Need Help My devices all hacked or being accessed by a Developer. All events by hacker logged in Event Viewer

Device model
The software I have used is Trend Micro, McAfee live, Norton Internet Security, and a VPN service

Slyguy

Level 31
Joined
Jan 27, 2017
Messages
2,019
OS
Other OS
#21
Thank you for that. I will try and be more concise with my posts. So I reset my HP all-in-one desktop yesterday and restored it to factory default settings. I completely wiped Everything clean including all my data.
Now today I opened Event Viewer and it looks like to me it is compromised once again by a network of individuals. I have Windows 64bit.
Since yesterday and Reset, I have 2002 events in SYSTEM under Windows Logs. Many are suspicious and looks like they are setting up the malware and remote access to my computer. I'm not sure what the most important and relevant items to share to best enable your support . I can take pictures and download them but of which items?
Also wondering if I should switch over to the Windows forum but didn't want to lose my support people so far (warrior, Slyguy, spawn, ticklemefeet).The good thing is at least I can see how they compromise my system at the start..
Event Viewer is rubbish. It's used by scam websites you call to scare you into paying them for scam cleanups. Unless you know what you are seeing in event viewer then you are chasing phantoms.

Don't get paranoid and reactionary here, establish real evidence, then formulate a plan of attack. If you are reactionary then they can just as easily push your buttons to force you into mistakes because you will become irrational.
 
Likes: lowdetection
Joined
Aug 10, 2013
Messages
83
#22
N Noonebelievesme Don't fix one device at a time while others are infected and active. The fresh clean device will get infected for sure (over time). Either shut down all (and start doing what slyguy said) or its a waste of time. Atleast thats my opinion as a novice user :D
 
Joined
Sep 2, 2014
Messages
183
#23
@ N Noonebelievesme you have been given Very good advice by Slyguy Slyguy You need to follow it the letter ,,,,,,, you need to as
F Freki123 said fix all or nothing , You need to take a breath calm down and follow the advice , ho my, just realized I starting to sound like my mom , ,,, lol
 
Joined
Mar 25, 2018
Messages
14
OS
Windows 10
Antivirus
Trend Micro
#24
FREKI123. Yes I've learned from experience that when one device is compromised the rest quickly follow . However I think the best thing is to Target my PC first cuz that seems to be where the hackers control center is.

Slyguy/Warrior/Others
At this point I am not paranoid or reactionary to Event Viewer
(although was a bit when suggested hackers have physical access to my home which I already kind of guessed but no one had substantiated it yet).. It's been going on too long. If the Event Viewer alone were all I was basing the hacking on that would be something else. However I find it very useful as it seems to correlate with everything that I've observed happening to my PC and router/wifi.

Here are some screen pics I took of my computer including EVENT Viewer, Device Manager, and Task Manager services. I've also included pics of my HP computer specs and installed software . Note all the Microsoft software installed, especially Visual C. Also when I look at all the Microsoft updates in Event Viewer they are not revealed in my specs. Also I have not installed one thing onto my computer as of yet. I don't think HP installed all the Microsoft software at the factory. Note that my computer name is DESKTOP- OMMGFUD (the name changes every time i reset my pc) and it's part of a work group and it will not let me change it. Found another computer ACPI x64 PC "under" my desktop heading in device manager. Note that this other computer was configured and started on 4/5/18 like all the other occurrences in the Event Viewer. Theres also yet another computer referenced in Event Viewer called WIN 7GD6RAA6V0O.

Now what are all those other computer names?

Similar to my experience with my last hacked laptop something generates a name for my current computer and it's always DESKTOP-____________ something. Last time I had two different names at two different times as shown on my router home page. Its as if someone changes my computer into a mere shell of a computer with limited capabilities and is always under the DESKTOP TAB. I've never named my computer these names and I don't know what the name is referencing. I have included photos of what I think is relevant and important but correct me if I'm wrong or let me know what would be more helpful.

Anyway the photos show what my theory is regarding a Microsoft developer or team accessing my computer remotely as well as my router/internet. Each time I get a new computer or reset my computer a new event Viewer and log begins detailing what they do to my computer. Note that I bought and brought home this PC on March 4th 2018 but reset it 4/5/18. So the events start again at 4/5/18. I don't know how they do it, the motive, and how to connect all the dots of the evidence I found, that's where I need the help of knowledgeable IT/COMPUTER/SOFTWARE individuals.

OK I HAVE 60 PHOTOS,
isnt that too many to download here? Is there a limit?
I'll wait to get an answer before I start posting pics..

