|
|
10-13-2008, 08:49 PM
|
#1
|
Yank me.
In-Game Name: -quit-
Current Level: -quit-
Server: Teva
Posts: 1,503
|
Just suffered a virus attack.
Kids... NEVER download keygens for any games, cause I learned that the hard way. Whatever I downloaded, I checked with McAfee Virus Scan (Stupid piece of... *grumbles*), and then ran it. Thats when all hell broke loose...
That thing in a flash installed something called "Smart AntiVirus 2009", which then started to spam me with hack and virus alerts, and started running some weird commands in my command console. My CPU jumped to 100% and on my network meter I see this HUGE amount of incoming data.
Obviously, I thought "Oh shi...". My constant attempts to delete the setup file weren't very successful, so then it hit me! It was pretty bold, but considering the situation, it was worth a shot. I... pressed "Disable wireless LAN" button conveniently located next to my keypad (Thank you Acer). That shut off the network connection, and the data transfer stopped. Phew...
Then I successfully managed to delete the setup file (Yay), found all of the shortcuts to this "Smartass 2009", and deleted them along with the folder in "My programs" folder. I then force-shutoff my laptop.
Next step: Analyze the damage done. I started Vista in safe mode, and tried to see WTH was wrong with my security system. What I saw made me wanna swear non-stop, cause that thing disabled not only the windows security system, but also my McAfee Security Center and ALL OF MY FIREWALLS (Dammit, I had 3 of those!), and modified some file in my System 32 folder.
Next 2 hours I spent scanning my entire system, followed by a restart. Surprisingly, it found nothing. And so here I am, telling you this story and hoping nothing else goes crazy. Yet something tells me that I got off easy.
Is there something else I should do, or I can breathe freely now?
|
|
|
10-13-2008, 09:03 PM
|
#3
|
Boogy Knight
In-Game Name: none
Current Level: 7000
Server: apo for life
Posts: 163
|
keygen = fail
__________________
I'm back on ff
|
|
|
10-13-2008, 09:44 PM
|
#5
|
Blaaaaaah 2 u 2
In-Game Name: Hraesvelg
Current Level: 6X
Server: Teva
Posts: 1,960
|
First off, get a decent antivirus program. I prefer avast!. Then, get a backup/secondary program to monitor system changes like Spybot's TeaTimer and/or ThreatFire. I run both. Granted, when I do come across an infected file, it seems like they've just dropped a bomb with all of the alerts and sirens...but I don't get infected.
One thing about Threatfire, it'll come up with some false-positives with legitimate files from time to time, so don't panic if it pops up.
|
|
|
10-13-2008, 10:16 PM
|
#7
|
Hardcore Procrastinator
|
Originally Posted by Hraesvelg
|
First off, get a decent antivirus program. I prefer avast!. Then, get a backup/secondary program to monitor system changes like Spybot's TeaTimer and/or ThreatFire. I run both. Granted, when I do come across an infected file, it seems like they've just dropped a bomb with all of the alerts and sirens...but I don't get infected.
One thing about Threatfire, it'll come up with some false-positives with legitimate files from time to time, so don't panic if it pops up.
|
Ah, I use Avast! too, the other day i was d/ling a song, and my windows firewall disabled on its own... i didnt think much of it.. then my Avast's siren started going off~ lucky for that...
@Bela -
Originally Posted by Bela
|
Kids... NEVER download keygens for any games,
|
what makes you think its ok for non-kids to randomly d/l keygen? XD
__________________
G____G
G____GTevaG____G
Heart___G_Hessah_G___Heart
79 - Paladin | 85 - Enchanter | 91 - Scoutxx
Ninja text! For those who's easily amused
I can show you the woooorld!
I don't want to see it!
okay...
|
|
|
10-13-2008, 10:32 PM
|
#8
|
Yank me.
In-Game Name: -quit-
Current Level: -quit-
Server: Teva
Posts: 1,503
|
Update: Lol, I looked up "Smart AntiVirus 2009", and found this:
http://www.wiki-security.com/wiki/Pa...tAntivirus2009
I installed the spyhunter from the link the wiki, and ran a check, and it found 34 spyware stuffs, half of them located in my registries ( ), along with that "Smartass 2009". So I happily click the "Remove" button, and it tells me that I have to register in order to remove spyware (That's pretty dumb...). So I had to go in my cookies and my registry, and manually delete everything. But now I know that I've got a clean comp.
THE END.
@ Hessah: Well, I thought otherwise 5 hours ago.
|
|
|
10-14-2008, 07:21 AM
|
#10
|
Goblin Swordman
In-Game Name: yummy
Current Level: skewl
Posts: 463
|
Originally Posted by Belaslav
|
Obviously, I thought "Oh shi...". My constant attempts to delete the setup file weren't very successful, so then it hit me! It was pretty bold, but considering the situation, it was worth a shot. I... pressed "Disable wireless LAN" button conveniently located next to my keypad (Thank you Acer). That shut off the network connection, and the data transfer stopped. Phew...
|
It wasn't a bold move. It was, in fact, the first thing you should do when an infection is detected! xD
Then you hop on an uninfected computer to look up measures to deal with it.
Quote:
|
Update: Lol, I looked up "Smart AntiVirus 2009", and found this:
http://www.wiki-security.com/wiki/Pa...tAntivirus2009
I installed the spyhunter from the link the wiki, and ran a check, and it found 34 spyware stuffs, half of them located in my registries (), along with that "Smartass 2009". So I happily click the "Remove" button, and it tells me that I have to register in order to remove spyware (That's pretty dumb...). So I had to go in my cookies and my registry, and manually delete everything. But now I know that I've got a clean comp.
|
Never mess with the registry unless you're expert in it. You may end up breaking some programs or Windows features, or in this case, you may have missed certain traces of that program.
http://www.bleepingcomputer.com/malw...antivirus-2009 is a good link to refer to for this program. Bleeping Computer is one of the most trusted venues for malware information and removal methods which utilise only free tools. However, because the tools used are usually highly advanced, you have to follow the instructions word-for-word.
Quote:
|
First off, get a decent antivirus program. I prefer avast!. Then, get a backup/secondary program to monitor system changes like Spybot's TeaTimer and/or ThreatFire. I run both. Granted, when I do come across an infected file, it seems like they've just dropped a bomb with all of the alerts and sirens...but I don't get infected.
One thing about Threatfire, it'll come up with some false-positives with legitimate files from time to time, so don't panic if it pops up.
|
I am using Avast myself. However, its detection is average and has some false positives which you need to watch out for. Avast also detects ALL keygens as threats, even the ones you know are harmless (I checked by scanning the files with multiple engines). TeaTimer is mediocre but does a reasonable job. ThreatFire is an excellent HIPS program, however it also has its "moments".
Should I post a thread about malware prevention and removal instructions? many people seem to have it now and then. o.o
__________________
-------------------------------------------------
Primum non nocere
-------------------------------------------------
Last edited by lamchopz; 10-14-2008 at 07:50 AM..
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 02:28 PM.
Design by Vjacheslav Trushkin, color scheme by ColorizeIt!.
Powered by vBulletin® Version 3.8.6 Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
| |
| |