Hello everyone.

I created a few threads before because 1 (or maybe more) accounts were compromised.
I started to check the devices to see who was the culprit. Looks like the router isn’t the culprit and I’m still checking the phone. So still remains the PC and tablet
Both doesn’t have any symptoms, but their absence isn’t always a good thing.

As in the pinned thread, I will upload all logs from both PC and tablet. And I also scanned both with Avast full scan, MBAM full scan, ESET Online Scan, Windows Defender Scan and Avast restart scan: nothing detected.

Also, the MBR scan on the tablet gave an error, i will still upload the log.

And I will double post to post the rest of the logs.

Thank you, and sorry for any problems.

The rest of the logs.

How do you know your account(s) have been compromised? Your logs and DNS look fine so maybe some more details will help.

Well, the account that got compromised was from Crunchyroll.
I’m using it in 4 devices: PC, tablet, phone and the PS Vita (this one has been months that I don’t use it).
Few days ago, all apps that were logged with my account were suddenly logged out.
That never happenned before, so I called the support to check if everything is ok.
They told me that someone logged from my account in Washignton DC (I’m from Brazil).

So, that could only happen if one of the devices were compromised (or maybe I’m really unlucky).
I can’t check the PS vita, but I’m betting it’s all ok with that.
I’m keeping my eyes open with the phone.
And now, since you said that the PC and tablet looks fine, I don’t know how someone got access to it.

Some other info:

• I never log in with my Crunchyroll account in other computers, only in those devices.
• Few days ago, I was suddenly logged out twice from my Avast account too (here from the forums). In the first time, I didn’t remember the password, so I had to create a new one. But in the second time, I just typed my password and it worked, so I really don’t know if someone really got access to it.

Your logs show no signs of any compromise there. This sounds like a MITM / DNS-jacking attack. The best defense would be be a new router / change passwords and possibly use a VPN for sensitive information (banking) transactions. Info on how to prevent this type of attack can be found here.

Ok then. Thank you for your help.
I will be changing my passwords now for safety purposes.

EDIT: Just to know, AIS comes with secure DNS, shouldn’t it be protecting me against DNS jacking?