Jump to content

lucaro2708

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. lucaro2708
    Those files where modified by the rat, is it possible to recover them or they are just usless data now?
  2. lucaro2708
    I had no idea really. I reuploaded the file.
  3. lucaro2708
    Do i have to link this thread when i upload the file? Anyway you can find the logs attached. Quarantine_161004-200347.txt FRST.txt Addition.txt
  4. lucaro2708
    Oh, sorry i really tought i already replied but the reply wasn't sent proprely i think. So i uploaded the file to the site that you linked and you can find the log attached to this post. ScanLog.txt
  5. lucaro2708
    Hi, sorry for the day delay but i have been busy lately. Anyway, i wasn't aware about the keylogger that you have found, should i do something about it? Instead i know about NO-IP, the dynamic DNS program, and it's a perfectly fine software that shouldn't be malicious. I ran the farbar fix and you can find the log attached, it restarted the computer and i don't see the RAT anymore. Malwarebytes on the other hand doesn't want to start up... should i try a fresh install of it? Fixlog.txt
  6. lucaro2708
    I think for now the best is to try to cleanup the malware before the format part. Regarding the pirated software, for malwarebytes i tried a portable version because i couldn't run the installer, i don't know if that is considered piracy but i removed everything related to the software mentioned.
  7. lucaro2708
    UPDATE: It has renamed some folders into scoped_dir_xxxx_xxxxx as x are random numbers and i think i found the keylogger/rat logs in AppData\Roaming\Imminent\Logs they are named with the date and they are encrypted.
  8. lucaro2708
    Thanks for the quick reply, i did the scan and you can find the file attached. Hope to really get this fixed soon as it's a quite serious security problem. I already blocked the processes with a couple of firewall programs (GlassWire and NetBalancer) to try to limit the remote access. FRST.txt Addition.txt
  9. lucaro2708
    Hi, so i'm facing this infection with this virus that creates 2 processes named audiolog.exe that reopen when both terminated + in the bar there is a NanoCore icon, i did some research and it is a rat program. So i tried to install malwarebytes but it crashes the installer with all sorts of errors. If you need logs or anything i will provide them as fast as i can This is kinda urgent because this is my workstation and many files are in risk. Thanks in advance
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.