Malware? Spyware? Hacked? Help please.

Astronaut404
Astronaut404
in Scam Busters

Hello!

I am having a bit of a weird issue. I tend to leave my computer on and running witch I know isn't the best thing to do but It will sleep and lock. So I would walk away for a couple hours and even sometimes a day.

I noticed a couple days ago multiple tabs were opened all at the same time by themselves showing my account information on Amazon, Google, PayPal login and other account info. Temu even… yet I don't use Temu. Googles Third-party apps & services.

I have scanned multiple times with multiple antivirus removed all extensions. Utilized Seraph Secure to make sure someone wasn't remoted in. Cleared all cookies and full history on chrome and the other browsers I use. This is still occurring.

It seems to login to the account if it's able to and move to my account settings. I recently removed most of my saved password. So it's now stopping at the login page?

I have caught it open twice on Chrome and OperaGX but all the tabs will close themselves. Only once did it not close all the tabs down on chrome. I can see my history that's this has happened a hand full of times. I don't leave my PC running anymore since this but has anyone seen anything likes this? I am concerned I need to just nuke this whole PC at this point if that would even stop this. Not sure what to do. I can't find any info about this.

stop.png


Very weird.
Thanks for the help.

Answers

  • Flexx
    Flexx mod
    edited October 17
    https://community.bitdefender.com/en/discussion/101815/malware-spyware-hacked-help-please

    Here are some steps you can take to resolve this problem:

    1) Change Your Passwords: Change passwords for all accounts accessed from your computer, especially sensitive ones like Amazon, Google, and PayPal. Use a different device to change your passwords if possible.

    2) Enable Two-Factor Authentication (2FA): For accounts that support it, enable 2FA to add an extra layer of security.

    3) Review Installed Applications: Go through your installed programs to check for any that you do not recognize or did not install yourself. Uninstall anything suspicious.

    4) Reset your web browsers:

    Google Chrome: https://support.google.com/chrome/answer/3296214?hl=en

    Mozilla Firefox: https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings

    Microsoft Edge: https://malwaretips.com/blogs/reset-microsoft-edge/

    Opera: https://browsersolution.com/reset-opera-browser

    Vivaldi: https://help.vivaldi.com/desktop/install-update/full-reset-of-vivaldi/

    Brave: https://support.brave.com/hc/en-us/articles/360017903152-How-do-I-reset-Brave-settings-to-default

    5) Open the Run command and execute the following commands one by one:

    temp - delete all the files in the folder

    %temp% - delete all the files in the folder

    prefetch - delete all the files in the folder

    6) Run Disk Cleanup using this guide: https://support.microsoft.com/en-us/windows/disk-cleanup-in-windows-8a96ff42-5751-39ad-23d6-434b4d5b9a68

    7) Reset the Windows host file to default. You can find instructions here: https://support.microsoft.com/en-us/topic/how-to-reset-the-hosts-file-back-to-the-default-c2a43f9d-e176-c6f3-e4ef-3500277a6dae

    8) Update and run a full scan with your Bitdefender product.

    9) For more suspected threats, use online scanners from various antimalware vendors that do not require installation.

    AdwCleaner: https://www.malwarebytes.com/adwcleaner

    ESET Online Scanner: https://www.eset.com/in/home/online-scanner/?

    F‑Secure's free virus scanner: https://www.f-secure.com/en/online-scanner

    Dr.Web CureIt!: https://free.drweb.com/cureit/

    Trend Micro HouseCall: https://www.trendmicro.com/en_in/forHome/products/housecall.html

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Astronaut404
    Astronaut404

    First thing I did was change passwords and enable 2FA and anything I haven't yet.
    But ok I will go through each of these and hopefully this won't happen again.

    Will keep ya'll posted.

    Thank you.

  • DeyJKP658
    DeyJKP658 Defender of the month
    edited November 13

    Nice to meet you.

    I don't think security will be high if you only use the cloud-based client security you specified.

    I think it will be difficult to take measures against information leaks unless you use an integrated security appliance device or other system for network security and configure cloud-based security on the assist side.

    This is commonly known as UTM, and I think it would be a good idea to set up your network environment so that it is redundant with your network security.

    Cloud-based security alone will not provide strict security measures unless you also address issues such as communications between the communication devices of the target terminals, data leaks from DNS communications, and vulnerabilities in the communication devices.

    There is also a possibility of leakage of the communication data that passes through the cloud security's pattern matching communications, the sending and receiving of update data, and so on.

All Time Leaders

Categories

Defenders of the month