Joined
·
8 Posts
So I have this Trojan and I can’t seem to get rid of it. I’ve got about 80 hours in this.
It hijacks all your drives
It jumps to your installed devices
It hijacks your usb and basically anything you plug into the computer
It is using <Lanman Work Station>
it communicates with a C2 server.
currently I just realized it’s starting my up on a virtual machine. Which is also how it runs loudminer.
everything I’ve been doing has been on this virtual machine and not my actual windows, which is why I haven’t been able to remove.
it effects your executable files.
Elf Trojan
R.A.T.
Backdoor
RootKit
Malware
C&C capabilities
Fileless Malware *
* Creates magic string numbers in the RAM
IT HAS DIRECT MEMORY ACCESS*
Big issue here^^^^
I can disable it if I do it properly
(however I can sometimes manage to get my computer to run in safe mode. When I do this successfully, without being on the enemies virtual machine, it does not run. I am able to use my computer like normal for the time being. All of my temperatures and cooling processes work correctly. nothing is over locked. Not sure if this is because it hasnt been triggered yet or what. Bringing that up, whenever I redo everything with known good replacements, starting with BIOS, it doesn’t activate right away. It waits for a so called “trigger” (Me doing something to complete the checklist before it starts abusing my system To the point of destruction).
This thing runs everything overclocked
also includes a nasty worm***
Trojan runs with virtual box on windows and Tini installer on Linux based OS’s
ive flashed windows BIOS with known good version
Re installed windows countless times over again
Reset windows countless times
Shredded Hard Drives **
Reformatted **
On windows I’ve scanned it with the following programs after using “attrib -r -h -s /s /s (C):\.”
(C) changing as needed
AVG
Mcafee
Norton
Avast
Kaspersky
On Linux Daemon based (as SU)
Chkrootkit
RKhunter
ClamAv
It hijacks all your drives
It jumps to your installed devices
It hijacks your usb and basically anything you plug into the computer
It is using <Lanman Work Station>
it communicates with a C2 server.
currently I just realized it’s starting my up on a virtual machine. Which is also how it runs loudminer.
everything I’ve been doing has been on this virtual machine and not my actual windows, which is why I haven’t been able to remove.
it effects your executable files.
Elf Trojan
R.A.T.
Backdoor
RootKit
Malware
C&C capabilities
Fileless Malware *
* Creates magic string numbers in the RAM
IT HAS DIRECT MEMORY ACCESS*
Big issue here^^^^
I can disable it if I do it properly
(however I can sometimes manage to get my computer to run in safe mode. When I do this successfully, without being on the enemies virtual machine, it does not run. I am able to use my computer like normal for the time being. All of my temperatures and cooling processes work correctly. nothing is over locked. Not sure if this is because it hasnt been triggered yet or what. Bringing that up, whenever I redo everything with known good replacements, starting with BIOS, it doesn’t activate right away. It waits for a so called “trigger” (Me doing something to complete the checklist before it starts abusing my system To the point of destruction).
This thing runs everything overclocked
also includes a nasty worm***
Trojan runs with virtual box on windows and Tini installer on Linux based OS’s
ive flashed windows BIOS with known good version
Re installed windows countless times over again
Reset windows countless times
Shredded Hard Drives **
Reformatted **
On windows I’ve scanned it with the following programs after using “attrib -r -h -s /s /s (C):\.”
(C) changing as needed
AVG
Mcafee
Norton
Avast
Kaspersky
On Linux Daemon based (as SU)
Chkrootkit
RKhunter
ClamAv
