[Offline] Background processes and windows popping up with random letters like "fvlxgrs"

D

disposable0101

New Member
Thread author
Apr 13, 2018
1
They are blank windows popping up in the BACKGROUND, and can go unnoticed (and clicking on them does not bring it to the front); sometimes it even has sounds and videos.
They do not pop up when I'm on a browser, rather, they pop up offline. They do mess with browsers a bit, like redirecting, pop ups, and other things.

I've scanned and deleted everything possible with CCleaner, Malware Byes, Hitman Pro, AdAware, rkiller, etc.
Deleted the registry entries that it modified on windows autoruns.
At first, it was a lot, and non stop.
But now it almost never reappears, only once in a while. I know I was on the right track. I know I'm almost clean. But no software can detect anything anymore.
I have to emphasize that it is VERY infrequent now, like once every dozen hours or so.
The infected files and entries were named: begat, nymph, escalona, soir, wealthier, occasionoccasion, etc. etc.
 

Attachments

  • Addition.txt
    39.1 KB · Views: 0
  • FRST.txt
    146 KB · Views: 1
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hello,



Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
  • Now you should get a window like this where you need to click Troubleshoot.
Windows-10-2.jpg

  • In the next window, click Advanced options and select Command Prompt.
  • Now you should log in into your account and after that Command Promptwindow.
notepad.png
Access the notepad and identify your USB drive

In the Command Prompt please type in:
Code: 
notepad
and press Enter.
  • When the notepad opens, go to File menu.
  • Select Open.
  • Go to Computer and search there for your USB drive letter.
  • Note down the letter and close the notepad.


FRST.gif
Scan with Farbar Recovery Scan Tool

Once back in the command prompt window, please do the following:
  • Type in e:\frst64.exe and press Enter.
    You need to replace e with the letter of your USB drive taken from notepad!
  • FRST will start to run. Give him a minute or so to load itself.
  • Click Yes to Disclaimer.
  • In the main console, please click Scan and wait.
  • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.

Transfer it to your clean machine and include it in your next reply.
 

Similar threads

klepto
    • Like
Cromite (a Bromite fork) For Android/Windows/Linux With Patches From Brave and Ungoogled Chromium
Replies
1
Views
299
Chrome & Chromium
Bot
Bot
V
    • Like
Unlimited Giveaway Apple Event 2023 Giveaway - AOMEI, Wise Data Recovery, Malware Hunter and other 7 Software Apps Free Download (total worth $326)
Replies
1
Views
2,242
Giveaways, Promotions and Contests
PlatinumPlatypus
P
W
    • Thanks
  • Locked
Bizzare incident with suspected malware
Replies
2
Views
723
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top