Author Topic: Real Time Protection?  (Read 345 times)

0 Members and 1 Guest are viewing this topic.

December 23, 2018, 12:54:37 pm

sambud

  • Newbie

  • Offline
  • *

  • 10
  • Reputation:
    0
    • View Profile
Real Time Protection?
« on: December 23, 2018, 12:54:37 pm »
Hi, I am a new user and purchased the premium version of this product, and have malwares being detected and quarantined. 

But Just right after I remove them and quarantined.

Another multiple similar names would re-appear just right after I scan after another as if they are being cloned or copied/pasted or by an encoded script.

Is there a real-time protection.  I have also purchased Malwarebytes where it has a real-time protection feature and it automatically blocks trojans, and PUPs, etc.  How can I do the same for this product so I don't have to manually run this software product again every 3 hours or so?

Thank you.

Reply #1December 23, 2018, 04:47:43 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2144
  • Reputation:
    77
    • View Profile
Re: Real Time Protection?
« Reply #1 on: December 23, 2018, 04:47:43 pm »
Hi sambud,

Thanks for supporting our product and welcome to Adlice.com Forum.
RogueKiller doesn't feature real-time protection features.

However, if your computer is infected, we can help you to get rid of the infection.
Could you please attach latest RogueKiller and Malwarebytes reports with your next reply ?

Regards.

Note : This thread has been moved to the "RogueKiller PREMIUM" section for clarity.

Reply #2December 25, 2018, 12:02:39 am

sambud

  • Newbie

  • Offline
  • *

  • 10
  • Reputation:
    0
    • View Profile
Re: Real Time Protection?
« Reply #2 on: December 25, 2018, 12:02:39 am »
Apparently my computer is key logged and root kitted.

This remote hacker keeps changing my settings, stealing files.  A criminal in the internet.

I have probably done over 20+ scan and quarantine one after another, and it keeps on regenerating.
I believe this is automated.

Reply #3December 25, 2018, 12:10:06 am

sambud

  • Newbie

  • Offline
  • *

  • 10
  • Reputation:
    0
    • View Profile
Re: Real Time Protection?
« Reply #3 on: December 25, 2018, 12:10:06 am »
This has to be stopped.  Cyber harassment, trolling, stalking, bullying, cyber thieves must be put to an end.

And here is from MalwareBytes.

Appreciate the reply.

Reply #4December 25, 2018, 05:59:30 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2144
  • Reputation:
    77
    • View Profile
Re: Real Time Protection?
« Reply #4 on: December 25, 2018, 05:59:30 pm »
Hi sambud,

Your system is clean.

The [PUM.StartMenu] detection means that the value of a Registry key is not the default one, but it's not necessarily malicious.
In your case, App Launch Tracking is disabled (Start_TrackProgs value set to 0), it's legit.

Since, this is a Windows settings, the value is automatically restored on reboot, thus RogueKiller detecting it again.
Regarding Malwarebytes, it seems it detected someting on your system HOSTS file, but it was succesfully restored.

Regards.

Reply #5December 26, 2018, 05:24:48 am

sambud

  • Newbie

  • Offline
  • *

  • 10
  • Reputation:
    0
    • View Profile
Re: Real Time Protection?
« Reply #5 on: December 26, 2018, 05:24:48 am »
Hi,

Thanks for the feeback.

There are some applications that is hidden for sure that is not being detected.

I have a remote hacker who is actively changing my settings, disabling my firewalls, crashing my computer to force restart, next thing I know my settings are changed again and have to change them back.  Just now, crashed an app I was running, deleted a file I can' t run it on again because of a missing file..  Unfortunately

This been happening, a remote hacker is stalking, and harassing me, which is why I began searching for these things, and Rogue and Malwarebytes came up the top of the list.  I've had enough
« Last Edit: December 26, 2018, 05:28:24 am by sambud »

Reply #6December 26, 2018, 06:50:45 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2144
  • Reputation:
    77
    • View Profile
Re: Real Time Protection?
« Reply #6 on: December 26, 2018, 06:50:45 pm »
Hi sambud,

The causes of all these are mostly a damaged system. However, we are going to check your system for rootkits.
  • Please download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.



