Jump to content

DannyBoyRP

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. When Ur Ransom comes from the backdoor and make hte spagheti
  2. Yeah haha, I got no feedback and i had work to do so i had to rely on a fresh install, it'd still would be cool to get information about the virus
  3. Haha thank you for sharing your research! Funny thing is that I already installed a fresh OS since i figured i shouldnt leave myself hanging over a compromised operating system and instead flash a clean one again haha Thank you again my fellow friend! I just hooked my backup drivers again so I hope I dont get myself doofed again haha
  4. Best timing during the ransom global attack situation, if it won't make you panic seeing your web protection getting disabled
  5. Same here, used mbam clean processes 2 and reinstalled my malwareytes, no dice Can't scan either, it just cancels immediately I think it has to do with the latest updates
  6. First of all, sorry but I cannot provide a FRST scan.. im sorry... I cannot open it in safe mode and im extremely afraid to go to safe mode since my computer is compromised I hope you understand! thank you!! Hey! I just reformatted my PC two days ago and today I got backdoor attacked, my computer is compromised, I need help to prevent it from happening on the next install, scanning my computer right now is nearly as very dangerous since most of the scans I would have to perfom would be in normal boot where the ransomeware is active. So short long story, Two years ago I was infected with a Bitcoin Miner that used to launch wscript executes, it was very hard to remove and I had to reformat my computer, I saved all my documents, pictures, photoshop files, adobe flash files and Sai Paint Tool files, I made sure not to leave any trace of zip\exe files (all though dll files can be infected too but I didnt have any of them to execute by another program) The only files I could execute is my artwork and adobe files, and pictures i guess I backed up all of these files on a spare clean HDD that i made sure to reformat, I scanned the HDD, no viruses. I havent used the HDD for two years not until two days ago My previous operating system, which was windows 10 was questionably infected so I backed up my files and formatted the PC two days ago Two days ago I have installed a clean fresh new Windows 10 OS, plugged in all of my backup data, but from 2 years ago and from the previous operating system I made sure to scan every program, installation or any files that are exe\rar\dll or just suspicious, i made sure to scan them with malwarebytes, defender and virus total since I wanted to be super careful and careful and now allow anything dangerous to get injected into my pc, even if i got a false positive on a program, I would not install it or execute it. Today a hour ago my malwarebytes started popping out malicious traffic, it's domain was 3.winsrw.com 4.winsrw.com...etc Windows Defender jumped in at the same moment, notifying me about the Clavir.d!cl virus, I couldnt get much any information about it on google I opened my task manager and went to startup, and theres a new loggon called Qatuvdz, couldnt find any information about it either, but heres a screenshot + location Windows Defender was trying to delete the virus, but it only comes back instead, I immediately disconnected from the internet, started browsing the Event Viewer and apparently for the past hour, there were new registry changes, new user creations and privilege creations, loggon edits and etc Before I deleted the virus file, I uploaded it to virus total: https://www.virustotal.com/en/file/5f7556de1fd33558baa96adc953eea1c15353c7f73c60f16354efab6b288fac9/analysis/1494869968/ Im in Safe mode, backing up my files, my computer is totally compromised. I have so many questions, I dont want to trigger it again and let it consume my computer! Q. what is this virus? any ideas? Q. How do I find out what triggered the virus? how do I know what brought the virus to live, anything could bring it to live! Q. Could my back up data, like music, sai. fla. swf. png.psd.pdf.txt. files be infected or are in risk of being encrypted and dangerous? Q. What other stuff should I do to prevent the virus from coming back? is there any ideas? I tried looking up articles outside the forum and inside the forum and I couldnt find anything too personal, could I get a personal opinion? Q. I am using chrome, creative cloud, archive programs like winrar and 7z and other programs, am I in risk of getting infected again next time from logging in? could I also get infected from logging into my microsoft account on my windows? Q. could my boot be infected? I just dont want it to happen again (
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.