Computer Hope
Software => Computer viruses and spyware => Topic started by: emergencythrow on April 17, 2020, 11:53:09 PM
-
Hi. I've been getting hacked pretty hard and very maliciously. The audio in youtube videos I'm listening to and also in ogg music tracks that a video-game I'm playing in is being over-written with insults. Also, my computer was virtualized and it was hinted at as being oracle (this was a previous installation). I am most definitely getting monitored and key-logged. I can't tell, for the life of me, where any of these files are located. I'm using a public network (which I'm stuck on atm). It has security features (webroot). I disabled all remote services. In any case, what I'd really like is to get some help on this & further understand exactly what sort of thing is going on (as I've been dealing with it for quite some time & I believe they have every expectation to continue ad nauseam). Thank you.
Btw: How do I upload files? I'd like to give an example.
-
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
This does not sound like a computer infection but we can run some scans to see what we're dealing with.
Please download AdwareCleaner onto your Desktop. AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/)
Before starting AdwCleaner, close all open programs and internet browsers, then double-click on the AdwCleaner icon.
If Windows prompts you as to whether or not you wish to run AdwCleaner, please allow it to run.
When the AdwCleaner program will open, click on the Scan button as shown below.
AdwCleaner will now start to search for malicious files that may be installed on your computer.
To remove the files that were detected in the previous step, please click on the Clean button.
AdwCleaner will now prompt you to save any open files or data as the program will need to reboot the computer. Please do so and then click on the OK button. AdwCleaner will now delete all detected adware from your computer. When it is done it will display an alert that explains what PUPs (Potentially Unwanted Programs) and Adware are. Please read through this information and then press the OK button. You will now be presented with an alert that states AdwCleaner needs to reboot your computer.
Please click on the OK button to allow AdwCleaner reboot your computer.A log will be produced. Please copy and paste this log in your next reply.
*********************************************
(http://i424.photobucket.com/albums/pp322/digistar/mbamicontw5.gif) Download and install: Please download Malwarebytes' scanner (http://downloads.malwarebytes.org/file/mbam) to your desktop.
Double Click mbam-setup.exe to install the application.
- It should update automatically if the computer is connected to the internet.
- Click on Threat Scan and click on Scan Now.
- The scan may take some time to finish,so please be patient.
- When the scan is complete make sure all the infections have "quarantine" selected in the Action box.
- Click on "Apply actions" You may be asked to Restart your computer to completely remove the infections.
- When disinfection is completed you can click on "Copy to Clipboard".
- Paste the log in you next reply (CTRL+ V)
*************************************************
Download Security Check by screen317 from the following link and save it to your desktop.
* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
-
Sorry I didn't respond earlier. I heard it takes up to 5 days so I stopped using the computer for a minute. This isn't my first malware scan with malwarebytes. There were a few things like PUPS I already removed. But here's my latest malwarebytes scan (w/rootkit detect added).
-----------------------------
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 4/23/20
Scan Time: 8:08 PM
Log File: ec5f0852-85d8-11ea-9902-001b24d25966.json
-Software Information-
Version: 4.1.0.56
Components Version: 1.0.875
Update Package Version: 1.0.22850
License: Trial
-System Information-
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: QUAKELORDS-PC\Loser
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 149106
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 11 min, 4 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
-
Here's malwarebytes adwcleaner.
----------------------------------------------------
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-23-2020
# Duration: 00:00:39
# OS: Windows 7 Ultimate
# Scanned: 32067
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1481 octets] - [17/04/2020 23:05:32]
AdwCleaner[C00].txt - [1651 octets] - [17/04/2020 23:11:28]
AdwCleaner[S01].txt - [1531 octets] - [23/04/2020 19:50:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
-
Nevermind. The PUP I was referring to was Auslogics Disc Defrag. I just checked the logs.
Anyways, here's the Security Check (from BleepingComputer??? You didn't provide a link).
-------------------------------------------------------
Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x86 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Disabled!
Microsoft Security Essentials
Avast Antivirus
Malwarebytes
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````[/u]
SUPERAntiSpyware
CCleaner
Adobe Flash Player 32.0.0.363
Mozilla Firefox (75.0)
````````Process Check: objlist.exe by Laurent````````[/u]
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Comodo Firewall cmdagent.exe
Avast Software Avast AvastSvc.exe
Avast Software Avast AvastUI.exe
Avast Software Avast AvEmUpdate.exe
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 7%
````````````````````End of Log``````````````````````[/u]
-
You really should activate your Windows Security Center and your Windows Firewall.
Btw: How do I upload files? I'd like to give an example.
You could give me an example of this. A screenshot would be great.