Jump to content

Eneitilyn

Members
  • Content Count

    2
  • Joined

  • Last visited

About Eneitilyn

  • Rank
    New Member
  1. Okay I got them I also did couple extra scans with other tools namely Kaspersky virus removal tool and Eset online scanner! And something called Security Check? After making this thread Kaspersky found nothing and Eset found 19 threats that were left over from my previous Windows 7 system before 2020...I had some Malwarebytes files left over before opening this thread that were impossible to delete for some reason because they were locked and "used" by my display drivers/audio drivers etc. I am not sure but I am suspicious it was a impostor program that looked like Malwarebytes! Same thing happened when I installed Bitdefender Total Security(Trial version) too! I installed the program and the next restart it was asking me to install the Bitdefender Free Antivirus version as a "update" then I checked my Task Manager and I found a program that was auto-starting that is literally called "program" sadly I could not discern where it is located in my hard drive because i could not disable it from auto-starting nor could I open its location from task manager so I could not include it in the "virus package" archieve in my previous post but it got removed after I reset/reinstall my PC OS from previous month! I think the only way I could have found it is through the registry but I am not knowledgeable enough to do that manually the problem right now is this time there is nothing else like that in my system (at least I hope so) and my ABV emails are still getting hacked! There is 2 weird things I am concerned about in task manager there is these two programs one is left over from uninstalling Bitdefender today called "Setuplauncher" I checked its location it no longer exists after I restarted from the AdwCleaner app and copy of "Discord" and that program I had manually deleted it after I found it in C:\ProgramData\SquirrelMachineInstalls\ a while ago! FRST.txt Addition.txt AdwCleaner[C02].txt MB Log.txt SecurityCheck.txt
  2. Now this happened about 3 months ago I have long before reset my PC to windows 10 by now but for some mysterious reason my ABV.bg email has been repeatedly getting hacked every time! even tho last time I changed my password to be unique combination of 30 symbols and letters including the secret question and answer. Its still getting mysteriously hacked and at this point its obvious the information is being leaked from my PC so the trojan/keylogger/hijacker or whatever has not been removed even tho I did repeated Malwarebytes scans and I even scanned with Bitdefender in boot environment still no such luck! Yesterday I saw about total of 74 SVHOST.exe processes in my task manager and I don't wanna say all of them are viruses but I doubt windows needs that many processes to run! So something is definitely up here! As for the virus I had in February that hijacked my browser immediately after I found my email hacked I checked my Temp folder and what do i find multitude of unknown files scattered on about I put them all in a 7zip archieve in case I need them to be give them to a professional for analyzing etc! The hacker had even hijacked my wifi (I even found some chinese characters within the wifi app pointing at some access point in some chinese province) I am pretty sure so at this point I am not even sure if its DNS hijack or browser hijack...or whatever hijack the trojan just keeps appearing and this time he seems to be not leaving any files on HDD so I am not sure if its using fake windows processes or services I need to get rid of the malicious files before trying another clean system install... The FRST.zip logs I have provided are from Safe mode scan today in Windows 10 I included some older ones too from previous months! FRST.zip temp folder viruses package.7z FRST 09th-05 Logs.zip FRST 27th-04 Logs.zip
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.