Jump to content

DALEDANTONY

Members
  • Content Count

    6
  • Joined

  • Last visited

About DALEDANTONY

  • Rank
    New Member
  1. @AdvancedSetup Ok i’ll get the logs for you soon. But i don’t really use Microsoft Office, i have it installed but i never really go on it.. and this malware was put on my PC by opening a word document with malicious macro’s? do you think this could be bad?
  2. @AdvancedSetup Could you explain to me what these weird files appearing in my Temp folder is? They appear around the clock hour after hour and i don't really know what they are.
  3. @AdvancedSetup Hello again, here is the fixlog. Fixlog.txt
  4. @AdvancedSetup Hello, here are the reports as requested. mbamscan1.txt AdwCleaner[C00].txt FRST.txt Addition.txt
  5. I recently opened a Microsoft Word document i was sent my someone who i didn’t know very well. When i opened it my mind began racing as to why he would want me to open this... that’s when i got to googling and found out about “Malicious Macro’s”. That’s when i decided to have a look at my Task Manager, there i found a file called “Launch” in my Start-Up. I disabled it right away and then began finding more and more suspicious things running that i knew were not previously there. One was called “Coordinator.exe”. As i started digging more clicking on “Open-File-Location” i found a folder full of at least 100 python scripts... in my panic i deleted almost everything i suspected to be malicious... i found dozens of DAT files and text documents which are mostly appearing in Temp folders in Users>Local>Temp and Windows>Temp. The DAT files are all just named a random assortment of characters and the text documents are all called the name of my PC and then random numbers, these text documents are being dumped into Temp hour after hour and contain a sort of Log looking thing? However i don’t know what it is logging... I also found a file called “ZoomInfoContactContributor” blah blah blah.. I believe this to be a part of the malware as i have never used Zoom before. I did a google search and found that it could be malware, you can see it for yourself here: https://www.hybrid-analysis.com/sample/0ac026cc1f7a108f5fd908f7703d8af1d14735cff2556f230f902990321563b7?environmentId=120 although i could not really make sense of it. I have also done a MalwareBytes scan (with Rootkits box checked) and it found 0 Threats in an 8 hour scan... So what i want to know is... did i disrupt this malware in my tangent of deletion? or could it still be present somewhere undetected? Thanks in advance.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.