Spyware, Viruses, & Security forum

General discussion

Carol..Concern about possible Hijack

by Ray_moe / May 11, 2010 7:48 AM PDT

Hi Sherlock

This am I opened a website called Hoodlums using my usual bookmark

Immediately a full page script opened saying "you have been Hijacked"

Without reading all of the page I closed it.

Ran the following scan and results:
Super antimalware...Clean
Spyware Terminator..Tracking cookies
Avira anti-virus....Clean
F-Secure online.....Clean
Panda anti-rootkit..Clean
CCleaner............Deleted all entries
Task manager........No suspicious entries
Mru Blaster.........Cleared all MRU's

Since opening that website my dsl shows to be downloading files olso my router and on my computer and on the monitor

Task manager shows system idle at 99% and no process running

What is going on have I been Hijacked

Phil say's thanks for the help


Discussion is locked
You are posting a reply to: Carol..Concern about possible Hijack
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Carol..Concern about possible Hijack
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Does not seem so...
by CascaLonginus / May 11, 2010 9:25 AM PDT

If you ran all those scans, you should be clean. I hope that the malware program you ran was this one; http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html Other than that, try this, just to be certain. http://www.technibble.com/rkill-repair-tool-of-the-week/ The article on the page explains what it is, and does, and who wrote it. After running rkill if the only process it shut down was rkill than you have no malware on your system (judging by all the scans you ran) If however it did shutdown more than the rkill process, then after the scan is complete, update mbam, and run a full system scan. If no process was killed (other than the rkill process)then it may be that your router is wireless? and it is unsecured, and one of your neighbors is using your internet. If that is the case, then you should secure your wireless router so you're household is the only one using it.

Collapse -
by Ray_moe / May 11, 2010 9:47 AM PDT
In reply to: Does not seem so...

This program was malwarebytes.

The router is hardwired so no concern about others using it.
The dsl has decreased since reboot but still more activity than usual.

Never used Rkill but will consider it after reading the article

Thanks for the reply


Collapse -
by Ray_moe / May 11, 2010 9:55 AM PDT
In reply to: Malwarebytes

Results of Rkill

Processes terminated by Rkill or while it was running:

C:\Documents and Settings\Owner\Desktop\Downloads\rkill.exe

Rkill completed on 05/11/2010 at 18:52:29.

Collapse -
Youre ok then
by CascaLonginus / May 11, 2010 10:07 AM PDT
In reply to: Rkill

Ok, rkill was the only thing shut down so you should be ok. As far as the traffic over your router, I'm not sure about what could be causing that, if you have always kept an eye on that, and are noticing more taffic, maybe a new question in the proper thread can give you a good answer, sry cant be of more help.

Collapse -
Ray.. How are things today?
by Carol~ Moderator / May 12, 2010 1:55 AM PDT

Ray, etc..

My apologies for not seeing your post, yesterday. I was offline when you posted. Sad

It sure looks like you're okay, to me. But you would be the better judge of that, at this point. If you want me to take a look at your log, send it to me.

FWIW.. Some years back, a forum I was helping at got hijacked twice in one year. It never posed a problem for me. My point being, because the site may have been hijacked, it doesn't necessarily mean you're going suffer the consequences.

Let us know how things are going..
Carol, etc.

Collapse -
How are things today?
by Ray_moe / May 12, 2010 2:49 AM PDT

Well good Morning Carol

No problem with not answering yesterday.
Feel better about the Hijack of the website after your response.

Talked to my Redhead last night and they had the same problem
The website is now up again and everyone she spoke to has not had a Hijack problem

As I use this computer for secure transactions I wanted to be sure I was not in trouble

But now that Sherlock has given me the all clear I am Ok.
Everything I ran came up clean including HIJack this

My last concern was the dsl usage in windows when I booted Linux I had no unusual usage but then thats windows
Procexp.exe shows 3 processes floating in an out.Will look further into those item as to what the processes are.

Where have the mods all gone????

Many many thanks for the reply and taking the time from your busy schedule


Collapse -
Good News! I Can Rest Easy Now :)
by Carol~ Moderator / May 12, 2010 3:14 AM PDT
In reply to: How are things today?

As you may have noticed, I addressed the most important things first this morning! I'm glad you responded as quickly as you did. Happy

Where have all the mods gone? Sounds like a song. Or maybe.. I'm thinking of "flowers". Shocked The "flowers" have been ill, as of late. Or at least, that's the last I heard.

As an aside. My neighbors starting calling me Sherlock, after I found their auto mechanic, who (suddenly and w/o notice) left the place he was working at. It took me two weeks to locate him, but I did. So it looks as though the name Sherlock, is going to stick. (For now)

Please tell Phil to have a great day. (You too)

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.