[Offline] Background processes and windows popping up with random letters like "fvlxgrs"

D

disposable0101

New Member
Thread author
Apr 13, 2018
1
They are blank windows popping up in the BACKGROUND, and can go unnoticed (and clicking on them does not bring it to the front); sometimes it even has sounds and videos.
They do not pop up when I'm on a browser, rather, they pop up offline. They do mess with browsers a bit, like redirecting, pop ups, and other things.

I've scanned and deleted everything possible with CCleaner, Malware Byes, Hitman Pro, AdAware, rkiller, etc.
Deleted the registry entries that it modified on windows autoruns.
At first, it was a lot, and non stop.
But now it almost never reappears, only once in a while. I know I was on the right track. I know I'm almost clean. But no software can detect anything anymore.
I have to emphasize that it is VERY infrequent now, like once every dozen hours or so.
The infected files and entries were named: begat, nymph, escalona, soir, wealthier, occasionoccasion, etc. etc.
 

Attachments

  • Addition.txt
    39.1 KB · Views: 0
  • FRST.txt
    146 KB · Views: 1
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hello,



Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
  • Now you should get a window like this where you need to click Troubleshoot.
Windows-10-2.jpg

  • In the next window, click Advanced options and select Command Prompt.
  • Now you should log in into your account and after that Command Promptwindow.
notepad.png
Access the notepad and identify your USB drive

In the Command Prompt please type in:
Code: 
notepad
and press Enter.
  • When the notepad opens, go to File menu.
  • Select Open.
  • Go to Computer and search there for your USB drive letter.
  • Note down the letter and close the notepad.


FRST.gif
Scan with Farbar Recovery Scan Tool

Once back in the command prompt window, please do the following:
  • Type in e:\frst64.exe and press Enter.
    You need to replace e with the letter of your USB drive taken from notepad!
  • FRST will start to run. Give him a minute or so to load itself.
  • Click Yes to Disclaimer.
  • In the main console, please click Scan and wait.
  • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.

Transfer it to your clean machine and include it in your next reply.
 

Similar threads

A
Beginning to enable a set of new features for Windows Insiders in the Dev Channel on Build 26120.961
Replies
0
Views
277
Windows 11
Amanda Langowski
A
W
    • Thanks
  • Locked
Bizzare incident with suspected malware
Replies
2
Views
965
Windows Malware Removal Help & Support
nasdaq
nasdaq
Bot
    • Like
Announcing Windows 11 Insider Preview Build 22621.1680 and 22624.1680
Replies
0
Views
818
Windows 11
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top