Jump to content

Bothersome

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi! I wrote on this forum for help but got no response. Meanwhile, someone tried to hack my bank account and it was just sheer luck that my bank spotted the online errant logins, shut down my internet banking access and informed me immediately. As I couldn't wait any longer for someone to urgently respond to my help, I tried finding a solution for myself. Not sure if I am 100% clean, but the scans in Malware, SuperAnti and Eset come clean. I could be infected with rootkits though. For anyone who faces a similar situation as me, that is someone trying to hack into your google accounts etc, don't take it lightly. I found out after numerous clean scans, that I had a deadly trojan that not only stole my online identity, downloaded other malware and trojans, could actually sentd screenshots of my computer, but also dismantled my anti-virus and other security measures i had installed. First signs of the Win32 Gen-Agent NOV is that your CPU usage will shoot up, like mine at idle would go to 98%-100% and freeze. It downloads so many other trojans and stuff that you can't see straight. Then you will see unknown programs in your Task Manager. My AVG scans would come clean, although in the middle of browsing the net, AVG would give warnings that Rozena is trying to open. I searched on numerous sites for this Rozena, but I only found downloader.rozena which is a virus, but the AVG one didn't have the same name. Then I got an e-mail from Facebook that someone was trying to hack into my account. I didn't take it seriously and just changed the password. Hey its just FB right. Then I got e-mails (like for two weeks) that someone was trying to login to google. Since I had been running scans on malware, AVG, superantispyware and all came clean, I dismissed it. Until I got the message for hacking into my bank account. Steps I took: 1. I am not an expert in all this, and AVG in all purpose looked like doing its job. But just for reassurance I checked my Windows firewall and noticed it just wouldn't start. Then Windows defender gave the same error. 2. I contacted this forum, but got no reply. So I uninstalled AVG, malware and Superantispyware. 3. On my mobile I again downloaded the malwarebyte and superantispyware software. Someone had given me pctools as a gift this Christmas. So I installed that. PC tools found 35trojans and 124malware. WOW!!! 4. After that I thought I was clean. But just for reassurance, I installed malwarebyte and superantispyware. Together they found another 315 stuff. You might think now my computer is clean. But... 5. Just for reassurance again, I downloaded ESET and Trends housecall something. I ran both of these. Both found trojans, saved on different locations, files, and even in different registry keys. 6. My CPU usage number went down dramatically. My comp wouldn't overheat much and things started working faster. Like programs would open fast etc. 7. Still ESET would find trojans and malware would find 5 PUP, adwares and even a bat.trojan. Superanti still showed account.google.com cookies. For every scan, they would pop up, I would clean, remove, quarantine and still they would show up. 8. I didn't know what to do now so I search online and read a few articles. One of the articles suggest I delete all my cookies and then set the setting to Not allow any cookies from any site. I did this. 9. Also on PcTools you can add certain files and programs that you want to prevent from opening. I noticed in the Taskbar that two files would start randomly (at any given time) and hog all the CPU usage. Sis.exe and Systay.exe. As I said, not an expert in computers, so I didn't know if these were Windows files or virus. I searched online and found that systay was actually a trojan. (Systray.exe is a windows file. Notice the "R" in tray. Seriously you need magnifying glasses to notice these things.) I crossed my fingers and added both these to the blocked files on PC tools. I also added the acounts.google.com cookie and other cookies that superantispyware was picking up. 10. After that I got messages from PC Tools all the time that the sis and the systay file wants to open, but I said to permanently block these. Also my system started functioned really well now. But I knew this isn't a permanent solution. I mean whatever this sis/systay virus is, it has to go. So I again scanned using ESET, malwarebytes and superanti. They found adware, malware, trojans. I cleaned them and then manually created a system restore after checking all the programs and stuff is working properly. 11. I then deleted all the system restore points before my recent one. (Don't permanently delete them using disk cleanup. Just find the system restore folder and put the files before the one you created in recycle bin. That way if you need something you can get it back. 12. Then I removed the "Block" for sis and systay and restarted my comp. I knew these don't start at the beginning bt just pop up while I am working on the comp. So I waited. I kept the task manager running all the time, and the minute I noticed the CPU usage going up, I checked and sure enough both the files were there. I closed all the windows and the net and then started ESET again. This time ESET caught the virus along with the files and I deleted them. Malware found 2 PUP files, and I deleted them. 13. You might think I was clear, but nope. A few hours later, I again did the ESET scan, just to make sure. And ESET again found the virus, in the system restore files. I noted down the file path and then deleted the virus using ESET. 14. Now that I know what the file path was, I kept checking again and again after a few hours to make sure they didn't come back. Till date the files haven't come back. I scan my comp before shutting down by all three of the programs. I am not sure if I am 100% clean, like I could have rootkits for which I don't know what program will search for. I did download the TSkill or some such program, but then I read online that if you don't know how to use this program properly, it can seriously damage your computer. Anyway, I hope my experience helps someone else out there.
  2. Hi! I suspect I might have a trojan or a keylogger on my comp as I just got a notification from google saying someone tried logging into my e-mail account. I have changed my password but still SuperAntispyware detects tracking cookies: account.google.com There are also 3 persistent files, which I keep deleting, but they come back. I can't find these files in the computer however even when I set the option as "show hidden files". Pls. help me clear my comp completely. Thanx in advance. PS: I downloaded dds and it opened in notepad with a message "This program cannot be run in DOS mode." Comp Info: OS is Windows Vista Security: AVG Malware SuperAntiSpyware I also use ESET, Housecall and Bitfender online scanners.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.