Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ive been infected with something fud invisible/protected


  • Please log in to reply
7 replies to this topic

#1 Teh pro

Teh pro

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 04 September 2010 - 03:37 PM

So today i was pirating cause am working on a project which now has 10000+ serials for 20+ programs and today i forgot to run it in sandboxie and i opened a keygen for wise disk cleaner pro made my the black riders and this is what i have running on my system and what i did to try to remove it

Zemana antilogger activated, ESET NOD32 ANTIVIRUS 4, Malware bytes anti malware, Super Anti Spyware Professional lifetime subscription, Win patrol PLUS and Key scrambler premium.
So this is what i did to see what the keygen modified or the files it created... i ran process monitor and filtered it to only see what files the process "keygen.exe"
made and i found it modified a crapload of system files but the weird thing is when i went to see the modified files it said last modified 2009 or something which is obviously wrong so this is tricky and i know the keygen's backdoored cause it even left the keygen.exe in the %temp% folder.
Then i used system restore to undo the changes it did to my system files and then i ran Hitman pro, super antispyware(fully updated) full scan, then malware bytes fully updated then ran a full scan then eset fully updated and none of them found anything except for some files i know are clean. I know this seems so hard to imagine of something bypassing every security software i have like zemana antilogger, winpatrol and i can't even see any process that is suspicious, this thing's pro lol :thumbsup: and the effect of this problem was while i was running eset nod32 some random music started playing to 8 secs or something and then it ended so please help this thing's crazy and i don't want to run combofix again my self cause the last time i did i disabled my antivirus and stuff and it messed up my com lol

BC AdBot (Login to Remove)

 


#2 Teh pro

Teh pro
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 04 September 2010 - 04:19 PM

I hope i get a reply tomorrow

#3 Teh pro

Teh pro
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 05 September 2010 - 02:13 AM

Guys seriously this pc's cpu and fan is going crazy some one help :thumbsup: and yesterday i could hardly even use it cause the cpu was on 100% all the time

Edited by Teh pro, 05 September 2010 - 02:14 AM.


#4 Driesiooo

Driesiooo

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 05 September 2010 - 02:44 AM

Hello.

I think it's best for your computer, to look for an infection. Just follow the steps on http://www.bleepingcomputer.com/forums/topic34773.html (Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help).

When post your (Hijackthis log +) DDS Log:
  • Be patient, it's very busy at this forum.
  • A professional expert will view your logs and will help you with that problem.
  • Do not use tools (like ComoFix) without professional experience/helper.
Good luck.

#5 Teh pro

Teh pro
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 05 September 2010 - 03:16 AM

Heres what the vt scan reports where http://www.virustotal.com/file-scan/report...303a-1283671305 and if you want i can even pm some one willing to help me the keygen to see what things it changed

#6 Teh pro

Teh pro
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:00 AM

Posted 05 September 2010 - 07:56 AM

I know to so called malware removal experts are busy but it wouldn't hurt to spend 1 minute to solve a problem like this http://www.bleepingcomputer.com/forums/topic345274.html

and am better off my self then asking for help in this forum since it takes ages for some moderator to respond not some member with 60 posts saying to me please make these logs before trying other malware removal tools :thumbsup: you guys really helped me thanks alot :flowers:

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,203 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:07:00 PM

Posted 06 September 2010 - 11:33 AM

Hi Teh Pro,

First of all, I see you have no qualms using illegal software, cracks, keygens and what not, however, you expect our volunteer staff to help you ASAP? That is not how things work here. See also the Board rules.

No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences.


You were pointed to the preparation guide, which you did not follow (I see no topic from you in the appropriate forum). Fortunately for us, most members who seek help with malware removal have understanding for the fact that we have a team of volunteers who help others in their free time.

In other words, if you still need help, please follow the steps in the preparation guide. However, I can tell you that it will take a few days before you will get help as topics are taken oldest ones first. If that is not acceptable to you, then by all means, take it to a repair shop or simply, reinstall your Operating System.

Edited by boopme, 06 September 2010 - 07:36 PM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:00 PM

Posted 07 September 2010 - 02:48 PM

IMPORTANT NOTE: The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Before we can continue, I need you to remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so we need to ensure they have been removed.

Using these types of programs or the websites you visited to get them is almost a guaranteed way to get yourself infected!!
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users