Overclock.net › Forums › Software, Programming and Coding › Networking & Security › *Sigh* Time to break out the Wipe Drive again.
New Posts  All Forums:Forum Nav:

*Sigh* Time to break out the Wipe Drive again.

post #1 of 11
Thread Starter 
So every now and then you'll get a trojan. Maybe some tracking cookies, perhaps some adware. So what do you do? You open up the ol' AV and remove it, laugh at the sorry attempts to compromise your system, and get on with your life. Sadly, there are those very rare occasions where the virus you get is doing more than just stealing your information...

One day I got on my computer, and was welcomed with the usual Welcome screen, except, things started to go wrong. The welcome screen started flashing like crazy, random programs opened up, I've got 100's of "Consent.exe" opened up in my process list, which is really a killer on my RAM - - -



Uploaded with ImageShack.us

Along with that, I'll occasionally have a bunch of those calendar gadgets open for no apparent reason on the sidebar, and the computer freezes whenever I try to close em.

Well, did numerous scans and reg cleans, but to no avail. The cheery McAfee interface has assured me that my computer has not been harmed in any way, and nothing has helped thus far. Any explanation for this phenomena? I'd rather not have to do a clean install.

Also: The day this all started happening, I noticed a new computer on my network called CORDOVA. I marked it as intruder in McAfee, set my network to private, turned off file sharing, and ran yet another scan, but still no dice on what's causing this.
The WIP
(11 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8350 @ 4.4Ghz ASUS M5A97 R2.0 Sapphire Nitro Radeon R7 370 Crucial Ballistix 8GB @ 1600 
Hard DriveHard DriveOptical DriveCooling
Kingston HyperX SSD 128GB WD Blue 1TB HDD LG Corsair H80i - Push/Pull 
OSPowerCase
Windows 10 750Watt Corsair NZXT Phantom 
  hide details  
Reply
The WIP
(11 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8350 @ 4.4Ghz ASUS M5A97 R2.0 Sapphire Nitro Radeon R7 370 Crucial Ballistix 8GB @ 1600 
Hard DriveHard DriveOptical DriveCooling
Kingston HyperX SSD 128GB WD Blue 1TB HDD LG Corsair H80i - Push/Pull 
OSPowerCase
Windows 10 750Watt Corsair NZXT Phantom 
  hide details  
Reply
post #2 of 11
Get mse and scan with it see what comes up.
post #3 of 11
Thread Starter 
Mse?
The WIP
(11 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8350 @ 4.4Ghz ASUS M5A97 R2.0 Sapphire Nitro Radeon R7 370 Crucial Ballistix 8GB @ 1600 
Hard DriveHard DriveOptical DriveCooling
Kingston HyperX SSD 128GB WD Blue 1TB HDD LG Corsair H80i - Push/Pull 
OSPowerCase
Windows 10 750Watt Corsair NZXT Phantom 
  hide details  
Reply
The WIP
(11 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8350 @ 4.4Ghz ASUS M5A97 R2.0 Sapphire Nitro Radeon R7 370 Crucial Ballistix 8GB @ 1600 
Hard DriveHard DriveOptical DriveCooling
Kingston HyperX SSD 128GB WD Blue 1TB HDD LG Corsair H80i - Push/Pull 
OSPowerCase
Windows 10 750Watt Corsair NZXT Phantom 
  hide details  
Reply
post #4 of 11
Do a scan with these two programs during safe mode, then another scan in normal mode (disconnect your ethernet cable).

http://www.superantispyware.com/

http://www.malwarebytes.org/

PS.

There are some Virus's/RootKits/StealthKits that Mcafee cant detect.
post #5 of 11
1. download avast onto a memory stick from another computer
2. try to install it normal or safe mode
3. boot scan
4. should clear it out, check with a MalWare bytes or avast scan

If that doesn't work I can offer more assistance

Edit:
Quote:
Originally Posted by Modd3d View Post
Mse?
Microsoft security essentials, free and lightweight but effective
post #6 of 11
Every now and again?

Uhh no.
    
