1972vet
Experts-
Posts
1,357 -
Joined
-
Last visited
Reputation
2 NeutralAbout 1972vet
- Birthday 04/01/1954
Profile Information
-
Interests
Computer security/malware
World history
Law enforcement
Recent Profile Visitors
13,919 profile views
-
Thanks Maurice for taking the time. The files are still present for whatever reason, but not causing any harm. Enough of your time has been spent chasing this ghost, but I do appreciate the time and attention. Good to know you're still working. As you might be able to tell from my profile, I haven't been active on these forums for about nine years now. My last big hurrah was the final five years I spent on the help sites as Microsoft MVP along with you and all the others. It was good, those years ago but time has been more precious and less available for me. Thanks again, and many good wishes for your future endeavors! vet
-
Yes, MS Defender is the only antivirus. MBAM is my more reliable defense so I didn't (haven't for years) install anything else. Microsoft Edge version for me is: Version 117.0.2045.31 (Official build) (64-bit) K, here we go: FSS.zip
-
K partner, here it is: Fixlog.zip
-
-
Fixlog.zip Nice ride, do your stuff Maurice!
-
smacked my forehead, here ya go SecurityCheck.zip
-
Here we go Maurice! FRST.zipAddition.zip
-
DEL66C7.tmp is the latest one
-
again, no joy, I'm baffled. I have several entries similar to these: + FullyQualifiedErrorId : RemoveFileSystemItemArgumentError,Microsoft.PowerShell.Commands.RemoveItemCommand Remove-Item : Cannot remove item C:\Windows\System32\DriverStore\Temp\DEL66F7.tmp: Access to the path is denied. At line:3 char:25 ...and now I found I have another one. These files obviously are being generated by some active process but I am hard pressed to find out what it is.
-
Thanks for the responses. Yes I've tried safe mode. Done all you suggested Maurice (btw, how've you been all these years?), scanned again with revo, junk files sill there.
-
1972vet started following Google account hacked
-
Need assistance in removing temp files in driver/store that have my curiosity piqued (see details below). I found these files when I ran a scan with Revo for junk files. These files showed up dated Sept. 8 in the early morning hours. Recently, I discovered a hack of my google account. When I investigated, I discovered three phone accounts with names I didn't recognize nor did I own, or have I ever owned, so I removed them from my google account, used a "send erase" request and changed my password. Hopefully now, they wont return. Two of those sign in dates for the intruders correspond nicely with the date of those errant temp driver store files. The other one signed in back in June, followed several months by the others. I've scanned of course with mbam and as usual, nothing found. Now, I cant say with certainty that these files resulted from anything nefarious, but I've not run across any temp driver files before that I couldn't remove. I suspect these files are left over from some uninstalled game driver probably related to bluestacks, although I haven't been able to nail that down. Only other coincidence is the google hack. My laptop is a Dell inspiron 15 running windows 11. I've only had it for these past several months. Anyone with suggestions is appreciated. Thanks! vet Details: Driver/Store temp files: C:\Windows|System32\DriverStore\Temp\DEL66F7.tmp C:\Windows|System32\DriverStore\Temp\DEL6727.tmp C:\Windows|System32\DriverStore\Temp\DEL6738.tmp C:\Windows|System32\DriverStore\Temp\DEL6748.tmp Intruders: Galaxy S21 Ultra 5G Crystal City, MO, USA Last activity: Yesterday, 5:10 AM Signed out First sign-in: Sep 7 Galaxy S22 Crystal City, MO, USA Last activity: September 7, 6:27 AM Signed out First sign-in: Sep 6 This session was used only briefly, and not recently. It’s already ended and has no access to your account. OnePlus5 Crystal City, MO, USA Last activity: September 5, 5:03 AM Signed out First sign-in: Jun 12 ...by the way, Crystal City is a neighboring town. I live just about three miles from there.
-
1972vet started following 51 New Detections by Malwarebytes - this has never happened before
-
Strange indeed. V2 products are sold in stores across the country and online. I've used them for years. If the WOT browser extension can't be trusted, then how can one learn to trust the evaluations from it. It's a real conundrum.
-
log.txt