teemo

Member
  • Content Count

    3
  • Joined

  • Last visited

Community Reputation

0 Neutral

About teemo

  • Rank
    New Member
  1. Okay, thanks for your help. What do you think caused those 'black screen with only mouse cursor working' crashes? Have you ever heard of that before? ...and when I install emsisoft AV, is it okay to install apps like OS Armor and VoodDoo shield?
  2. Hi Kevin, First of all, thanks for helping me! I've run FRST with the custom txt file you gave me and attached the logs. The computer seems to be running fine, however it seemed fine before as well. Sophos was still in its 30 day trial when the computer 'crashed'. I wanted to give emsisoft AV a go, but didn't want another black screen of death. So I've held off installing any other security software other than Windows Defender for now... Fixlog.txt
  3. Hi There! In the interest of keeping this short and to the point, I believe I have some sort of persistent malware / rootkit / keylogger, which apparently, is able to survive a clean format and installation of Windows 10. Right now, I have a relatively clean installation (as far as I can ascertain) of Windows 10 Home 64bt, along with some minimal software: Chromium based Edge Browser Office 365 OneDrive Windows Defender I've attached the Emsisoft Rescue Kit and Farbar Recovery Scan logs per the instructions. --- Below is the, not so short, possibly irrelevant details about what was happening prior to the current configuration... I've been dealing with a stalker situation offline. Specifically, my upstairs neighbor. That along with some curious behavior from my laptop, led me to suspect malware. Additionally, I live in a city with an unusually robust community of hackers. There are over a dozen of hacking/coding/security boot camps within a 1 mile radius of where I live. It is not out of the realm of possibility here, as it might be elsewhere. I've also observed various fishy incidents: For instance, in one such incident, Windows Update, one day, notified me of a keyboard driver update, all of a sudden out of nowhere. When I went to verify these drivers with the manufacturer, there were no such drivers. (When I reinstalled Windows, as noted above, and updated all drivers, this same driver wasn't offered again.) When I initiated a support chat with Microsoft, the support technician directed me to a shady non-Microsoft site to get more information about this driver. It could just be Microsoft being cheap and hiring inexperienced support people, but it was extremely strange, and immediately set off alarm bells in my head. (I have screenshots of this incident if you would like to see. ) A terminal window starting popping up on every startup, apparently running some script, before quickly closing My BIOS admin/user password along with the startup lock disappeared all by itself Various suspicious Wi-Fi networks probing the area, and repeated disconnections, as might happen during a deauthorization attack. All this leading me to use ethernet instead instead of Wi-Fi. Numerous other incidents, which in retrospect were extremely suspicious and should have set off alarm bells. Before reinstalling Windows 10 from scratch*, for the final time, the following security software was installed on another clean installation of Windows 10: Sophos AV novirusthanks OS Armor Voodoo Shield malwarebytes Windows Firewall Control This resulted in a weird Windows "black screen of death" crash: Logon was normal Post Logon was greeted with a black screen showing only my mouse cursor, that's all (almost as if a remote desktop session had been initiated, but this is Windows 10 Home and I had disabled all remote access... CTRL+ALT+DEL did not work SHIFT + Power Button also didn't work Safe Mode Threw Errors when I tried to restore to an earlier restore point I consider myself relatively computer savvy, so yes, you can assume I tried all the usual tricks to boot into Windows, nothing worked. I did this a couple of times, installing only Sophos, or only OS Armor and VooDoo shield. They all ended with this black screen of death after an initial period of working. So I'm thinking, maybe those security programs set off some sort self-defense mechanism? So I started from scratch* and came here for help to see if perhaps I am missing something. I did notice in the Farbar logs something about a modified boot sector, but I'll leave the analysis to you... * Well, I started from scratch as much as I could. Normally, in this situation, I would have removed the drive entirely and attached it to another computer running Linux or something, and done full format, making sure I had overwritten everything, unfortunately, on this laptop, the main drive is an NVMe SSD located in a very difficult area to reach. Instead, in this case, I tried to overwrite everything using the Windows installation software on a USB stick I had made for me from a Microsoft Store in town. Addition.txt FRST.txt scan_200419-184855.txt