Guess what I got hit with

D

Davros

Legend
I was watching tv when my firewall poped up svchost is trying to access the net, so i allow it.
Then a couple of seconds later I think ang on svchost already has permission why is it asking, so i turn around to the pc to find a avg warning trojan detected in my temp folder so I click on quarantine the file.

then I disconnect from the net (desktop is wireless) check out my firewall log and discover svchost that asked for permission is in my temp folder so I remove the permission and open users\davros\appdata\local\temp
and discover the svchost along with some files that look like python files and some opencl files and also a dll from a bit coin miner program.
I delete all those and also discover in a temp folder (C:\temp ) a file called phatk121016Caymanv2w128l4.bin (I have a 6950)

looks like someone tried to infect me with a bot that would use my gpu to mine bitcoins for them.....
 
Not as amusing as the one floating around that takes a picture of the person with a webcam and threatens to report them to the athorities for pirating software unless they are paid $200.
 
lol that's a funny one. Webcam is always one of those devices I keep unplugged unless I'm actively using it.... just in case.
 
I am no Law expert, but I know in Brazil, you cannot be charged for a crime based on proof (even if undeniably correct) attained illegitimately. So really if some virus took pictures of you and searched for pirated software on your computer, good for them, you can't be charged for that unless they had an warrant.
 
Xenus said:
Not as amusing as the one floating around that takes a picture of the person with a webcam and threatens to report them to the athorities for pirating software unless they are paid $200.
Click to expand...
I knew there was a reason I never got one of those things, besides my face for radio. ;)
 
I remember a guy who had put tape on his brand new laptop, with a couple other people saying he's nuts. Like he was afraid of black helicopters or something.
But I thought it was reasonable security to just tape that webcam off if you have no idea if you will get some malware that does who know what. The user was not very computer savvy.

I remember reading about IP cameras that are internet accessible, many not being secured whatsoever. Some can just be "public" cameras, for the rest the owner didn't even care so they're filming 24/7 and you can just hit them with their IP to have a peek! found this lovely beach by googling some terms http://212.142.228.68/axis-cgi/mjpg/video.swf?resolution=704x576&fps=0&textbackgroundcolor=semitrans
 
It claims their the CIA or DOD which makes it even more amusing. Not very harmful though the one that hiders share files and then replicates all the links with copies of itself is far more annoying.
 
Davros I think the console companies have constructed a virus intending to destroy the Sacred Terabyte. You need to take steps to ensure its safety.
 
Dont worry the sacred terrabyte is backed up. one must be careful with important religious artifacts.

ps: did you know that I have copies of everything ive downloded from the internet ever.....
 
I did have every single executable file infected (inlcuding every .exe and every .dll) and had to delete all my games, a few years ago. I stopped using XP and my PC gaming went downhill, so as much I would play pointless chess games against the computer. Out of anger or boredom I would send my rooks and bishop to certain death when it was clear the computer was spanking me again.

Just a hour ago I've found out something that has been waited for 10 years was done. Counterstrike 1.6 released on Linux :LOL: (along with Half-Life 1), in beta status so not part of the official game list but it's really there. Have to fork 10 euros if I want to play it, though.
 
Was that with one of those rogue antivirus prgrams ?
what they actually do is alter the registry so exe's dont work, I keep a reg file just for that

Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command]
[-HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
[-HKEY_CLASSES_ROOT\secfile]

ps: the forum has added spaces in the first 2 lines and I cant get them to display properly
open\command should be no spaces there
 
I got ZBOT, which is pretty much the highest end malware short of stuff like Stuxnet.
On another computer (not mine) it did this as a countermeasure after trying to get rid of it, adding a few tens KB of code to every .exe. The antivirus had apparently deleted the virus after scanning from Windows's "safe mode".. But it fought back badly. And it leaves everything functional, only your I/O is slowed down and you're owned.

BTW in 2009 I still wasn't doing Windows updates, as if I thought Microsoft would spy on me or something.. This sillyness did not withstand the year 2009, where malware increased enormously in quantity and "quality".
I used to run unpatched Windows with no antivirus too (autorun disabled), everything targetted computers directly connected to the internet (no router) or IE. So, running Firefox and having a router made me feel clever.
 
Davros said:
Was that with one of those rogue antivirus prgrams ?
what they actually do is alter the registry so exe's dont work, I keep a reg file just for that

Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command]
[-HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
[-HKEY_CLASSES_ROOT\secfile]

ps: the forum has added spaces in the first 2 lines and I cant get them to display properly
open\command should be no spaces there
Click to expand...

Nope met those too. this was a nastier flavor that hid every file and folder and replaced replaced the files and folders with exe's of itself.
 
That reminds me of a piece of malware I ran into on a client's computer. It actually infected the MBR of their boot drive. Then proceeded to hide most files from the OS so that the user couldn't see them. Then popped up notices that the user should buy a certain program to "recover" their files. Insidious little beast.

Regards,
SB
 
You must log in or register to reply here.

Similar threads

D
Retro build - What GPU's should I go with?
Replies
16
Views
1K
davis.anthony
D
orangpelupa
There's "service.exe" virus that for some reason managed to add "exception" in windows defender
Replies
9
Views
3K
BoardBonobo
BoardBonobo
C
How do I extract Project Diva F-X models for Cinema 4D to make "machinimas"?
Replies
1
Views
927
orangpelupa
orangpelupa
S
Need help with a Windows Security warning
Replies
1
Views
1K
digitalwanderer
digitalwanderer
orangpelupa
Help. Got hit by NVIDIA 12yrs old bug. It keeps doing Chroma Subsampling on TV
Replies
11
Views
4K
Cyan
Cyan
Back
Top