Pages:
Author

Topic: I may have been dosed with malware (Read 1142 times)

full member
Activity: 476
Merit: 101
August 15, 2017, 01:37:46 AM
#24
First rule while online, Think before you click!

1: If you think or you feel that you get infected with malware, immediately remove your connection from the network, to eliminate the spread of malware.

2. boot from Safe Mode, run anti-malware, you may try using Malwarebyte, Superanti-spyware, registry cleaner like Ccleaner. run full scan.

3. you may use bootable anti-malware, bootable CD or USB loaded with anti-malware (like mcafee, kaspersky etc.)

4. change all necessary login password

5. keep in mind that there are NO perfect anti-malware created and there is NO safe place for workstation when connected in the network.

6. even Enterprise companies are facing the same problem.


The last thing you can do, share your blessing with us!

newbie
Activity: 36
Merit: 0
August 13, 2017, 12:30:38 PM
#23
Thanks again, My only problem now is that the only USB drive I have, has been connected to the computer i want to wipe, so i can't create an ISO on it without the risk of just copying the virus over again.
It'll have to wait until i get a new one i guess.
cheers
full member
Activity: 280
Merit: 100
August 13, 2017, 12:23:23 PM
#22
Well ...
if someone has access to your teamviewer-logindata, that person could load files on your pc and execute them.
If there were known exploits for random teamviewer-takeovers, you would have read about it.
There are tons of ways that a stealer / keylogger could do damage.
Even if someone changed the receive-address you are mining to it would make you mine for nothing until you notice.
Unlikely but well ... you never know who is on the other end.  Wink
newbie
Activity: 36
Merit: 0
August 13, 2017, 12:14:54 PM
#21
Thank you all! Excellent posts all round and not one of you called me a fool for falling for a potential scam.
The machine in question is my mining rig and as such I don't have any real information on it and it is still mining to my wallet.
To play it safe I am going to follow your advice and do a fresh windows install and flash the BIOS.
Probably a daft question but is it remotely possible that TeamViewer could have transmitted the virus to my other computer?
full member
Activity: 280
Merit: 100
August 13, 2017, 10:00:21 AM
#20
If you want to go really sure, move your funds to different wallets. In case that thing contained a keylogger, your passphrase to unlock is known.
It can sometimes take a day or two until someone analyzes the keylogger and smtp-dump. You never know if that thing was a lame or a sophisticated one.
Or your private-keys if they were stored in textfiles or something like that.
Finally formatting the whole thing will be the best way to come clean if you are no expert in malware-fighting.
sr. member
Activity: 490
Merit: 252
http://VKcams.com/
August 13, 2017, 09:46:32 AM
#19
You should be careful when entering dangerous links.

What is Your way to checking if the link is dangerous?
How You Check a Suspicious Link Without Clicking it?
member
Activity: 69
Merit: 100
August 13, 2017, 09:42:30 AM
#18
You should be careful when entering dangerous links. When downloading files before decompressing should look closely at the file information. There is currently a virus stealing bitcoin information.
legendary
Activity: 3808
Merit: 1723
August 13, 2017, 03:44:29 AM
#17
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.

Just one format doesnt always get rid of a virus.

Yes it does.
hero member
Activity: 812
Merit: 500
August 13, 2017, 01:03:49 AM
#16
Check programs running ctrl+alt+del.If you found stop and delete.
sr. member
Activity: 2142
Merit: 353
Xtreme Monster
August 13, 2017, 12:58:09 AM
#15
Come on which world are you trolls living on, antivirus never detects anything worth detecting, antivirus only detect things that are not worth detecting. I advise you to reinstall the operational system, that is the only way, also, next time run the program in a sandbox.
member
Activity: 136
Merit: 16
August 13, 2017, 12:33:26 AM
#14
True, only way to be completely sure is to throw away the hard drive. Of course the new drive could be compromised by the manufacturer or somewhere else along the supply chain.

Also you better toss out the motherboard too as the BIOS could have compromised that would simply reload the virus on any new installs. Even flashing the BIOS with a new image may not remove it completely.

Don't forget your mouse and keyboard in case they have store memory (macros).  Better get rid of your speakers, too; Devil's music can corrupt your mind.  Same with your monitor to eliminate "internet temptation."
The power cord should be fine.  Keep that.
newbie
Activity: 29
Merit: 0
August 12, 2017, 11:39:24 AM
#13
Run Rogue Killer, AdwCleaner, Farbar Recovery Scan Tool, Junkware Removal Tool. Also run microsoft's process explorer and watch carefully for unwanted processes.
full member
Activity: 227
Merit: 100
August 12, 2017, 10:53:01 AM
#12
if i created a "pay for play" miner for which i charged a hefty fee ( hefty for a small miner), and then suddenly i saw my miner being shared for free all over the place - i too would create a rumor that the shared miner contains malware Smiley

not saying that's what happened, just saying that's what i would do.

if you tried a couple of up to date av's and everything is coming back clean, then chances are you're clean.  if this is a machine you do your banking on, then it may pay to be extra paranoid and wipe/format/start over just in case.  but that's being extra paranoid.

member
Activity: 67
Merit: 10
August 12, 2017, 10:30:08 AM
#11
You should be careful with the link is not credible offline.
newbie
Activity: 14
Merit: 0
August 12, 2017, 09:12:13 AM
#10

Be careful with strange links.
It may have infected the virus on your computer.
legendary
Activity: 1078
Merit: 1011
August 12, 2017, 09:10:49 AM
#9
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.

Just one format doesnt always get rid of a virus.

True, only way to be completely sure is to throw away the hard drive. Of course the new drive could be compromised by the manufacturer or somewhere else along the supply chain.

Also you better toss out the motherboard too as the BIOS could have compromised that would simply reload the virus on any new installs. Even flashing the BIOS with a new image may not remove it completely.

Point is there is no 100% sure fire way, but I agree a format of the SDD, and if you can a motherboard BIOS flash, even if you are overwriting the same version but with a new one downloaded from the manufacturer from a known clean machine and on a new USB. These steps should get you to 99% confidence of a clean machine at least.
hero member
Activity: 1036
Merit: 606
August 12, 2017, 09:07:54 AM
#8
don't forget rootkits and bootkits.  Shocked

A rootkit on a drive would be eliminated by a full format of the drive. A bootkit virus it that writes itself to the MBR would also be eliminated with a full format of the drive.
full member
Activity: 1123
Merit: 136
August 12, 2017, 09:02:54 AM
#7
don't forget rootkits and bootkits.  Shocked
hero member
Activity: 1036
Merit: 606
August 12, 2017, 08:52:24 AM
#6
A full format will certainly overwrite all the data on the drive and the boot sector so it's no longer recoverable except by forensic software. If you are dealing with malware that copies itself over the network to mapped network drives or that writes itself to the Bios, then yes, a format of the compromised drive would not completely eliminate that type of malware. It's also possible to compromise other systems on your network by sharing USB drives on a system that's been compromised with malware.
full member
Activity: 1123
Merit: 136
August 12, 2017, 08:34:17 AM
#5
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.

Just one format doesnt always get rid of a virus.
Pages:
Jump to: