Jump to content

There is a weird virus in my system

Indus Monk
By Indus Monk
in Troubleshooting
 Share
Posted
  • Author
1 minute ago, Electronics Wizardy said:

Boot it into a disk like this and scrub it

Scrub it?

Indus Monk = Indian+ Buddhist

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
7 minutes ago, AmbarChakrabarti said:

it DOES NOT appear in task manager

But when you LOOK in the task manager it shifts usage to other apps?

AMD Ryzen R9 5900X  | Arctic Liquid Freezer II 360  |  GIGABYTE X570S AERO G  |  2x32GB G'skill TridentZ 4000MHz  | MSI RX 6900 XT Gaming Z Trio 16GB Dark Base Pro 900 (Orange)  | TOSHIBA 4TB 3.5" Drive - Game Drive | Crucial MX200 250GB 2.5" SSD - Boot Drive | Cooler Master V750 PSU |

 

Living Room PC: AMD Ryzen 2400G | MSI RX VEGA 56 8GB AERO | 2x8 GB Crucial Ballistix 2400MHz | Intenso 250GB SSD | Seagate 500 GB HDD | Node 202 + 850W PSU |

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, Electronics Wizardy said:

scan for viruses and stuff.

with the rescue disk?

 

So you mean to say:

1 insert kaspersky disk into system (which i already have)

2 Boot from that rescue disk

3 Clean the system with the disk

Indus Monk = Indian+ Buddhist

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, Edgar R. Zakarian said:

But when you LOOK in the task manager it shifts usage to other apps?

yep. and it corrupts them as well. A restart is all it takes to bring the virus back. And even after killing all the apps, the virus continues to wreak havoc

Indus Monk = Indian+ Buddhist

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Just now, AmbarChakrabarti said:

yep. and it corrupts them as well. A restart is all it takes to bring the virus back. And even after killing all the apps, the virus continues to wreak havoc

wow that sounds terrible.
I have a friend who's tried having a virus which uses his cpu, causing almost all games to lag.

You can't see it, runs in the background.

 

Could be a rootkit?

 

His hides in the BIOS, installs itself along with windows.

 

All he could do was throw away all infected components, buy new usb, reinstall a clean windows.

Anything and any other pc in contact would get infected.

 

Couldn't fit it unless you used some VERY specific softwares.

 

Search up rootkit.

 

http://www.bleepingcomputer.com/forums/t/611270/bios-infection-possible-virus-rootkit/

 

 

AMD Ryzen R9 5900X  | Arctic Liquid Freezer II 360  |  GIGABYTE X570S AERO G  |  2x32GB G'skill TridentZ 4000MHz  | MSI RX 6900 XT Gaming Z Trio 16GB Dark Base Pro 900 (Orange)  | TOSHIBA 4TB 3.5" Drive - Game Drive | Crucial MX200 250GB 2.5" SSD - Boot Drive | Cooler Master V750 PSU |

 

Living Room PC: AMD Ryzen 2400G | MSI RX VEGA 56 8GB AERO | 2x8 GB Crucial Ballistix 2400MHz | Intenso 250GB SSD | Seagate 500 GB HDD | Node 202 + 850W PSU |

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, Edgar R. Zakarian said:

wow that sounds terrible.
I have a friend who's tried having a virus which uses his cpu, causing almost all games to lag.

You can't see it, runs in the background.

 

Could be a rootkit?

 

His hides in the BIOS, installs itself along with windows.

 

All he could do was throw away all infected components, buy new usb, reinstall a clean windows.

Anything and any other pc in contact would get infected.

 

Couldn't fit it unless you used some VERY specific softwares.

 

Search up rootkit.

 

http://www.bleepingcomputer.com/forums/t/611270/bios-infection-possible-virus-rootkit/

 

 

it does show up in mbam and mbar, but it keeps coming back

Indus Monk = Indian+ Buddhist

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Just now, AmbarChakrabarti said:

it does show up in mbam and mbar, but it keeps coming back

If it comes back after windows reinstall, it's not ONLY on the harddrive.

AMD Ryzen R9 5900X  | Arctic Liquid Freezer II 360  |  GIGABYTE X570S AERO G  |  2x32GB G'skill TridentZ 4000MHz  | MSI RX 6900 XT Gaming Z Trio 16GB Dark Base Pro 900 (Orange)  | TOSHIBA 4TB 3.5" Drive - Game Drive | Crucial MX200 250GB 2.5" SSD - Boot Drive | Cooler Master V750 PSU |

 

Living Room PC: AMD Ryzen 2400G | MSI RX VEGA 56 8GB AERO | 2x8 GB Crucial Ballistix 2400MHz | Intenso 250GB SSD | Seagate 500 GB HDD | Node 202 + 850W PSU |

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, Edgar R. Zakarian said:

If it comes back after windows reinstall, it's not ONLY on the harddrive.

how do i detect whether it is in the bios or not without formatting the computer?

Indus Monk = Indian+ Buddhist

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, AmbarChakrabarti said:

how do i detect whether it is in the bios or not without formatting the computer?