Thanks as always
 
Last edited:
Joined
Mar 25, 2018
Messages
14
OS
Windows 10
Antivirus
Trend Micro
#25
Yes i will certainly follow slyguy`s advice (to the letter). And I will post an update on how it all goes. Problem is right now I have to have constant Wi-Fi access as I am job seeking and communicating with recruiters frequently throughout the day. I can't pause this at this point as income is a necessity right now. I also can't go get a Chromebook just yet unless I can talk HP or Best Buy into refunding me on my PC. Already tried that with HP and they said no because it was not a hardware issue. Tried to make it a hardware issue but they didn't buy that. Anyway I am grateful for the advice and looking forward to resolving this nightmare hopefully..

Just waiting to see how many pics i can load..may be helpful for supporters to get a better idea of the issues involved..
 
Joined
Mar 25, 2018
Messages
14
OS
Windows 10
Antivirus
Trend Micro
#26
Staff member question:
Can u pls help me to copy or move this thread to the Windows forum? I feel that this is more about my PC right now than my mobile devices and dont want to irritate others in the mobile forum..
 
Joined
Mar 25, 2018
Messages
14
OS
Windows 10
Antivirus
Trend Micro
#27
And you don't think this would be at all suspicious?? I would burn it.

Buy a new Android tablet, visit a family or friends place to change your passwords in case your router is compromised.

For Google:
Review your security activity and recent devices
myaccount.google.com/security#activity

Review apps connected to your account
myaccount.google.com/security#connectedapps

Run through the security check-up
myaccount.google.com/security-checkup

Last of all, check out this program (purchases required)
Google's Advanced Protection Program

*Review - don't just look at it, remove anything remotely suspicious or even everything.

You can repeat the same for your Microsoft and Apple iCloud account(s).


Not a hardware-related issue? Is your HP desktop or laptop Windows 10 compatible? How old is it?
I was reading about Google's Advanced Protection Program you referred to above. If assuming i'm correct and there are hackers accessing my devices remotely, using a keystroke logger on me, and take control of my devices, do you think this program, specifically using the 2 physical keys, would prevent the hackers from accessing my accounts? I'm willing to try anything but thinking if they can see my keystrokes not much I can do to safely use any app/device??
 
Joined
Nov 5, 2011
Messages
4,226
#28
I just want to bring back my normal online browsing and put into action my plan of pursuing my purpose and also I am on my journey of self transformation where all my sources of informations are online, this problem get me stuck once again. But as I've learn that for every problem we encounter we must take it possitively and try to find opportunity associated with it. While I am stuck with this hacking issue, I got this idea to make an e-book. I patiently handwritten my research and used digicam for some proof and when everything is back to normal I will just type everything. My goal is to give awareness about cybercrime especially here in my country, I just found out that only few are aware of this issue given that Philippines is number 8 among countries vulnerable to cyber attack.
I just hope and pray that this nightmare will end the soonest.
With the help of our friends here at malwaretips.com.
Though I still have doubt, I wondered after how many times I tried to post and ask assistance here only this one succeeded.
So Imelda Bilda wrote:
"I just want to bring back my normal online browsing and put into action my plan of pursuing my purpose...While I am stuck with this hacking issue, I got this idea to make an e-book....I just hope and pray that this nightmare will end the soonest. With the help of our friends...Though I still have doubt...here only..."

It is necessary to be able to read between the lines
 

Slyguy

Level 31
Joined
Jan 27, 2017
Messages
2,019
OS
Other OS
#29
It is necessary to be able to read between the lines
I agree..

As for Chromebook, a powerwash totally wipes the device, so Best Buy is correct in that it probably isn't a hardware issue. I'm unaware of a powerwash not cleaning EVERYTHING unless you re-login with the same account and reload the same crap stored in the same account. Which is why I said to use ChromeOS Guest Mode.

I have no further information to add to this thread and have no interest in helping someone author an E-Book. :sneaky:
 

Spawn

Administrator
Staff member
Joined
Jan 8, 2011
Messages
16,832
OS
Windows 10
Antivirus
Microsoft
#30
15) Setup the new phone with ALL NEW credentials, new email address, new accounts. Your old ones are damaged goods, DO NOT log back into them for now.
Do you recommend the Google Advanced Protection Program for the new Google account, or are the new accounts temporary?

iCloud accounts cannot be deleted / terminated, but if OP has nothing of value on Microsoft or Google accounts, should they request account closure for them?
 

