Jump to content

gdwar

Members
  • Content Count

    6
  • Joined

  • Last visited

About gdwar

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. If I replace the PCIe ssd drive on my laptop which has the OS system installed with a new PCIe NVME ssd will this cure the issue ?
  2. Ok I will do that. These drives shouldn't be failing tho l. My laptop is a Asus Strix GL502VS DB71 Gaming laptop with a SSD and a 1T Hard drive bought at best buy and a my wife's is a MSI GS63VR. We don't game even tho these are gaming laptops we have barely use them and the chance of both laptops failing at the exact same time is strange. Yes we do have VPNs installed from ExpressVPN. However I am still going to check with the software you mentioned and see what's up. Thanks for that. @Ron have you had a chance to analyze and make a game plan? Thanks to both of you
  3. Ok so here is another update.... I went to settings, updates and security and hit the reset button on both of our laptops. Mine and my wife's. Both laptops reset fine, both are unplugged from the internet. Everything looked ok and I checked both laptops for the same issues that I had found previously on my own laptop. I saw the exact same powershell.exe commands and lots of other suspicious and identical commands on both laptops. IDENTICAL! And something else happend as well... I had to make a phone call to comcast xfi bevause an unknown device connected to my own wifi network. I am the only one who has the wifi key written down on paper. I never gave it away to another person ect. Comcast blocked that users IP and MAC address and escalated it to comcast CSA. Anyways let's go back to my issues with the laptops. Since I saw that both of these laptops have the exact identical issues, corrupt files, corrupted registries ect. I decided to plug in my wife's laptop to the internet. When I plugged in the ethernet cable into her laptop,oh boy, her laptop went completely HAMMOCK.what I mean by that is CPU usage 100% memory almost maxed out, firewall disabled and completely inaccessible with error 1608 and error code 0x80070437. It's completely off and no way for me to make it work... windows updates don't work. I have strange devices in my device manager that I never saw there before. I mean it's a complete disaster I tried to fix corrupted files with SFC AND DISM but these don't work at all anymore. SFC /SCANNOW UNAVAILABLE ("Windows resource protection could not start repair service") DISM /ONLINE /CLEAN-UP /SCANHEALTH error0x80004002 dism failed no operation was performed. /CHECKHEALTH "The component store cannot be repaired" /RESTOREGEALTH "Error 0x80004002 DISM failed no operation performed" After reading a lot online I have a feeling that my system is infected on a deeper level. Could the master boot or even the BIOS be infected? How can I check on that? I went to my wife's bios to flash it and I saw 4 ACPI devices with different partition numbers. I only have an SSD and my harddrive on the laptop and couldn't figure out what the others were. It didn't recognize my USB flash drive and I was not able to flash the bios. I got these weird root devices all over my device manager and I have no clue what they are for. For example I have 5 INTEL 100 SERIES 230 PCI EXPRESS ROOT PORT #1 -a100 #9 -a118 #15 a11e #5-a114 #14-a11d 2 display adapters, my nvidia gtx 1060 and a random Intel 530 graphics which was never there before. Ect ect. Please tell me what to do? I really need your help... thank you
  4. Hi Ron, I have ran Kaspersky and it came out clean! HOWEVER, I have found weird scheduled tasks, registry entries, files ect that look suspicious to me and that none of the anti malware software finds. However when I look up these files online they are being mentioned by random people to be potential malware, Trojans, remote control files ect... For example cc cleaner showed me In My scheduled startup tasks weird powershell.exe tasks with strange codes for my files and drives that I couldn't remove at first because my access had been denied so I've been digging through the web trying to understand what these files do and official forums like the microsoft forum and bleeping computer show people with step by step guides to remove these hidden and suspicious unnatural files that could potentially harm the computer. (Supposedly a powershelle.exe virus) When I recovered my laptop I also recovered my wife's laptop at the same time. I bought a brand new USB flash drive and downloaded win 10 with the windows media creation tool and wiped each laptops hard drives completely out. But as soon as I start these 2 laptops that have the EXACT SAME corrupted and strange files in the exact same locations. Like that powershell.exe virus mentioned above. Like I said I downloaded the windows media creation tool and downloaded windows 10 straight into a fresh and newly bought USB flash drive. I wiped both laptops, deleted and formatted all partitions and installed windows 10. I am leaving both laptops off the internet on purpose for now because I got the feeling that as soon as I connect to the internet I trigger one of these strange files and they do their harm... The moment I installed a brand new windows 10 I ran sfc /scannow with admin rights and it found corrupted files right away. I had to run it 3 times in order for it to come out clean. How is this possible when I just wiped and installed a fresh windows 10 home? I also ran Dism /online /clean-image /restorehealth ... twice Also I have the wireless network app FING on my phone and my wife's laptop showed up as a NETBIOS file server with ports 135 139 445 open... how can this be? I blocked all ports that could give access to these files for potential remote hackers and took both laptops off the internet for now. How can it be that a brand new windows 10 installation on wiped and partitioned hard drives will show corrupted files and have strange hidden startup tasks and tasks scheduled within the task scheduler on both laptops like it's being duplicated. There was 83 tasks scheduled in the windows task scheduler that I found randomly but I was able to bring it down to 10. Any way you can analyze my system or is there something you can do to check on it and see? All I can do is show you pictures that I took that looked suspicious to myself. I'll attach them for you G Thanks, G
  5. Hi Ron, first of all thank you for helping me. I have to tell you that in the meantime I had someone coming over and install HitmenPro Alert and HitmenPro and he ran some scans and was able to remove a Ransomware file found in my laptop. I am going to attach that specific hitmanpro alert log file for you as well. Also we updated and installed the new Win 10 update 1809 and ran more scans that came out. My hitmenpro alert software and windows defender alerted me that the FRST64x had unauthorized files and they had been blocked. however i was still able to run the software after that (with the blocked file/s) So far my laptop looks clean. Not sure about the remote control tho. even tho it "feels" like everything is ok so far... I still went ahead and followed your steps. Here are the results. looking forward in hearing back from you. summary mb.txt AdwCleaner[C00].txt FRST.txt Addition.txt HitmanPro_20181004_0446.log
  6. Hi guys, I'll keep my story short. I think my PC is being remotely controlled and infected with Trojans malware ransomware ect... what makes me feel like that? Well my certificates, credentials, passwords, user rights and much more being changed/blocked/deleted. I had to exchange my comcast router, I had a technician coming to my house to do a checkup he found my outside Xfinity box open and the cables were played with. He installed a moca point of entry adapter just in case im a victim of w man of the middle or evil twin attack. I installed ExpressVPN, brand new bitdefender 2019 top security software, changed my security settings within my router to basically max security. Blocked mac addresses... I Recovered my own laptop for the 10th time but somehow someone or something keeps getting access to my laptop. I have extremely high data consumption at night while I sleep even tho my PC is shut down before I go to sleep. Current status I disabled my wifi adapter within bios and am plugged into ethernet. My antivirus and VPN are broken because they don't work anymore, I can't deinstall certain software anymore like malwarebytes for example.I have weird background tasks running. There is unknown root kit certificates installed by root agency and lots and lots of other stuff happening... I am attaching some pictures for you that looked suspicious to me. I am writing this from my galaxy so which also has a VPN on it because my phone started to act strange. Please, I need an expert like you folks to look into this and tell me what's going on. Much appreciated.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.