Jump to content

Resistant Info Stealer remains on my pc.


Recommended Posts

I received a direct message from a friend telling about a game he was working on for school and asked me for feedback. I didn’t suspect anything of it when downloading because it was from a trusted friend, and nothing came up from my AV. Upon downloading it my discord account was stolen, email and pass changed, and the person inside it was sending the same game scam to my friends. And 2 fake system apps were in my task manager.

 

I checked the location of the fake system tasks and they were coming from suspicious Temp folders. I ended the tasks, deleted them from temp, and rebooted. All was normal and I made a new discord. I couldn’t recover my last one as my email and password were completely changed.

As it turns out it seems the malware is resistant and came back and my new discord was stolen again, and it started sending out the same malware to everyone in my dms.

Any assistance on getting this thing out of my system would be much appreciated, I’m at a loss what to do next.

(Malwarebytes scan comes up with nothing, by the way. Neither does defender. I have nothing to quarantine.)

Link to post
Share on other sites

Hello @genuine and  :welcome:

 

My name is MKDB and I will assist you.

 

  • Please follow the steps in the given order and post back the logs as an attachment when ready. Thank you very much for your cooperation.
  • Temporarily disable your antivirus or other security software first. Make sure to turn it back on once the scans are completed.
  • Temporarily disable Microsoft SmartScreen to download software below if needed. Make sure to turn it back on once the scans are completed.
  • As English is not my native language, please do not use slang or idoms. It may be hard for me to understand.

 

 

I will guide you along on looking for potential malware. Lets keep these principles as we go along.

  • Searching, detecting and removing malware isn't instantaneous, please be patient. Please stick with me until I give you the "all clear".
  • Only run the tools I guide you to.
  • Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • Cracked or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also big source of current trojan infections. Please uninstall them now, if any are here, before we start the cleaning procedure.

 

 

 

Step 1

Please download the suitable version of Farbar Recovery Scan Tool (FRST) and save it to your desktop: 32bit | 64bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Check the box in front of Shortcut.txt.
  • Press the Scan button.
  • FRST will create three logs (FRST.txt + Addition.txt + Shortcut.txt) in the same directory the tool is run.
  • Please attach these logfiles to your next reply.

 

 

 

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.