Rat infection

**puki** · 10-05-2022, 09:17 PM

After i installed GlassWire,it seems my pc is times faster.
But the internet speed it’s the same (i download max with ~500 kb/s,incase my speed is 18 mb/s)

**Malnutrition** · 10-06-2022, 12:28 AM

Run a speed test at TestMy.net and screen shot the result, post it here.

Check and see if finding the best DNS server for your machine helps.

So now the only issue that remains is slow internet?

**puki** · 10-06-2022, 08:19 AM

For the moment i don’t have any strange activity.
So yes,only the slow internet is the issue for the moment.
I setted up the fastest DNS server.

**Malnutrition** · 10-06-2022, 10:22 AM

Can you hook your machine up directly to the modem via Ethernet cable, bypassing the router and rerun your speed test. Post new screen shot of speed test via modem, with only your computer online at the time. I noticed your average of 4.3, if you are paying for 18 and have several devices connected, this about right. Also, if you are running torrent software that can cause issues with internet, as it chews bandwidth.

**Malnutrition** · 10-06-2022, 10:40 AM

Also, I suggest that you run O&O Antispyware this can trim down bandwidth consumption, by stopping your machine uploading to MS servers so constantly.

Then for now, disable windows update and see if that helps. You can reenable anytime, you feel like you want to update.

Then install Ublock Origin for all of your browsers.

Consider Adblocking DNS server. This can be set on your router to block ads on all devices, or individually on your machine with these instructions

**puki** · 10-06-2022, 05:41 PM

I installed and set up O&O Antispyware to block all the telemetry.
Also disabled windows updates,but it seems the speed it’s just the same.

**Malnutrition** · 10-06-2022, 05:46 PM

Bypass your router and test. Also, run a test at speedtest.net via wireless, and post the results.

**Malnutrition** · 10-07-2022, 11:50 AM

@puki Still only slow internet?

**puki** · 10-07-2022, 06:18 PM

Today the internet is ok.
I don’t want to share my ip due to security reasons.

**Malnutrition** · 10-07-2022, 06:52 PM

So I imagine we can call this solved then? No problem on sharing the ip . That’s irrelevant to the issue.

**puki** · 10-07-2022, 06:56 PM

Hope everything will be okay.
Let’s wait 2-3 days.

**puki** · 10-08-2022, 04:09 PM

Originally posted by puki

Someone is controlling my pc :
-closing apps
-hide tray icons
-change my passwords
-delete files
-my internet is so slow at moments (i never shared my Wifi password with anyone)

Also i have already tried to reset the router to default settings. (i’m sure i don’t have malware in the router).
I also tryed to flash my BIOS (without success of course).
And have have checked my HDD firmware for viruses(none there).
I even paid for virus removal and when back at home the virus just wasn’t removed.
I have read a lot about those viruses,but don’t know how it’s remain.
What information maybe useful for you?
I will post fresh FRST log in the next post.

I think the hacker is back …
Everything is described above just happen again and again.

**Malnutrition** · 10-09-2022, 01:15 AM

What new connection did you allow? I have tested that glasswire with live malware samples and if there is a connection attempt it has detected it 100 percent of the time.

Also, install and run CatchPulse it can be run along side defender and glasswire. If you have anything else installed besides defender and Glasswire remove it then reboot and install.

Upload fresh FRST and Addition.txt logs, I will have one last look, as I am not seeing any malware on your machine.

**puki** · 10-09-2022, 07:22 PM

I don’t allowed any connection from Glasswire.
I installed an trial version on CatchPulse and i don’t have any antivirus software except Windows defender.
And i think there’s no point to post logs from FRST.
It’s no problem for me,but i don’t want to waste your time.
By the way for first time i’m facing virus,who is not detectable by the antivirus software and even remain after Windows re-installation.

**Malnutrition** · 10-09-2022, 11:02 PM

I have seen a couple of your other threads in other malware removal forums, and they also came to the same conclusion I did. All of your files are digitally signed by their perspective companies, you have a firewall that will tell you if there is an outside connection…

There is no malware on your machine only way it could be there is if you copy of windows was torrented and they had a built in backdoor…

Several malware helpers including myself have declared you malware free. There is nothing more that I can do.

I can direct you to another forum, but you must use translation software to post there.

Порядок оформления запроса о помощи

https://forum.kasperskyclub.ru/topic/43640-porjadok-oformlenija-zaprosa-o-pomoshhi/

В А Ж Н О ! Ознакомьтесь внимательно с нижеизложенной инструкцией и выполните все её пункты. 1. Проведите проверку ПК, воспользовавшись одним из следующих продуктов: Kaspersky Virus Removal Tool; Dr.Web CureIt!. 2. Скачайте актуальную версию автоматического сборщика логов, необходимого для анализ...

Правила оформления запроса о помощи

https://www.safezone.cc/pravila/

FAQ Как оформить запрос о помощи в разделе лечения? Внимание! Инструкции, подготовленные нашими специалистами, пишутся (составляются) индивидуально для каждого пользователя. Не производите самостоятельного лечения на основании инструкций, которые подготовлены для другого пользователя, так как...

Post a link to that thread here, as I am interested whether they are able to find anything wrong with your machine.

Rat infection

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment