your hard drive into the geek squad (best buy) and get them to clean your computer. $200.00, but worth every dime, and neither of us will make this mistake again.

Jacee · Sep 29, 2010

Hi Debbie935, welcome to the Vista Forums

I'm trying to help Jsizzle. I work for free to clean up malware, so that no one has to pay the price you did by using Best Buy's "Geek Squad".

Thanks for your reply to this matter, tho'.

Jsizzle · Sep 30, 2010

Debbie935 said:
My computer tech told me that when you download anything, you will usually get a window that needs your approval to continue. If you click the accept button, you just downloaded your virus. Your antivirus software will not catch it because you just gave it permission to download. If this is the case...

Before downloading, save the file to your desktop and scan the file, remove viruses, then install. If it won't install, its because the virus was needed to install. If this is the case. Delete the file.

In your case, you will have to do what I did, take your hard drive into the geek squad (best buy) and get them to clean your computer. $200.00, but worth every dime, and neither of us will make this mistake again.

The problem for me was that I was not downloading anything yet still got a message "Download in the progress." So I never got that confirmation window. You make a good point though.
Thanks for the reply.

Jacee said:
Hi Debbie935, welcome to the Vista Forums

I'm trying to help Jsizzle. I work for free to clean up malware, so that no one has to pay the price you did by using Best Buy's "Geek Squad".

Thanks for your reply to this matter, tho'.

I'm running the ESET scan right now...

Jsizzle · Sep 30, 2010

eset scan

Jacee · Sep 30, 2010

Yay!
How is IE acting? Do you have all the MS critical updates?

Jsizzle · Oct 1, 2010

It seems ok, freezes every now and then, but Ive always had that.....

My only concern is that someone could be hacked into my computer and have access to it, to do whatever they please.....But with every spyware and malware program showing everything clean, running the Norton Security Suite w/firewall, and being on a secure network do I really have any reason to be concerned?

Jacee · Oct 1, 2010

Download Secunia PSI, run a scan and update any outdated, vulnerable programs
PSI - Consumer - Products

After doing so, I would suggest you set a 'clean/fresh' restore point by following this guide How to create a restore point in Windows Vista:

Potential problem/situation, hacked?

My Computer

Security

My Computer

My Computer

My Computer

Attachments

My Computer

Security

My Computer

Security

My Computer

My Computer

My Computer

My Computer

Security

My Computer

My Computer

Security

My Computer

New Member

My Computer

Security

My Computer

My Computer

Attachments

My Computer

Security

My Computer

My Computer

Security

My Computer