I think above You said reinstall of windows doesn't help.

So you already know it's NOT only on the harddrive?

AMD Ryzen R9 5900X  | Arctic Liquid Freezer II 360  |  GIGABYTE X570S AERO G  |  2x32GB G'skill TridentZ 4000MHz  | MSI RX 6900 XT Gaming Z Trio 16GB Dark Base Pro 900 (Orange)  | TOSHIBA 4TB 3.5" Drive - Game Drive | Crucial MX200 250GB 2.5" SSD - Boot Drive | Cooler Master V750 PSU |

 

Living Room PC: AMD Ryzen 2400G | MSI RX VEGA 56 8GB AERO | 2x8 GB Crucial Ballistix 2400MHz | Intenso 250GB SSD | Seagate 500 GB HDD | Node 202 + 850W PSU |

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
8 minutes ago, AmbarChakrabarti said:

with the rescue disk?

 

So you mean to say:

1 insert kaspersky disk into system (which i already have)

2 Boot from that rescue disk

3 Clean the system with the disk

yep

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, Edgar R. Zakarian said:

I think above You said reinstall of windows doesn't help.

So you already know it's NOT only on the harddrive?

I would say yes

Indus Monk = Indian+ Buddhist

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, AmbarChakrabarti said:

how do i detect whether it is in the bios or not without formatting the computer?

Don't t´hink there is a "bios scanner" :P Sry.

AMD Ryzen R9 5900X  | Arctic Liquid Freezer II 360  |  GIGABYTE X570S AERO G  |  2x32GB G'skill TridentZ 4000MHz  | MSI RX 6900 XT Gaming Z Trio 16GB Dark Base Pro 900 (Orange)  | TOSHIBA 4TB 3.5" Drive - Game Drive | Crucial MX200 250GB 2.5" SSD - Boot Drive | Cooler Master V750 PSU |

 

Living Room PC: AMD Ryzen 2400G | MSI RX VEGA 56 8GB AERO | 2x8 GB Crucial Ballistix 2400MHz | Intenso 250GB SSD | Seagate 500 GB HDD | Node 202 + 850W PSU |

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, Electronics Wizardy said:

yep

and if this virus has also infected the bios?

Indus Monk = Indian+ Buddhist

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
50 minutes ago, AmbarChakrabarti said:
 

Threads merged. Please don't make multiple threads about the same issue.

If you need help with your forum account, please use the Forum Support form !

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, AmbarChakrabarti said:

Actually, there is a trojan malpack in my system and in a pendrive. No matter how may times you try, it just refuses to go away. Also, the over heating does not occur in safe mode

Follow the suggestion of Electronics Wizardy and scan the system drive, as well as the pen drive and remove the offending items from both or otherwise REINSTALL.

                  Did I help you to fix your problem or at least did offer somewhat valuable advice? Consider giving my post a "informative" or "thumbs up".

SYSTEM 2: Modded G3 case with Gigabyte GA-G33M-S2L, Intel E8600 (O.C to 4.2GHz.), 4GB GSkill PC8500, Nvidia 8800GTS (512M), Cooling provided by Scythe Big Shrunkin, HDD 1 = OSX 10.9.5, HDD 2 = Windows 7 Pro X64. (Placed 3rd in MacMod  of the year 2012) (For info see:  http://insanelymac.com/forum/topic/285641-and-the-winner-for-macmod-of-2012-is/

LAPTOP: Inspiron 1720, Modded BIOS, X9000 Core 2 extreme OC'ed and undervolted to 3.4GHz (windows only) , 6GB DDR2 800, 8600M GT, 1920x1200 Glossy display, Sigmatel Audio, 2 Kingston HyperX 120GB drives (1 with Windows 7 x64 pro & 1 with OSX 10.9.5) X9000 Processor World Record Holder since 02/2013 on Geekbench 2 : http://browser.primatelabs.com/geekbench2/search?dir=desc&q=x9000&sort=score

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

BIOS virus? Haven't seen those used in a long time except for ransomware.

Read this: http://smallbusiness.chron.com/cleanse-virus-bios-79706.html

                  Did I help you to fix your problem or at least did offer somewhat valuable advice? Consider giving my post a "informative" or "thumbs up".

SYSTEM 2: Modded G3 case with Gigabyte GA-G33M-S2L, Intel E8600 (O.C to 4.2GHz.), 4GB GSkill PC8500, Nvidia 8800GTS (512M), Cooling provided by Scythe Big Shrunkin, HDD 1 = OSX 10.9.5, HDD 2 = Windows 7 Pro X64. (Placed 3rd in MacMod  of the year 2012) (For info see:  http://insanelymac.com/forum/topic/285641-and-the-winner-for-macmod-of-2012-is/

LAPTOP: Inspiron 1720, Modded BIOS, X9000 Core 2 extreme OC'ed and undervolted to 3.4GHz (windows only) , 6GB DDR2 800, 8600M GT, 1920x1200 Glossy display, Sigmatel Audio, 2 Kingston HyperX 120GB drives (1 with Windows 7 x64 pro & 1 with OSX 10.9.5) X9000 Processor World Record Holder since 02/2013 on Geekbench 2 : http://browser.primatelabs.com/geekbench2/search?dir=desc&q=x9000&sort=score

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

If MBAR didn't work, try Kaspersky TDSS and Norton Power Eraser.

