Jump to content


Photo

system check virus


  • Please log in to reply
10 replies to this topic

#1 duke_Qa

duke_Qa

    I've had this avatar since... 2003?

  • Network Staff
  • 3,837 posts
  • Location:Norway
  • Division:Revora
  • Job:Artist

Posted 16 January 2012 - 10:25 AM

Some people who work with computers might keep their mouths shut when they get viruses. Not me though, I like to share my incompetence with others :) (though i do it on this forum rather than on my twitter/facebook, so apparently I have some pathetic pride remaining)

Dunno what caused it, probably me searching the web for Norwegian game developer websites and loading a hacked site by one of the game-devs. Somehow I would have thought they would be able to keep their sites clean, but eh. First windows security essentials warned me of two files, so I figured something had gone wrong.

I tried to remove them, but it must have been too late. the thing took over and did that typical "your computah has problems, pay for full version to fix". I've seen enough of those around and done my share of them on other pc's. This one was a bit more nasty though, called "system check", it hid pretty much every file on the computer, making it a bit hard to ignore.

After a reboot-safemode.w.network and some bleepingcomputers guides and rkill, tdsskiller, unhide.exe, and mbab, and manually msconfig'ing out a startup link that the other programs didn't catch for some reason... I think I've gotten rid of most of it, but I'm worried that my rootkit-removal skills are slim-to-none, so I'm not sure how long this will last if its still in there. Doing a full essentials scan again now, hoping to find the renamed virus files and the likes.

Edited by duke_Qa, 16 January 2012 - 10:28 AM.

"I give you private information on corporations for free and I'm a villain. Mark Zuckerberg gives your private information to corporations for money and he's 'Man of the Year.'" - Assange


#2 Pasidon

Pasidon

    Splitting Hares

  • Network Admins
  • 9,126 posts
  • Location:Indiana
  • Projects:Writing Words With Letters
  •  I Help
  • Division:Community
  • Job:Community Admin

Posted 16 January 2012 - 07:09 PM

Sounds nasty. But I dunno why you're using Window's SE... get Avast. Used it for years and I've never gotten burgled by a virus. It's amazing the stuff it catches.

#3 duke_Qa

duke_Qa

    I've had this avatar since... 2003?

  • Network Staff
  • 3,837 posts
  • Location:Norway
  • Division:Revora
  • Job:Artist

Posted 16 January 2012 - 08:11 PM

It's what all the local it-guys are recommending these days, light and discrete. malwarebytes and manual fixes is what gets used once something goes wrong anyway.

"I give you private information on corporations for free and I'm a villain. Mark Zuckerberg gives your private information to corporations for money and he's 'Man of the Year.'" - Assange


#4 Pasidon

Pasidon

    Splitting Hares

  • Network Admins
  • 9,126 posts
  • Location:Indiana
  • Projects:Writing Words With Letters
  •  I Help
  • Division:Community
  • Job:Community Admin

Posted 16 January 2012 - 08:16 PM

Neh... true. But that reminds me... you didn't pick up that virus from your new little voxel program, did ya'?

#5 duke_Qa

duke_Qa

    I've had this avatar since... 2003?

  • Network Staff
  • 3,837 posts
  • Location:Norway
  • Division:Revora
  • Job:Artist

Posted 16 January 2012 - 11:01 PM

Nah, was searching for Norwegian game-developers and related forums. Someone among them apparently have gotten their websites infected.

"I give you private information on corporations for free and I'm a villain. Mark Zuckerberg gives your private information to corporations for money and he's 'Man of the Year.'" - Assange


#6 Pasidon

Pasidon

    Splitting Hares

  • Network Admins
  • 9,126 posts
  • Location:Indiana
  • Projects:Writing Words With Letters
  •  I Help
  • Division:Community
  • Job:Community Admin

Posted 16 January 2012 - 11:33 PM

Well that doesn't leave a good impression of Norwegian sites for me.

Well good thing I have Avast Virus Database. It lets me browse the sites I like for free with ease! And the best part is that I know my computer is safe for me and my family. Thanks Avast!

#7 {IP}Solstice

{IP}Solstice

    The Relayer

  • Project Team
  • 461 posts
  • Location:Kentucky, United States

Posted 17 January 2012 - 05:58 AM

I know what you feel, I had some virus last november called "AV protection 2011" and it was really annoying, until that is, I got Eset Smart Security 2011 and wiped it. My computer has been a bit slower since then though.:dry:
my political compass: http://www.political...-4.75&soc=-5.69
my website: http://future4.weebly.com/ (out of date)

#8 Phil

Phil

    Force Majeure

  • Network Leaders
  • 7,976 posts
  • Location:Switzerland
  • Projects:Revora, C&C:Online
  •  Thought Police
  • Division:Revora
  • Job:Network Leader
  • Donated
  • Association

Posted 17 January 2012 - 07:11 PM

Nah, was searching for Norwegian game-developers and related forums. Someone among them apparently have gotten their websites infected.

What browser do you use? Do you run with admin rights? Normally a hacked website shouldn't actually be able to infect your computer.

As for rootkits, try RootkitRevealer. Also some other tools by Sysinternals like Process Explorer and Process Monitor might be helpful.

revorapresident.jpg
My Political Compass

Sieben Elefanten hatte Herr Dschin
Und da war dann noch der achte.
Sieben waren wild und der achte war zahm
Und der achte war's, der sie bewachte.


#9 duke_Qa

duke_Qa

    I've had this avatar since... 2003?

  • Network Staff
  • 3,837 posts
  • Location:Norway
  • Division:Revora
  • Job:Artist

Posted 17 January 2012 - 10:11 PM

I've turned my UAC to a minimum, so that might be a part of the problem now that I think about it. I'll give it a go tomorrow to see if it finds something new.

"I give you private information on corporations for free and I'm a villain. Mark Zuckerberg gives your private information to corporations for money and he's 'Man of the Year.'" - Assange


#10 Beowulf

Beowulf

    Shipgirl

  • Advisors
  • 7,219 posts
  •  Azur Lane Fangirl

Posted 18 January 2012 - 10:24 AM

I use MSE and it hasn't let me down. But damn man, how do you people get viruses? It's crazy...

NZ.org | BBPCG
Discord: The Astronomer#1314
Steam


#11 duke_Qa

duke_Qa

    I've had this avatar since... 2003?

  • Network Staff
  • 3,837 posts
  • Location:Norway
  • Division:Revora
  • Job:Artist

Posted 18 January 2012 - 02:14 PM

Or you are just too vain to admit you got a problem :p. I bet you wrote that post while gritting your teeth because of anti-virus scam spam and getting your web browser popping up a new spam-site for every word you wrote :D

" *bling* Virus? moi? *bopbopbop* never, ever,ever... happened... *pop-pop-pop...poppopop*. I'm just that good."

"I give you private information on corporations for free and I'm a villain. Mark Zuckerberg gives your private information to corporations for money and he's 'Man of the Year.'" - Assange





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users