  • Check Loaded Modules and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.



  • Click Start Scan and allow the scan process to run.
    If threats are detected select Skip for all of them unless I instruct you otherwise.
  • Click Continue



  • Click Reboot computer
Please attach the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically C:\) in your next reply.

Regards.

Reply #7December 28, 2018, 01:58:12 am

sambud

  • Newbie

  • Offline
  • *

  • 10
  • Reputation:
    0
    • View Profile
Re: Real Time Protection?
« Reply #7 on: December 28, 2018, 01:58:12 am »
I am absolutely certain that is not through damaged system.  This all being done intentionally, how do I know?  Because remote hacker contacts me and lets me know in a sadistic manner that "I've been hacked"  "I'm getting hacked"  or that he's "hacking!" and after that continues to troll and actively mess around with my settings.

The psychopath kept on changing my settings even though I am the only account in this computer who is administrator, no other guest settings, none else yet perpetrator was able to change my settings so I won't be an admin to some files/folders/or any changes but he will only have control over them, and not me as if he owns the computer.  Interfering with what I'm doing, force restarting, crashing my apps, etc.  To avoid me finding fixes, IE:  updating the Windows 10 to the fullest version because I can't not being an admin. 

Anyways, I did everything from that previous post instructed, scanned and found no threats.  (see first attachment)
Update:  I can no longer find any threats or any other suspicious tracks with even malwarebytes and rogue.

The perpetrator is sophisticated and very sneaky, who has learned how to bypass through these apps systems and remain undetected.  On my scan history, after the 26th of December there were no more traces of his illegal online remote hacking activity..  None appearing in malwarebytes and rogue.  Yet is still there silently.. maliciously.. to further exploit harass, stalk, troll.. etc

1andahalf - 2 days ago, I was able to update this windows version w/o the need of admin privileges.  I was able to scan with Windows scanner thankfully through updating to the latest version, so I did a full scan and discovered many of the infections.  There may be more that remains undetected.  I did some action already, and quarantined them yet it says they are still "active".  Restarted/shut down computer but Just like in the pictures still "active".  How do I remove them all permanently for good?  And find other undetected threats as there possibly may be more??
« Last Edit: December 28, 2018, 02:10:00 am by sambud »

Reply #8December 28, 2018, 07:19:14 am

Hycotuss

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
Re: Real Time Protection?
« Reply #8 on: December 28, 2018, 07:19:14 am »
@Sambud Sorry to hear about your situation.

Have you tried to harden your network (i.e., Changing login password, Updating Firmware, Access Control Lists, MAC filtering, etc..)?
Locking down your network should take priority over client/host machines or segregating infected computers, as that can be a never ending battle.
If possible don't access your router firmware from the infected PC use a smartphone or laptop.

Reply #9December 28, 2018, 07:46:28 am

sambud

  • Newbie

  • Offline
  • *

  • 10
  • Reputation:
    0
    • View Profile
Re: Real Time Protection?
« Reply #9 on: December 28, 2018, 07:46:28 am »
@Sambud Sorry to hear about your situation.

Have you tried to harden your network (i.e., Changing login password, Updating Firmware, Access Control Lists, MAC filtering, etc..)?
Locking down your network should take priority over client/host machines or segregating infected computers, as that can be a never ending battle.
If possible don't access your router firmware from the infected PC use a smartphone or laptop.

As far as all of those things mentioned.  I've tried changing the login password and wifi passwords, still nothing. 
If the network is the core of all of things, then I should focus on that area.
The rest I have not yet tried.  No idea how to do those yet.  I'm not familiar with Firmware.  I'll search things up to get an idea and learn.
Should I invest in a new router or change internet service provider?  I am using a router provided by internet service provider. 

If there is such thing as evil, this perpetrator is.

Reply #10December 28, 2018, 06:35:46 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2144
  • Reputation:
    77
    • View Profile
Re: Real Time Protection?
« Reply #10 on: December 28, 2018, 06:35:46 pm »
Hi sambud,

Quote
Because remote hacker contacts me and lets me know in a sadistic manner that "I've been hacked"  "I'm getting hacked"  or that he's "hacking!" and after that continues to troll and actively mess around with my settings.
Interfering with what I'm doing, force restarting, crashing my apps, etc.  To avoid me finding fixes, IE:  updating the Windows 10 to the fullest version because I can't not being an admin.
Could you please send screenshots of these ?

