CloudbaseJ (OP)
Newbie
 Offline
Activity: 36
Merit: 0
|
 |
August 12, 2017, 12:41:14 PM |
|
hello,
I was careless the other day and I downloaded a miner of a link that I thought was trustworthy, the miner worked fine but as soon as i noticed my mistake i deleted it and ran full scans of my computer including boot time scans.
I have not noticed anything happening yet and have found no viruses on my scans but is there a way I can find out if i got infected?
And if so is there a way i can get rid of said infection?
FYI, I clicked a link on a CryptoNoob youtube vid that was re-posted under a different user. What a tool I am!
Cheers
|
|
|
|
|
eckmar
Legendary
Offline
Activity: 1878
Merit: 1038
Telegram: https://t.me/eckmar
|
|
August 12, 2017, 01:11:35 PM |
|
Well since you don't know what kind of virus it is and antivirus is not finding anything there is no way to know for sure. What antivirus did you use ? If you want to be 100% sure reinstall system.
|
|
|
|
|
|
Vann
|
|
August 12, 2017, 01:14:01 PM |
|
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.
|
|
|
|
|
Hawker
Legendary
Offline
Activity: 1218
Merit: 1001
|
|
August 12, 2017, 01:23:28 PM |
|
Antivirus programs are often called malware by mining programs. For this reason, it is unlikely to be a measure against it, but many mining programs are extremely harmless. If you feel unsafe, you can reinstall your system.
|
|
|
|
|
|
P00P135
|
|
August 12, 2017, 01:34:17 PM |
|
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.
Just one format doesnt always get rid of a virus. |
|
|
|
|
|
Vann
|
|
August 12, 2017, 01:52:24 PM |
|
A full format will certainly overwrite all the data on the drive and the boot sector so it's no longer recoverable except by forensic software. If you are dealing with malware that copies itself over the network to mapped network drives or that writes itself to the Bios, then yes, a format of the compromised drive would not completely eliminate that type of malware. It's also possible to compromise other systems on your network by sharing USB drives on a system that's been compromised with malware.
|
|
|
|
|
|
P00P135
|
|
August 12, 2017, 02:02:54 PM |
|
don't forget rootkits and bootkits.  |
|
|
|
|
|
Vann
|
|
August 12, 2017, 02:07:54 PM |
|
don't forget rootkits and bootkits. A rootkit on a drive would be eliminated by a full format of the drive. A bootkit virus it that writes itself to the MBR would also be eliminated with a full format of the drive. |
|
|
|
|
Za1n
Legendary
Offline
Activity: 1078
Merit: 1011
|
|
August 12, 2017, 02:10:49 PM |
|
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.
Just one format doesnt always get rid of a virus. True, only way to be completely sure is to throw away the hard drive. Of course the new drive could be compromised by the manufacturer or somewhere else along the supply chain. Also you better toss out the motherboard too as the BIOS could have compromised that would simply reload the virus on any new installs. Even flashing the BIOS with a new image may not remove it completely. Point is there is no 100% sure fire way, but I agree a format of the SDD, and if you can a motherboard BIOS flash, even if you are overwriting the same version but with a new one downloaded from the manufacturer from a known clean machine and on a new USB. These steps should get you to 99% confidence of a clean machine at least. |
|
|
|
|
dragonkingcoin
Newbie
Offline
Activity: 14
Merit: 0
|
|
August 12, 2017, 02:12:13 PM |
|
Be careful with strange links.
It may have infected the virus on your computer.
|
|
|
|
|
hookcoin
Member
Offline
Activity: 67
Merit: 10
|
|
August 12, 2017, 03:30:08 PM |
|
You should be careful with the link is not credible offline.
|
|
|
|
|
|
zhulick
|
|
August 12, 2017, 03:53:01 PM |
|
if i created a "pay for play" miner for which i charged a hefty fee ( hefty for a small miner), and then suddenly i saw my miner being shared for free all over the place - i too would create a rumor that the shared miner contains malware  not saying that's what happened, just saying that's what i would do. if you tried a couple of up to date av's and everything is coming back clean, then chances are you're clean. if this is a machine you do your banking on, then it may pay to be extra paranoid and wipe/format/start over just in case. but that's being extra paranoid. |
|
|
|
|
farmtester
Newbie
Offline
Activity: 29
Merit: 0
|
|
August 12, 2017, 04:39:24 PM |
|
Run Rogue Killer, AdwCleaner, Farbar Recovery Scan Tool, Junkware Removal Tool. Also run microsoft's process explorer and watch carefully for unwanted processes.
|
|
|
|
|
KougarLOB
Member
Offline
Activity: 136
Merit: 16
|
|
August 13, 2017, 05:33:26 AM |
|
True, only way to be completely sure is to throw away the hard drive. Of course the new drive could be compromised by the manufacturer or somewhere else along the supply chain.
Also you better toss out the motherboard too as the BIOS could have compromised that would simply reload the virus on any new installs. Even flashing the BIOS with a new image may not remove it completely.
Don't forget your mouse and keyboard in case they have store memory (macros). Better get rid of your speakers, too; Devil's music can corrupt your mind. Same with your monitor to eliminate "internet temptation." The power cord should be fine. Keep that. |
1ER7JwEjpjQfm4qaTxy6EaNdNy8MqzP1pt |
|
|
Metroid
Sr. Member
Offline
Activity: 2142
Merit: 353
Xtreme Monster
|
|
August 13, 2017, 05:58:09 AM |
|
Come on which world are you trolls living on, antivirus never detects anything worth detecting, antivirus only detect things that are not worth detecting. I advise you to reinstall the operational system, that is the only way, also, next time run the program in a sandbox.
|
BTC Address: 1DH4ok85VdFAe47fSVXNVctxkFhUv4ujbR
|
|
|
|
szafa
|
|
August 13, 2017, 06:03:49 AM |
|
Check programs running ctrl+alt+del.If you found stop and delete.
|
|
|
|
|
adaseb
Legendary
Offline
Activity: 3878
Merit: 1733
|
|
August 13, 2017, 08:44:29 AM |
|
AV doesen't always detect new malware. If you suspect you're machine was compromised with malware, the only way to be sure it's cleaned from your system is to do a format of drive the and reinstall of the OS from a known good source.
Just one format doesnt always get rid of a virus. Yes it does. |
|
|
|
|
crazyer
Member
Offline
Activity: 69
Merit: 100
|
|
August 13, 2017, 02:42:30 PM |
|
You should be careful when entering dangerous links. When downloading files before decompressing should look closely at the file information. There is currently a virus stealing bitcoin information.
|
|
|
|
|
Sex Video Chat VKcams.com
Sr. Member
Offline
Activity: 490
Merit: 252
http://VKcams.com/
|
|
August 13, 2017, 02:46:32 PM |
|
You should be careful when entering dangerous links.
What is Your way to checking if the link is dangerous? How You Check a Suspicious Link Without Clicking it? |
|
|
|
|
Mr_Snipes
|
|
August 13, 2017, 03:00:21 PM |
|
If you want to go really sure, move your funds to different wallets. In case that thing contained a keylogger, your passphrase to unlock is known.
It can sometimes take a day or two until someone analyzes the keylogger and smtp-dump. You never know if that thing was a lame or a sophisticated one.
Or your private-keys if they were stored in textfiles or something like that.
Finally formatting the whole thing will be the best way to come clean if you are no expert in malware-fighting.
|
|
|
|
|
|
