Avalanche-ranbyus

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by vvgomez, Dec 22, 2016.

  1. vvgomez

    vvgomez Private First Class

    Hello,

    My internet provider (Rogers) notified me that my network is infected with "avalanche-ranbyus".

    TYPE: avalanche-ranbyus
    SRC_PORT: 56698
    DST_PORT: 80
    HTTP_HOST: drarequrxytgjfdvc.net
    DST_IP: 216.218.185.162
    DST_ASN: 6939
    DST_GEO: US
    NAICS: 518210
    SIC: 737415
    SECTOR: Communications

    I have to clean my devices or the service would be cut. Tough guys!!!

    I have two devices that can be the target, so please find the attached logs of the first one, a laptop Toshiva running under Windows 10.
    Please, let me know if some log or step is missing and how to get rid of this or whatever thread you could find in the logs.

    Thank you so much in advance.

    vv
     

    Attached Files:

    vvgomez, Dec 22, 2016
    #1
  2. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    The missing file upload, C:\MGlogs.zip, is still needed.
     
    dr.moriarty, Dec 27, 2016
    #2
  3. vvgomez

    vvgomez Private First Class

    You are complete right, I'm so sorry. I missed that step, so I will be back with that missing information as soon as I have it done.
    Thank you for pointed it out and for your time and help!
     
    vvgomez, Dec 28, 2016
    #3
  4. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    You're welcome. :)
     
    dr.moriarty, Dec 28, 2016
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds