Tech Support Forum banner
Status
Not open for further replies.
1 - 7 of 8 Posts

·
Registered
Joined
·
8 Posts
Discussion Starter · #1 · (Edited)
So I have this Trojan and I can’t seem to get rid of it. I’ve got about 80 hours in this.

It hijacks all your drives

It jumps to your installed devices

It hijacks your usb and basically anything you plug into the computer

It is using <Lanman Work Station>

it communicates with a C2 server.

currently I just realized it’s starting my up on a virtual machine. Which is also how it runs loudminer.

everything I’ve been doing has been on this virtual machine and not my actual windows, which is why I haven’t been able to remove.

it effects your executable files.
Elf Trojan
R.A.T.
Backdoor
RootKit
Malware
C&C capabilities
Fileless Malware *

* Creates magic string numbers in the RAM

IT HAS DIRECT MEMORY ACCESS*
Big issue here^^^^
I can disable it if I do it properly

(however I can sometimes manage to get my computer to run in safe mode. When I do this successfully, without being on the enemies virtual machine, it does not run. I am able to use my computer like normal for the time being. All of my temperatures and cooling processes work correctly. nothing is over locked. Not sure if this is because it hasnt been triggered yet or what. Bringing that up, whenever I redo everything with known good replacements, starting with BIOS, it doesn’t activate right away. It waits for a so called “trigger” (Me doing something to complete the checklist before it starts abusing my system To the point of destruction).

This thing runs everything overclocked

also includes a nasty worm***


Trojan runs with virtual box on windows and Tini installer on Linux based OS’s


ive flashed windows BIOS with known good version

Re installed windows countless times over again

Reset windows countless times

Shredded Hard Drives **

Reformatted **

On windows I’ve scanned it with the following programs after using “attrib -r -h -s /s /s (C):\.

(C) changing as needed

AVG
Mcafee
Norton
Avast
Kaspersky



On Linux Daemon based (as SU)

Chkrootkit
RKhunter
ClamAv
 

·
Registered
Joined
·
8 Posts
Discussion Starter · #5 ·
Just click the link I provided above. After you post the results of the scan, that will tell our malware helpers all they need to know about your system.
So issue*

I can’t load my version of windows (the one I purchased)

The malware stops all updates
This is an issue because I have to be connected to internet in order to update which immediately triggers the C2 server and the malware’s remote commands.
 

·
Registered
Joined
·
8 Posts
Discussion Starter · #6 ·
I know where the malware came from. I know you need your report before you’ll give help, I’m just making you aware ahead of time.

I let a fellow music producer use my computer. He downloaded a torrented program on my pc.
 
1 - 7 of 8 Posts
Status
Not open for further replies.
Top