Please download Farbar Recovery Scan Tool (x64) and save it to your Desktop.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also attach that along with the FRST.txt into your reply.
Regards.

Reply #11January 02, 2019, 05:11:39 am

sambud

  • Newbie

  • Offline
  • *

  • 10
  • Reputation:
    0
    • View Profile
Re: Real Time Protection?
« Reply #11 on: January 02, 2019, 05:11:39 am »
Hi Curson,

Scanned and files are attached.

There are tons of details. 

Is there anything wrong, and can it be fixed?
If not what are the possible solutions beside having to further investigate about the network as Hycotuss mentioned??

Would like to fix this to rid of exploits.

Happy New Year
Thanks.

Reply #12January 04, 2019, 10:42:35 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2144
  • Reputation:
    77
    • View Profile
Re: Real Time Protection?
« Reply #12 on: January 04, 2019, 10:42:35 pm »
Hi sambud,

Please uninstall the following applications :
  • Spybot - Search & Destroy (outdated and may cause instability issues)
  • Super Seducer (infected cracked game)
  • Assassinís Creed Odyssey (possibly infected cracked game)
You are using other cracked games that may contain malware. Please be aware of it.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system !

Run FRST and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply.

How is your computer running ?

Regards.

Reply #13January 05, 2019, 06:28:50 am

sambud

  • Newbie

  • Offline
  • *

  • 10
  • Reputation:
    0
    • View Profile
Re: Real Time Protection?
« Reply #13 on: January 05, 2019, 06:28:50 am »
Hi Curson,

I have been uninstalling. 

The adversary is manually poisoning my files.  I had Fortnite running well for months and months consistent, no problem.

Until the perpetrator changed the settings, now I can't even run the game.   It says "may not have the appropriate permissions to access the item."

Sometimes when I scan again, a healthy regular file ran for months and months and months will be detected even when before it wasn't infected, and the anti-malware/virus w/e will want me to delete it, and then the apps won't function properly no longer or will be deemed to be destroyed.

Totally messing up computer system, and not just for games.

Even when I am no longer connected to the internet, the adversary is able to remotely control my computer. 



P.S.

How to REMOVE hidden user accounts in Windows 10??

I discovered this when I am trying to make changes in my system, and this account wasn't in my control panel  Users list, nor I created it.
There is only 1 account for this device.
- It is asking me password, and none of my security passwords worked for this account, so it's the Adversary's remote hacker's account disguised and hidden inhibiting me to make this one system change.  And possibly how is able to access and change system settings undetected.
« Last Edit: January 05, 2019, 08:14:56 am by sambud »

Reply #14January 06, 2019, 06:04:32 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2144
  • Reputation:
    77
    • View Profile
Re: Real Time Protection?
« Reply #14 on: January 06, 2019, 06:04:32 pm »
Hi sambud,

Could you please attach the fixlog.txt report with your next reply ?

Quote
Until the perpetrator changed the settings, now I can't even run the game.   It says "may not have the appropriate permissions to access the item."
Your system seems damaged.

Quote
Even when I am no longer connected to the internet, the adversary is able to remotely control my computer.
I'm sorry, but that's not possible.

Quote
How to REMOVE hidden user accounts in Windows 10??

I discovered this when I am trying to make changes in my system, and this account wasn't in my control panel  Users list, nor I created it.
There is only 1 account for this device.
There is five accounts registered on your computer :

Code: [Select]
Administrator (S-1-5-21-2967969622-1393707293-1905837764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2967969622-1393707293-1905837764-503 - Limited - Disabled)
Guest (S-1-5-21-2967969622-1393707293-1905837764-501 - Limited - Disabled)
User (S-1-5-21-2967969622-1393707293-1905837764-1002 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2967969622-1393707293-1905837764-504 - Limited - Disabled)

As you can see, only the "User" account is enabled and it's yours. Please don't try to delete it.

Regards.