Jump to content

xhormones

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hey nasdaq, Thank you for the hard work you do! Unfortunately, I have an exam coming up tomorrow morning and did not feel secure putting a potentially compromised PC back onto wifi. Considering I had next to nothing on this PC, I simply went ahead and did a clean reinstall of Windows. Before I reinstalled and reformatted, I did run one final Malwarebytes scan (although not of FRST). I will say that I noticed ApsInsMonSvc.exe running in Services still, and it was also in the system32 file as well after the fix so it looks like I might still have been compromised? I've attached the last scan I performed before reinstalling (Final) as well as a FRST & Malwarebytes (Clean) scan from my new reinstall just to be sure. I'm fairly certain this wouldn't have survived the reinstall (and ApsInsMonSvc.exe is indeed gone) but it doesn't hurt to check! Thank you so much again. The work you do is priceless. Clean.txt Final.txt Addition.txt FRST.txt
  2. Hello nasdaq! I ran FRST and this is the fixlog. Let me know if I should do anything further. I am not sure how to tell if the problem persists or not, since there are no noticeable effects (besides someone attemping a gmail account recovery yesterday). Currently Chrome is not synced with other devices since I have changed all my passwords and have not logged back in. I believe that it was on previously, though. Thank you! Fixlog.txt
  3. Quick update: because there were backdoor programs reported I’ve decided that I will most likely simply reinstall windows and delete all partitions, if anything just for some peace of mind. Regardless, I’ve only had this laptop for ~3 months and there is absolutely nothing of importance on here so it should be pretty straightforward. I will be reinstalling all programs fresh as well, rather than backing them up. Are there any steps I need to take/suggestions after reinstalling besides running scans again?
  4. Hello! First off I want to thank you for reading this and also for participating in this community. The work you do is priceless, and I really appreciate it off the bat. ANYWAYS--yesterday, a dodgy install unfortunately put a bunch of trojans and adware on my laptop. I didn't actually experience any negative side effects, because I noticed right away when the installer began installing a bunch of things like MaskVPN, etc... even though I specifically chose not to. Unfortunately, I did not pull my laptop from the wifi in my panic. What I did do, however, was immediately uninstall all unknown programs, delete odd files (including temp :( ) + services, run Malwarebytes and a slew of other programs: rkill, tdsskiller, Hitman Pro, ESET, Adwcleaner, RogueKiller, Windows Malicious Software Removal. I ran all of these until they came back clean for the rest of the night, and each one did indeed pick up little bits and pieces the others missed. It seems like no rootkits were detected but I'm particularly concerned because Malwarebytes indicates a backdoor file(?) That was around 8pm last night. This morning, I woke up to a text from Paypal asking if I wanted to spend $800 (obviously I said no and Paypal locked my account, then I proceeded to change all my passwords-email, banks, ebay, amazon, etc...- despite never having used this laptop for any sort of banking) I also woke up to an alert from Malwarebytes that at 2:55 AM a Trojan.Malpack.VB was detected named "BVZ.exe" (which, off the first result on google, appears to open a backdoor). This gave me pause, because all of the scans showed clean all the way until 10pm last night. I quarantined it and multiple scans from different programs have said it's clean, but I'm unsure. I've seen a lot of posts saying with backdoors, it's best to just do a complete reinstall. I wanted to ask here before I did that, though, as I also have a couple questions about reinstalling Windows. Anyways, I've attached the logs asked for in the stickied post. I will attach the original scan (Original) from Malwarebytes that contains the first few trojans, and also the second one with just one (BVE). There's a lot of PUPs, but it looks like they're a result of something going on with Google which I know has an existing fix. I just don't want to log into my google with my new password yet on here. Let me know if you need anything else, thanks! Addition.txt FRST.txt BVE.txt Original.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.