First rule while online, Think before you click!
1: If you think or you feel that you get infected with malware, immediately remove your connection from the network, to eliminate the spread of malware.
2. boot from Safe Mode, run anti-malware, you may try using Malwarebyte, Superanti-spyware, registry cleaner like Ccleaner. run full scan.
3. you may use bootable anti-malware, bootable CD or USB loaded with anti-malware (like mcafee, kaspersky etc.)
4. change all necessary login password
5. keep in mind that there are NO perfect anti-malware created and there is NO safe place for workstation when connected in the network.
6. even Enterprise companies are facing the same problem.
The last thing you can do, share your blessing with us!
Topic: I may have been dosed with malware (Read 1134 times)
Thanks again, My only problem now is that the only USB drive I have, has been connected to the computer i want to wipe, so i can't create an ISO on it without the risk of just copying the virus over again.
It'll have to wait until i get a new one i guess.
cheers
It'll have to wait until i get a new one i guess.
cheers
Well ...
if someone has access to your teamviewer-logindata, that person could load files on your pc and execute them.
If there were known exploits for random teamviewer-takeovers, you would have read about it.
There are tons of ways that a stealer / keylogger could do damage.
Even if someone changed the receive-address you are mining to it would make you mine for nothing until you notice.
Unlikely but well ... you never know who is on the other end.
if someone has access to your teamviewer-logindata, that person could load files on your pc and execute them.
If there were known exploits for random teamviewer-takeovers, you would have read about it.
There are tons of ways that a stealer / keylogger could do damage.
Even if someone changed the receive-address you are mining to it would make you mine for nothing until you notice.
Unlikely but well ... you never know who is on the other end.
Thank you all! Excellent posts all round and not one of you called me a fool for falling for a potential scam.
The machine in question is my mining rig and as such I don't have any real information on it and it is still mining to my wallet.
To play it safe I am going to follow your advice and do a fresh windows install and flash the BIOS.
Probably a daft question but is it remotely possible that TeamViewer could have transmitted the virus to my other computer?
The machine in question is my mining rig and as such I don't have any real information on it and it is still mining to my wallet.
To play it safe I am going to follow your advice and do a fresh windows install and flash the BIOS.
Probably a daft question but is it remotely possible that TeamViewer could have transmitted the virus to my other computer?
If you want to go really sure, move your funds to different wallets. In case that thing contained a keylogger, your passphrase to unlock is known.
It can sometimes take a day or two until someone analyzes the keylogger and smtp-dump. You never know if that thing was a lame or a sophisticated one.
Or your private-keys if they were stored in textfiles or something like that.
Finally formatting the whole thing will be the best way to come clean if you are no expert in malware-fighting.
It can sometimes take a day or two until someone analyzes the keylogger and smtp-dump. You never know if that thing was a lame or a sophisticated one.
Or your private-keys if they were stored in textfiles or something like that.
Finally formatting the whole thing will be the best way to come clean if you are no expert in malware-fighting.
You should be careful when entering dangerous links.
What is Your way to checking if the link is dangerous?
How You Check a Suspicious Link Without Clicking it?
You should be careful when entering dangerous links. When downloading files before decompressing should look closely at the file information. There is currently a virus stealing bitcoin information.
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.
Just one format doesnt always get rid of a virus.
Yes it does.
Check programs running ctrl+alt+del.If you found stop and delete.
Come on which world are you trolls living on, antivirus never detects anything worth detecting, antivirus only detect things that are not worth detecting. I advise you to reinstall the operational system, that is the only way, also, next time run the program in a sandbox.
True, only way to be completely sure is to throw away the hard drive. Of course the new drive could be compromised by the manufacturer or somewhere else along the supply chain.
Also you better toss out the motherboard too as the BIOS could have compromised that would simply reload the virus on any new installs. Even flashing the BIOS with a new image may not remove it completely.
Also you better toss out the motherboard too as the BIOS could have compromised that would simply reload the virus on any new installs. Even flashing the BIOS with a new image may not remove it completely.
Don't forget your mouse and keyboard in case they have store memory (macros). Better get rid of your speakers, too; Devil's music can corrupt your mind. Same with your monitor to eliminate "internet temptation."
The power cord should be fine. Keep that.
Run Rogue Killer, AdwCleaner, Farbar Recovery Scan Tool, Junkware Removal Tool. Also run microsoft's process explorer and watch carefully for unwanted processes.
if i created a "pay for play" miner for which i charged a hefty fee ( hefty for a small miner), and then suddenly i saw my miner being shared for free all over the place - i too would create a rumor that the shared miner contains malware 
not saying that's what happened, just saying that's what i would do.
if you tried a couple of up to date av's and everything is coming back clean, then chances are you're clean. if this is a machine you do your banking on, then it may pay to be extra paranoid and wipe/format/start over just in case. but that's being extra paranoid.
not saying that's what happened, just saying that's what i would do.
if you tried a couple of up to date av's and everything is coming back clean, then chances are you're clean. if this is a machine you do your banking on, then it may pay to be extra paranoid and wipe/format/start over just in case. but that's being extra paranoid.
You should be careful with the link is not credible offline.
Be careful with strange links.
It may have infected the virus on your computer.
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.
Just one format doesnt always get rid of a virus.
True, only way to be completely sure is to throw away the hard drive. Of course the new drive could be compromised by the manufacturer or somewhere else along the supply chain.
Also you better toss out the motherboard too as the BIOS could have compromised that would simply reload the virus on any new installs. Even flashing the BIOS with a new image may not remove it completely.
Point is there is no 100% sure fire way, but I agree a format of the SDD, and if you can a motherboard BIOS flash, even if you are overwriting the same version but with a new one downloaded from the manufacturer from a known clean machine and on a new USB. These steps should get you to 99% confidence of a clean machine at least.
don't forget rootkits and bootkits. 
A rootkit on a drive would be eliminated by a full format of the drive. A bootkit virus it that writes itself to the MBR would also be eliminated with a full format of the drive.
don't forget rootkits and bootkits.
A full format will certainly overwrite all the data on the drive and the boot sector so it's no longer recoverable except by forensic software. If you are dealing with malware that copies itself over the network to mapped network drives or that writes itself to the Bios, then yes, a format of the compromised drive would not completely eliminate that type of malware. It's also possible to compromise other systems on your network by sharing USB drives on a system that's been compromised with malware.
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.
Just one format doesnt always get rid of a virus.
Jump to: