Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dclogs - Concerning discovery, looking for some advice


  • This topic is locked This topic is locked
1 reply to this topic

#1 Bogen

Bogen

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:04 AM

Posted 04 March 2014 - 10:03 PM

Hi Guys,
 
Hoping someone can help me here.
 
I recently ran a thorough scan of my HDD using Malware bytes. It found a folder in AppData / Roaming titled dclogs and inside this loads of .dc files which Malwarebytes marked as "Stolen.Data".
 
These .dc files started around January of 2013 and the last one being in October of 2013 (they just stopped being created then).  My antivirus hadn't picked up anything problematic during this time.
 
I read up on what these files were and I understand them to be darkcomet / trojan log files.
 
I opened up some of the .dc files in notepad and sure enough they were full of private information (contents of emails, passwords, usernames etc.).  Very worrying.
 
I have a HIPS firewall (on PC and another separate firewall on router) and I don't allow anything to go through this firewall without me approving it and creating a rule to allow or deny.  There hasn't been any entry in my Firewall allow/deny tables for anything out of the ordinary for the last couple of years.
 
Guess I'm sort of looking for some sort of peace of mind really as the contents of these dc log files was alarming, loads of personal information - Is it likely that the contents of these files was accessed by someone or does whatever app generate these logs automatically and the files just sit there?  Would my firewall have likely protected me?
 
I've had no email, social or any type of online account breaches or anything in years.
 
Thanks,
 
Mike

Edited by Bogen, 04 March 2014 - 10:06 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:04 AM

Posted 05 March 2014 - 07:52 AM


:welcome: to Bleeping Computer.

I see you have also posted a duplicate topic here at the Malwarebytes forum and are already receiving assistance this morning. Since Malwarebytes made this detection and your questions are being addressed there, please continue in that topic.

You should not start new threads or duplicate topics elsewhere as this causes confusion and prevents your helper from knowing what else you have done when asking for and receiving assistance at another forum. This in turn makes it more difficult to resolve the issues you are dealing with.

Thanks for your cooperation.

The BC Staff

This thread is closed. If you have any questions, please PM me or another Moderator.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users