 

Also you ignored it earlier, but how did you obtain this virus?

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
On 10/11/2016 at 0:42 PM, AmbarChakrabarti said:

there is a trojan malpack in my system and in a pendrive. No matter how may times you try, it just refuses to go away. Also, the over heating does not occur in safe mode. The virus cannot be killed off in task manager.AND MBAM DOES NOT WORK

EDIT: This virus was in the boot media as well, which i used to install windows. What do i do now?

 

 

 

you'll have to get new boot media if thats where its coming from (preferably unpirated this time) and fresh install everything. you gotta go all scorched earth policy on that virus

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

When you stated that mbam found "Hidden Malware" I'm not necessarily sure what that would classify as.  Just regular Windows malware that maybe doesn't use executables but can run in the registry alone? Before anyone says it doesn't exist, it does exist.  Or malware hiding on the master boot record of your hard drive? 

 

It's totally possible your install media has viruses on it, if it's the default Windows disc which came with your legit and official license key for Windows, malware would be unable to go onto the disc.  There is no ruling out any options in the digital world, almost anything is possible really, it just depends on why you would be a target of advanced malware.  It's probably semi-advanced malware that has infected your system to get financial data or something.

 

I suggest not relying on antivirus software and scanners.  If you relied on them that is probably why you got infected in the first place.  I'm not saying don't use them, I'm saying don't rely on them.  Use a good network configuration, most home routers don't have antivirus filtering built in, so don't bother but using all the protection available from your router, disabling UPnP, enabling flood protection, enabling the NAT Firewall etc.  All play a role in preventing hackers from gaining access to your system, even if a hacker gains access to your system they would need to get through the router.  Blocking pass-throughs can also help.

 

I suggest using Emet on Windows, or something similar like Malwarebytes anti-exploit, but Emet is free, made by Microsoft and has the best capabilities of all the exploit mitigation suites.  Using an antivirus is fine, just don't rely on it, so Windows Defender is fine, if you want to buy an antivirus, Kaspersky is a good choice.   But the main thing is your router, configuring your network to secure from outside threats.

 

Remember not to stress over these things, they can honestly make it seem worse than it actually is.  Instead, be curious, change your passwords and study it.  What does it do? How does it work?  If Malwarebytes can't find the actual malware itself, submit the executable to VirusTotal, or if it's running and can't be stopped then just submit the file hash.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Why does the OP keep saying that MBAM detects this 'virus' yet not once has the exact details of what MBAM thinks it has found been posted?

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

It is easier to moan and whine than to follow anyone's directions of give any troubleshooting results. Somewhere in all of the posts is the fix. WIPE and reinstall! I give up cause I don't like to listen to whining.

                  Did I help you to fix your problem or at least did offer somewhat valuable advice? Consider giving my post a "informative" or "thumbs up".

SYSTEM 2: Modded G3 case with Gigabyte GA-G33M-S2L, Intel E8600 (O.C to 4.2GHz.), 4GB GSkill PC8500, Nvidia 8800GTS (512M), Cooling provided by Scythe Big Shrunkin, HDD 1 = OSX 10.9.5, HDD 2 = Windows 7 Pro X64. (Placed 3rd in MacMod  of the year 2012) (For info see:  http://insanelymac.com/forum/topic/285641-and-the-winner-for-macmod-of-2012-is/

LAPTOP: Inspiron 1720, Modded BIOS, X9000 Core 2 extreme OC'ed and undervolted to 3.4GHz (windows only) , 6GB DDR2 800, 8600M GT, 1920x1200 Glossy display, Sigmatel Audio, 2 Kingston HyperX 120GB drives (1 with Windows 7 x64 pro & 1 with OSX 10.9.5) X9000 Processor World Record Holder since 02/2013 on Geekbench 2 : http://browser.primatelabs.com/geekbench2/search?dir=desc&q=x9000&sort=score

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, zanthros said:

It is easier to moan and whine than to follow anyone's directions of give any troubleshooting results. Somewhere in all of the posts is the fix. WIPE and reinstall! I give up cause I don't like to listen to whining.

The super large font is especially great.

Either wipe and reinstall, or keep up the same browsing habits. Eventually he will get a good 800 number for a Microsoft Technician who will take go's credit card and "clean" his PC. Either way, which ever is easiest.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

You guys are funny with your infected PCs. Nothing withstands a bash: scrub on linux. 

 

Scrub the flash drive, download and burn a windows install DVD (no USB drive). Remove the HDD from the windows pc, scrub it with linux. 

 

Then, download whichever rootkit/bios virus removal tool you want that starts from a USB. Install it onto the cleaned USB you made with linux. Boot from it on the infected PC. Clean infected PC. Reassemble. Reinstall windows.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Troubleshooting

×