I have a hidden disk reappearing at each reboot after I format it. This jumping disk contains suspicious dlls (dlls listed in attachement). that can't be seen by any program I have tried. They occupy disk space (image 1 and 2). They might be normal files or files deployed to obfuscate antivirus scans, since they correspond to antivirus installed. To confirm this, once I delete these dlls, I can see new files in the dll scanner (used: no virus please dllexplorer.exe).
These drivers keep jumping from one drive to another after I format them disks
Once I delete these dlls from the disk and rescan for suspicious dlls I can finally get new entries of new dlls tagged as suspicious on other disks as well. To delete them I have to wipe the partition (format). I believe there might be dll hooks, yaguard stopped some explorer.exe attempt. Fixed hooks reported by Avz and suspicions for trojans, PC hunter showing some irregularities still (images below). I was able to remove hooks in red from origin.exe and disable a guest account that I never created (they are disabled). Any way to stop replication these disk?
I notice hacker activity when I use origin.exe by EA (gaming app), razer and discord. Uninstalled them completely. I suspect I have been hacked since I saw a crackwin10tool appearing live on my desktop not long ago (closed thread 'hacker activity because nobody answered me). Removing these apps was very hard, they were alot of leftovers as sys drivers.
this is the cracktool deployed by hacker (my windows is geniune), this happened after I clicked a link of somebody who appeared trustful on discord (I am still unsure if this is pure coincidence)
it might everything alright just the disk that keeps recreating, I only get suspisous files and no full confirmation (maybe they are created by some AV or windows). I would be suprised this is a hacker acitivity since I have nothing of interest on PC and just a non commercial boring user.
Edited by lucidstorm, 16 January 2018 - 12:31 PM.