Lasutriv

Alright thanks! Sorry for the time consumption. Question: Can I request to have my logs deleted?

It does help, thank you. Ports 137-139 are open with port 139 being listened to. Here's my port list and my concerned port list: ports.txt concernedports.txt

Okay so as I rebooted and ran Process Explorer I found some processes that came up as "Backdoor.MSIL.Bladabindi!1.9DE6 (classic)" Here are my new files: Also is there a tool we could use to scan ports and connections to better help you with diagnosing my situation? FRST.txt Addition.txt NewMalwareLog.txt

Well I'm on my school's network so would it be their network that is compromised?

Hi Kevin, thank you for replying! I was infected on both my laptop and desktop from over the summer. I have ran process explorer to check which processes have been verified and I do have some that are running under Microsoft Corporation with unverified signatures (AKA Not gonna happen but you know that). I for sure still have the virus on my laptop but I wanted to confirm that it was completely gone from my desktop. It has been up and running now for some time but I believe the hacker is doing it's work remotely. Are there other tools we could run to make sure my network is safe and that I'm not compromised? Here are some recent logs from farbar. My first logs weren't ran in administrative mode (I'm a damn idiot please forgive me): FRST.txt Addition.txt Also here are some processes I have been investigating via Process Explorer that have some weird strings in their memory (The parenthesis in the text file name is the PID it was used for) These two and a few others have peaked my interest in what the heck they're doing: SearchProtocolHost.exe(1540).txt SkypeHost.exe(10312).txt

I installed windows 10 3 times now and each time the malware has come back. I even cleared my cmos just in case. I wanted to make sure it was completely removed. Here are my logs: Addition.txt FRST.txt MalwareLog.txt