Jump to content

Imminent Monitor log files found? More cleaning needed?


JDTech
 Share

Recommended Posts

Hello,

Hopefully, I have posted in the right place. So, some backstory. Couple days ago, several sites reported suspicious logins. I changed the passwords, thinking it was just somebody stole my password. Then, more suspicious activity. I was surprised, but just in case, I used only my Linux laptop for logging in. It stopped, so I run MalwareBytes to see if there's maybe a keylogger. Here's the logfile:

Quote

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2016-11-11
Scan Time: 3:01 PM
Logfile: 
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.11.11.09
Rootkit Database: v2016.10.31.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: dmjoe_000

Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 447889
Time Elapsed: 2 min, 57 sec

Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.Ludashi, HKLM\SOFTWARE\WOW6432NODE\COMPUTERZ, , [37ce0bb4d8c29c9a750ed8f058ab6f91], 
PUP.Optional.DriverAgentPlus, HKU\S-1-5-21-558652057-855349725-1654120186-1004\SOFTWARE\ESUPPORT.COM\DriverAgent, , [0203f2cdb8e279bde20b24b8669cb54b], 

Registry Values: 1
PUP.Optional.Ludashi, HKLM\SOFTWARE\WOW6432NODE\COMPUTERZ|Setup Path, C:\Program Files (x86)\Ludashi, , [37ce0bb4d8c29c9a750ed8f058ab6f91]

Registry Data: 0
(No malicious items detected)

Folders: 1
Trojan.StolenData, C:\Users\dmjoe_000\AppData\Roaming\Imminent\Logs, , [b64fbd02aaf01b1b61621b990ef4827e], 

Files: 4
Trojan.StolenData, C:\Users\dmjoe_000\AppData\Roaming\Imminent\Logs\01-11-2016, , [b64fbd02aaf01b1b61621b990ef4827e], 
Trojan.StolenData, C:\Users\dmjoe_000\AppData\Roaming\Imminent\Logs\02-11-2016, , [b64fbd02aaf01b1b61621b990ef4827e], 
Trojan.StolenData, C:\Users\dmjoe_000\AppData\Roaming\Imminent\Logs\03-11-2016, , [b64fbd02aaf01b1b61621b990ef4827e], 
Trojan.StolenData, C:\Users\dmjoe_000\AppData\Roaming\Imminent\Logs\29-10-2016, , [b64fbd02aaf01b1b61621b990ef4827e], 

Physical Sectors: 0
(No malicious items detected)


(end)

Searching online, I think I might have the Imminent Monitor backdoor trojan. I am not sure, so can somebody have a look at this?

Thanks in advance :)

Link to post
Share on other sites

  • Staff

Please download Zemana AntiMalware and save it to your  Desktop.

  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scanto begin.
  • After the short scan is finished, if threats are detected press Next to remove them.


Note:
If restart is required to finish the cleaning process, you should click
Reboot
. If reboot isn't required, please restart your computer manually.

  • Open Zemana AntiMalware again.
  • Click on 4zu6vb.jpg icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • The only left thing is to attach saved report in your next message.

 


 

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.