September 5, 2021

Persistent fileless entry hacker problem

Hey everyone i’m at wits end I’ve gone through 1 desktop and 2 laptops and EVERY installation is plagued, this may be the wrong place to post this and if you can please direct me to the right place id be in your debt. At first I thought malware was at fault for allowing some kind of remote access to my computer but all reputable cleaners on forums to help out assure me time and time again that there is no malware present.

I need help finding out a way to escape their reverse shells. How are they finding me and in a matter of minutes has populated droppers and virus malware that changes my password or eventually makes the laptop grind to a hailt and it gets bricked. These guys are living off the land using DLL injection and using svhost and run32.dll to do some very bad things to my computer. . Lastly, in admin control there are so many com/dcom files and services that have remote access and I do not have the ability to edit the owner or permissions.
I know I am at the very least sharing everything on my laptop file wise it even says with a green thing saying Shared. I did not share anything. Also when I download an iso for a clean install it says ” this file came from another computer and might be blocked to help protect this computer” when right clicked and navigating to the general tab under properties.
When I install windows it automatically fills my scheduled tasks to the brim with malicious sounding things like things that would reveal network information. Shortly after windows boots up for the first time its already “updating drivers” but its also installing two virtual LAN cards. Virtualization i believe they all it. Things like ETWProviderInstall.vbs are littered throughout a specific folder that is hidden called programdata. The things in there populate such as installpersistsqlstate.sql with its own mind free of any of my input. Have I been absorbed into some workgroup windows server 2012?! So my antivirus detected conhost as a malicious program. Searchprotocallhost.exe is also showing up as a malicious program (keeps trying to open repetitively) and was blocked by my antivirus. I don’t know what to do do you? Ty so much

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.