I think I was hacked and need some help

[Pigment]

Dear Madams and Sirs,

 

Recently I found some suspect activity on my computer. Exactly, I logged out from a website and then I tried to reconnect. When I was invited to enter my email and password, in the email field, I found a suggestion of an e-mail address that is not mine and that I never typed it in a web form before. So, I think someone else used that e-mail address to connect to that site from my computer. I am the only user of the computer, and I have installed Windows 7 less than a month ago, and I have nerver known that e-mail address. I downloaded the Anti-hacker application and start a keylogger scan. The result came out with this information:

 

Program Name           Program Publisher Risk Level                 Program Location

rikvm_9EC60124.sys                                Very High Risk         C:\Windows\system32\Drivers\rikvm_9EC60124.sys

 

I have read another topic on this site about this problem, but for the lack of feedback, that topic was closed.

From what I saw there, I can tell you that I have also Cyberlink Power DVD 9.6 installed on my computer.

 

So, I don't know if rikvm_9EC60124.sys is Cyberlink driver or is a keylogger planted on my computer after I have been hacked.

I am pretty sure it was an attack, because, as I told you, I saw that email address suggestions and I heard about a hacker from my town that was using that email address.

 

I have kaspersky antivirus 2014 installed on my computer, I ran a full scan, but the scan came up with no result.

I have also Spybot Search and Destroy, I ran a scan, no result.

Only Anti-hacker report that file as a keylogger, but in the location above reported by anti-hacker I found no such file.

 

Plese, I need help because I work online and also I was suspected by my boss to have someone else controlling my computer in the past (the boss told me I infected his site when I logged on into the CMS by SQL injection). Thats's why I format my comp and reinstalled Windows 7 about a month ago and now I found this issue I was telling you about above.

 

Thanks for help in advance!

 

Regards,

Florin

 

[gringo_pr]

Hello Florin

That file does belong to Cyberlink Power DVD 9.6 , The location is correct for that program - if it was in another location then it would have been a problem

I do not think there is a problem or a hacker but we can run some scans anyway just to be sure

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Gringo

• do you still need help with this?
• do you need more time?
• are you having problems following my instructions?
• if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

[gringo_pr]

Hello

48 Hour bump

It has been more than 48 hours since my last post.

• do you still need help with this?
• do you need more time?
• are you having problems following my instructions?
• if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

[gringo_pr]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!