Slyguy

Level 31
Joined
Jan 27, 2017
Messages
2,019
OS
Other OS
#31
Do you recommend the Google Advanced Protection Program for the new Google account, or are the new accounts temporary?

iCloud accounts cannot be deleted / terminated, but if OP has nothing of value on Microsoft or Google accounts, should they request account closure for them?
I suppose he/she could use GAP. I was thinking more like just making keygen temporary accounts for now. I'd close all accounts with little to no value as you note. If there are many important things on them, I think they should evaluate their methods for securing important things. IMO.
 
Likes: lowdetection
Joined
Mar 25, 2018
Messages
14
OS
Windows 10
Antivirus
Trend Micro
#32
So I don't believe I power washed my Chromebook before returning it to the store. I think I just reset it according to the Chromebook settings. It was my Windows PC, not the Chromebook, that Hewlett-Packard tech support said I could not get a refund or exchange because it was not a hardware issue but advised me that it was " a Microsoft issue" and that I should get in touch with Microsoft.

So here's a few pics of my screens of my Android tablet, PC's Event Viewer, task manager, original specs on my HP when purchased on 3/4/18, device manager to show the current Hardware installed, and a few pics of my router settings. In the specs it shows all the software installed including microsoft but I have not downloaded anything at all.

If anyone can make anything of these pics I'd be glad to hear it.. at least if someone could confirm or deny, based on the pics, if it looks like my computer and/or my router/wifi network are being accessed remotely...

Screenshot_20180326-013535.png Screenshot_20180326-013342.png
 
Last edited by a moderator:
Joined
Mar 25, 2018
Messages
14
OS
Windows 10
Antivirus
Trend Micro
#33
Oh geez! i just spent over an hour attaching all the files of my PC screenshots but they didn't show up in my previous post. I wonder why. They showed up as I chose each one but there was a line drawn through the title but I still figured they would send. Theyre .jpg files..

Anyone know what went wrong or how to load them correctly?
 
Joined
Mar 25, 2018
Messages
14
OS
Windows 10
Antivirus
Trend Micro
#34
OK I HAVE 60 PHOTOS,
isnt that too many to download here? Is there a limit?
I'll wait to get an answer before I start posting pics..

Thanks as always
The beginning.jpg HPspecs1of4.jpg HPspecs2of4.jpg HpSpecs3of4.jpg HPspecs4of4.jpg Device manager inventory.jpg More devices.jpg More devices to.jpg Strange device.jpg Notmydeviceinstall.jpg Strange device2.jpg Task manager services1 of 4.jpg
 
Last edited by a moderator:
Joined
Mar 25, 2018
Messages
14
OS
Windows 10
Antivirus
Trend Micro
#35
Well my apologies I just spent a very long time trying to insert the photos of my corrupted devices but the hacker is thwarting my efforts rearranging my pics replacing them with other pics so I give up.. seems he doesn't want me to share those pictures. Anyway I've got your advice Sly in previous post so got the help I needed or at least a starting point so thank you. I'm going to print and save it then carry it out when I can..
 

Spawn

Administrator
Staff member
Joined
Jan 8, 2011
Messages
16,832
OS
Windows 10
Antivirus
Microsoft
#36
N Noonebelievesme I've cleaned up some of your posts (removed blank quotes), change images to thumbnails only (click to view).

Android:
Disable the Developer options in the Settings.

Windows:
You do realize that Advanced Micro Devices is AMD, which is the CPU of your PC.

Cannot really give any advice, since level of confusion is over 1000.

Staff member question:
Can u pls help me to copy or move this thread to the Windows forum? I feel that this is more about my PC right now than my mobile devices and dont want to irritate others in the mobile forum..
MRA for Windows is run by our Malware Removal Experts. Please create a new topic in MRA for Windows if you feel that your PC has malware.

Read the following ([MANDATORY] Preparation Guide Before Requesting Malware Removal Help) before posting in Malware Removal Assistance For Windows
 
Joined
Sep 2, 2014
Messages
183
#37
What i see
1) record of Powershell trying to remove some McAfee files
2) device driver issues with Pnp most likely caused by Advanced Micro Devices ,,, u will find AMD Micro Devices and HP issues all over the web Here for a start
What I dont see
1) Is any evidence of a hack , or a rat, or hardware intrusion ...

I also think TwinHeadedEagle TwinHeadedEagle should have a look ,
it will be interesting...........
 
Likes: Umbra

Umbra

Level 61
Content Creator
Verified
Joined
May 16, 2011
Messages
17,639
OS
Windows 10
Antivirus
Default-Deny
#38
I have hard time to believe in the seriousness of this thread...some stuff said are just nonsense...maybe im wrong, but my instincts rarely fail me...
 
Likes: Warrior