"Windows 10.0.19043 Build 19043
Thinkpad P50 (Intel i7 6820HQ, 24GB RAM, Quadro M1000)"
I've been trying to figure out if my laptop is still infected - this dum-dum installed an Adobe Acrobat from a torrent site (thinking it was reputable) and it turned out it wasn't!! When I pressed install, my browser tried to redirect (a program blocked it) and I suspected other dodgy stuff was going on.
I ran Malwarebytes (free), Spybot, adwclean, went out for a few hours. Also have Spyware Blaster on here.
My Facebook started getting weird Messenger messages to all contacts (!) whilst I was away from the laptop (still logged in, tabs open). Basically someone saying as "me" that they couldn't access their bank account and could they help?
(I tend to use Mozilla the most with uBlock Origin, Edge rarely).
I saw it when I got home, profusely apologised to everyone and logged out unusual devices, changed my Facebook password.
Changed my Facebook, ebay, Paypal passwords, and assumed I was okay. (edit: Forgot to say, did a System Restore as well).
A week or two later, I realised my other (rarely-used) Facebook account (I have two) had generated an "unusual activity on your account" email and it was locked. There were earlier emails saying How To Use Facebook Business, How To Open A Zingiber Account. Big pain there, as I don't have this one tied to another email account or phone number and used a fake DOB (it's a work group account, I didn't want personal crap on there). I'm still locked out, even though I contacted FB on Twitter and submitted a Contact Form on their site!
I noticed on the bottom-right of Desktop there was an invisible "window" appearing sometimes, which could be a sign of rogue malware. Spybot, Malwarebytes, Norton Power Eraser weren't finding anything.
Today, my Twitter account was hacked (albeit for a few hours only) - changed my name and started Liking and Retweeting some Crypto crap. I flagged my account as being hacked and logged all devices out.
Looked at Mozilla addons: User-Agent Switcher was on there and I hadn't added it!!! This really made my blood run cold, I didn't know what it was, but it didn't sound good. I removed it, did a Disk Cleanup and deleted Temporary Files. Refreshed Firefox, checked there were no strange Home screen redirects. Checked my Programs list on Windows for weird programs. Looked at Task Manager to see if my CPU was being used up on anything weird (it's fine).
Hotmail seemed to have "unsuccessful attempts" from all over the world, over the past few weeks, which was a bit concerning. I logged out all devices and reset my Hotmail password. I ensured there was no email Forwarding set and enabled 2FA.
Changed my Twitter password, and Facebook (the one I still have), just to be sure.
How can I ensure my laptop is clean? People used to ask for a Hijack This log file, but not sure if that would help, as I don't think it's been updated for years.
I've tried to Reset this PC, but I'm not sure if I need Supervisor access (this is an ex-business lease Thinkpad) as it won't find my USB device and won't let me go any further.
I've run RKill, ESET Online Scanner, MacAfee Rootkitremover. Put my laptop in Safe Mode and ran Kaspersky's Rootkit Removal Tool and TDSSKiller (one of those found something, not sure what). Emsisoft (which I've just run) found something (for once I took a screenhot - deleted the PUP file).
Thanks for any help.
Thinkpad P50 (Intel i7 6820HQ, 24GB RAM, Quadro M1000)"
I've been trying to figure out if my laptop is still infected - this dum-dum installed an Adobe Acrobat from a torrent site (thinking it was reputable) and it turned out it wasn't!! When I pressed install, my browser tried to redirect (a program blocked it) and I suspected other dodgy stuff was going on.
I ran Malwarebytes (free), Spybot, adwclean, went out for a few hours. Also have Spyware Blaster on here.
My Facebook started getting weird Messenger messages to all contacts (!) whilst I was away from the laptop (still logged in, tabs open). Basically someone saying as "me" that they couldn't access their bank account and could they help?
(I tend to use Mozilla the most with uBlock Origin, Edge rarely).
I saw it when I got home, profusely apologised to everyone and logged out unusual devices, changed my Facebook password.
Changed my Facebook, ebay, Paypal passwords, and assumed I was okay. (edit: Forgot to say, did a System Restore as well).
A week or two later, I realised my other (rarely-used) Facebook account (I have two) had generated an "unusual activity on your account" email and it was locked. There were earlier emails saying How To Use Facebook Business, How To Open A Zingiber Account. Big pain there, as I don't have this one tied to another email account or phone number and used a fake DOB (it's a work group account, I didn't want personal crap on there). I'm still locked out, even though I contacted FB on Twitter and submitted a Contact Form on their site!
I noticed on the bottom-right of Desktop there was an invisible "window" appearing sometimes, which could be a sign of rogue malware. Spybot, Malwarebytes, Norton Power Eraser weren't finding anything.
Today, my Twitter account was hacked (albeit for a few hours only) - changed my name and started Liking and Retweeting some Crypto crap. I flagged my account as being hacked and logged all devices out.
Looked at Mozilla addons: User-Agent Switcher was on there and I hadn't added it!!! This really made my blood run cold, I didn't know what it was, but it didn't sound good. I removed it, did a Disk Cleanup and deleted Temporary Files. Refreshed Firefox, checked there were no strange Home screen redirects. Checked my Programs list on Windows for weird programs. Looked at Task Manager to see if my CPU was being used up on anything weird (it's fine).
Hotmail seemed to have "unsuccessful attempts" from all over the world, over the past few weeks, which was a bit concerning. I logged out all devices and reset my Hotmail password. I ensured there was no email Forwarding set and enabled 2FA.
Changed my Twitter password, and Facebook (the one I still have), just to be sure.
How can I ensure my laptop is clean? People used to ask for a Hijack This log file, but not sure if that would help, as I don't think it's been updated for years.
I've tried to Reset this PC, but I'm not sure if I need Supervisor access (this is an ex-business lease Thinkpad) as it won't find my USB device and won't let me go any further.
I've run RKill, ESET Online Scanner, MacAfee Rootkitremover. Put my laptop in Safe Mode and ran Kaspersky's Rootkit Removal Tool and TDSSKiller (one of those found something, not sure what). Emsisoft (which I've just run) found something (for once I took a screenhot - deleted the PUP file).
Thanks for any help.
Last edited: