Jump to content

Chavez99

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Alright fine, how do i contact a forum moderator? And considering that i have the premium version of malwarebytes, is there another alternative? Im still receiving those svchosts attacks every hour from the same ip which i determined it to be from Russia. The IP is 46.161.27.30. I want to upload logs but id rather it be private. The logs I think might reveal personal information files as well as my families, so i'd really want to know how to continue with this. Other than the constant daily blocked IP address from malwarebytes, the computer seems to be running normal. Meaning, no slowdowns, odd cpu usages, or denial of access of programs. But the disturbing thing i found in one of the scans from adwcleaner a few days ago was "trojan.stolendata". I've uninstalled all software that has been installed when the blocked IP addresses started to happen. It used to happen very sporadically, once a week, a month. But now its happening daily and hourly and i'd like to see this issue resolved, and i have not seen a response from anyone. Ive scanned with several software in safe mode, disconnected from the internet, reset my DNS using DNSJumper. Although, when I turned on my computer this afternoon, it was fine for 3 hours, and then it started coming back up again. The only program i havent used "only for scanning but not fixing" was FarBar recovery scanner. Since i'm not an expert i'd figure its best if I have someone from here that privately examines my logs and prepares a fixlist for me to use. It spotted a few attention with arrows pointed like so, "GroupPolicy\User: Restriction ? <==== ATTENTION GroupPolicyUsers\S-1-5-21-2947177259-2993387893-2168207468-1011\User: Restriction <==== ATTENTION GroupPolicyUsers\S-1-5-21-2947177259-2993387893-2168207468-1007\User: Restriction <==== ATTENTION" ==================== Restore Points ========================= "ATTENTION: System Restore is disabled" (that was done by me). P.S. A couple days ago, malwarebytes mysteriously had disabled website protection and was no longer in the taskbar. Although it was still able to run, but it would close completely off instead of closing to the background" That issue has been resolved so far, though im not sure if it has to do with the potential malware or if it was simply a bug with the updates since i noticed others had the same experience around the same time it happened to me. Nonetheless, as soon as the Protection was reported disabled, i instantly resetted the computer and immediately disconnected the internet and booted into safe mode. Thats when I had uninstalled all the programs dating back almost a month ago when the attacks started to occur and rescanned, deep scanned and tried to reset some settings including firewall and modem. After doing all that, when I had nervously started the computer back in default normal mode, everything seemed fine. I was almost about to break out the champagne until 3 hours in the attacks from the same ip happened again. This is seriously pissing me off and worrying me. I also heard a couple days ago that an FBI reported attacks from Russia that are infecting malware in routers/modems via a malicious malware known as "VPN Filter" and advised people to reset their modems, and i've done that 3 times already. Despite all this, im willing to restart from scratch and do the process all over again with a fresh start, but this time from an expert, but I dont want my files to be accessed publicly. Maybe i'm being too overly paranoid but in this dark digital information age, you can never be too careful anymore, especially with cybercriminals running amok.
  2. To be honest i'm still concerned about privacy issues of posting detailed computer information and files on a public forum, so before I upload the files should I be concerned about anything? I've never done this before.
  3. Hello. For the past almost 2 weeks ive been getting consistent blocked svchosts attack notifications from Malwarebytes. Although i have scanned and re-scanned with several programs including malwarebytes, almost all of them find nothing. Even adwcleaner only found tracking cookies but it did find something that i found rather disturbing which was a "Trojan.StolenData". The only program I have not used yet was the FarBar Recovery Scanner because i was afraid that it might do something to screw up my computer. Ive uninstalled a few programs and games and even disabled system restore in hopes of clearing out any infected restore points. I believe it came from a malicious game torrent I downloaded and now Im on the verge of re-installing Windows just to reset this. Although i haven't noticed anything suspicious or any weird computer slowdowns, those constant daily blocked inbound connections to svchost are extremely troublesome. On average I receive about 6 - 10 per day periodically on an average span of 2 - 3 hours apart. The weird thing is though not a single outbound connection from svchost was ever blocked. Even though i heard that Inbound connections are not as much to worry abound than outbound connections but the amount of blocked attacks ive been receiving especially in the last 2 weeks is worrying, and the "trojan.stolendata" is also very worrying, but nothing has been detected. Please, im at a loss. Im on the verge of reinstalling my entire computer which is something i really don't want to do as it is a pain to reconfigure and reinstall everything. Despite all I've done, i'm willing to restart from scratch with this whole cleaning process, so if you want me to re-scan again and repeat the process i just attempted to do (but perhaps poorly), just let me know. Also, this is the first time i've ever done this forum malware removal thing, and i am concerned about making my information public, so is it possible that i can make this issue personal or private in any way before i post any information? Much thanks in advance.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.