Eneitilyn

Sorry for the late reply! I have tried the fixlist it created this log! Fixlog.txt Meanwhile my email is rampaged by this hacker again =,= I think the .EML extension file he sent me is a exploit so I am not trusting that download! I have also hid anything personal saying on the email pictures...there is a totally suspicious connection from USA that logins with 2 different IP addresses which is probably fake...He has also sent numerous fishing emails from paypal etc I have no clue how to deal with the email problem as this ABV seems like a third rate website there is pretty much no security measures apart from my password protecting my email (no double authentication etc anything) The main problem is all my old accounts that are tied to those emails I have already changed both emails from ABV to have new set of passwords and secret question and answer the problem is is the spyware and possible browser hijack does it still exist in my system or is he straight up bruteforcing the passwords or does he have some kind of client in my PC still that yoinks my password every time because I notice in the Login history it shows Two logins at the same time and both are from my PC when I logged on today then again it shows the same thing for the USA login attempts and those are both from different IP's compared to mine which are all from the same IP...right now the only browser that has my ABV passwords is Firefox and I should have probably noted I was using Brave browser(Chromium variant) initially before getting hacked and all right now I only use Chrome (I have actually managed to recover my old hacked browser data the only problem is the passwords are long gone Chrome cannot recover the hashed passwords and deems them as corrupted but at least I could recover my bookmarks and browsing history! I have also scanned the Browser data with Bitdefender just in case there is anything malicious and have found some kind of "pop under javascript"? it seems to appear on my new browsers too I have scanned them and removed it from them too! I have discovered that the hacker is potentially a Java Developer because well one of my accounts which was accessed by him (namely mega) was accessed using unknown Java client! I have changed the password of the account once I Found out and enabled double authentication. I plan to make a Bitdefender Boot Enviroment scan tonight see if there is anything lurking still. As for the controlled folder access thing I have enabled that when I was using Mbar because i wanted the hacker to not have access to my security tools as I have put them all in that folder I have made sure to not run anything suspicious as administrator mode except from that folder! Since if he still has access to my system he may infiltrate one of those exe's and gain admin access while I try to get rid of malicious threats...

Okay I got them I also did couple extra scans with other tools namely Kaspersky virus removal tool and Eset online scanner! And something called Security Check? After making this thread Kaspersky found nothing and Eset found 19 threats that were left over from my previous Windows 7 system before 2020...I had some Malwarebytes files left over before opening this thread that were impossible to delete for some reason because they were locked and "used" by my display drivers/audio drivers etc. I am not sure but I am suspicious it was a impostor program that looked like Malwarebytes! Same thing happened when I installed Bitdefender Total Security(Trial version) too! I installed the program and the next restart it was asking me to install the Bitdefender Free Antivirus version as a "update" then I checked my Task Manager and I found a program that was auto-starting that is literally called "program" sadly I could not discern where it is located in my hard drive because i could not disable it from auto-starting nor could I open its location from task manager so I could not include it in the "virus package" archieve in my previous post but it got removed after I reset/reinstall my PC OS from previous month! I think the only way I could have found it is through the registry but I am not knowledgeable enough to do that manually the problem right now is this time there is nothing else like that in my system (at least I hope so) and my ABV emails are still getting hacked! There is 2 weird things I am concerned about in task manager there is these two programs one is left over from uninstalling Bitdefender today called "Setuplauncher" I checked its location it no longer exists after I restarted from the AdwCleaner app and copy of "Discord" and that program I had manually deleted it after I found it in C:\ProgramData\SquirrelMachineInstalls\ a while ago! FRST.txt Addition.txt AdwCleaner[C02].txt MB Log.txt SecurityCheck.txt

Now this happened about 3 months ago I have long before reset my PC to windows 10 by now but for some mysterious reason my ABV.bg email has been repeatedly getting hacked every time! even tho last time I changed my password to be unique combination of 30 symbols and letters including the secret question and answer. Its still getting mysteriously hacked and at this point its obvious the information is being leaked from my PC so the trojan/keylogger/hijacker or whatever has not been removed even tho I did repeated Malwarebytes scans and I even scanned with Bitdefender in boot environment still no such luck! Yesterday I saw about total of 74 SVHOST.exe processes in my task manager and I don't wanna say all of them are viruses but I doubt windows needs that many processes to run! So something is definitely up here! As for the virus I had in February that hijacked my browser immediately after I found my email hacked I checked my Temp folder and what do i find multitude of unknown files scattered on about I put them all in a 7zip archieve in case I need them to be give them to a professional for analyzing etc! The hacker had even hijacked my wifi (I even found some chinese characters within the wifi app pointing at some access point in some chinese province) I am pretty sure so at this point I am not even sure if its DNS hijack or browser hijack...or whatever hijack the trojan just keeps appearing and this time he seems to be not leaving any files on HDD so I am not sure if its using fake windows processes or services I need to get rid of the malicious files before trying another clean system install... The FRST.zip logs I have provided are from Safe mode scan today in Windows 10 I included some older ones too from previous months! FRST.zip temp folder viruses package.7z FRST 09th-05 Logs.zip FRST 27th-04 Logs.zip