CPUMotherboardGraphicsRAM
Intel Overdrive 486DX4 100Mhz Digital Venturis 466 S3 Trio 32 1MB 68MB 72 Pin SIMMs 
Hard DriveOptical DriveOSMonitor
1.2Gb & 270Mb 32X CD-ROM Windows 98 SE LG 23" Flatron 
KeyboardPowerCaseMouse
Microsoft PS/2 Lite-On Digital Venturis 466 Logitech PS/2 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Overdrive 486DX4 100Mhz Digital Venturis 466 S3 Trio 32 1MB 68MB 72 Pin SIMMs 
Hard DriveOptical DriveOSMonitor
1.2Gb & 270Mb 32X CD-ROM Windows 98 SE LG 23" Flatron 
KeyboardPowerCaseMouse
Microsoft PS/2 Lite-On Digital Venturis 466 Logitech PS/2 
  hide details  
Reply
post #7 of 11
Quote:
Originally Posted by Modd3d View Post
So every now and then you'll get a trojan. Maybe some tracking cookies, perhaps some adware. So what do you do? You open up the ol' AV and remove it, laugh at the sorry attempts to compromise your system, and get on with your life. Sadly, there are those very rare occasions where the virus you get is doing more than just stealing your information...

One day I got on my computer, and was welcomed with the usual Welcome screen, except, things started to go wrong. The welcome screen started flashing like crazy, random programs opened up, I've got 100's of "Consent.exe" opened up in my process list, which is really a killer on my RAM - - -


Along with that, I'll occasionally have a bunch of those calendar gadgets open for no apparent reason on the sidebar, and the computer freezes whenever I try to close em.

Well, did numerous scans and reg cleans, but to no avail. The cheery McAfee interface has assured me that my computer has not been harmed in any way, and nothing has helped thus far. Any explanation for this phenomena? I'd rather not have to do a clean install.

Also: The day this all started happening, I noticed a new computer on my network called CORDOVA. I marked it as intruder in McAfee, set my network to private, turned off file sharing, and ran yet another scan, but still no dice on what's causing this.
1. No it's not normal to regularly get infected.
2. Bad infection.
3. McAfee is crap
4. Is your WiFi secured? If not it sounds like a neighbor is helping themselves to your internet. If your WiFi is secure then it may be that one of the virus you have is using your PC as a VPN server to gain access to your LAN.


I would do this:

1. Reinstall Windows.
2. Enable automatic updates
3. Install a good AV. (Avast, MSE, Panda Cloud)
4. Install MalwareBytes
5. Secure your WiFi if it isn't
6. Install the latest versions of Flash, Java, etc and enable their automatic update features
6. Be smart about your browsing. *COUGH* Avoid crap P2P, and the seedy side of the internet*/COUGH*
Edited by AtomicFrost - 2/9/11 at 5:13pm
ColdCut
(14 items)
 
YetiKube
(19 items)
 
 
CPUMotherboardGraphicsRAM
5960x Asus Rampage V Extreme  XFX 295x2 Core Hydro Edition CORSAIR Vengeance LPX 16GB DDR4 2800 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 Pro  Samsung 850 EVO Western Digital Black 3TB  LG Bluray Burner 16x 
CoolingOSMonitorPower
H110i GT Windows 8.1 Pro Asus 4k Corsair AX1500i  
CaseAudio
Corsair 900D Stock 
CPUMotherboardGraphicsRAM
(1) 2500K ASRock Extreme3 Gen3 GTX 780 Classified Mushkin 996995 DDR3 1600 (2 Sticks) 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 840 Pro (1) 150GB Western Digital Raptor (1) 1TB Western Digital Black Caviar (1) Samsung SATA DVD Burner 
CoolingOSMonitorKeyboard
Antec Kuhler H2O 620 Windows 8.1 LG 21:9 Ultrawide 34" 3440x1440 Filco 114 key (Blue Cherry) / HHKB Pro 2 
PowerCaseMouseMouse Pad
Corsair HX850W - 850W Mountain Mods - U2 UFO Orginal - Gloss Black Logitech G400 / Razer Deathadder BE Razer Goliathus Extended / Artisan Hien VE (Sof... 
AudioOtherOther
Creative Sounds Blaster X-FI Titanium HD Asus USB N-53 Wireless USB adapter  12 Case Fans 
  hide details  
Reply
ColdCut
(14 items)
 
YetiKube
(19 items)
 
 
CPUMotherboardGraphicsRAM
5960x Asus Rampage V Extreme  XFX 295x2 Core Hydro Edition CORSAIR Vengeance LPX 16GB DDR4 2800 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 Pro  Samsung 850 EVO Western Digital Black 3TB  LG Bluray Burner 16x 
CoolingOSMonitorPower
H110i GT Windows 8.1 Pro Asus 4k Corsair AX1500i  
CaseAudio
Corsair 900D Stock 
CPUMotherboardGraphicsRAM
(1) 2500K ASRock Extreme3 Gen3 GTX 780 Classified Mushkin 996995 DDR3 1600 (2 Sticks) 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 840 Pro (1) 150GB Western Digital Raptor (1) 1TB Western Digital Black Caviar (1) Samsung SATA DVD Burner 
CoolingOSMonitorKeyboard
Antec Kuhler H2O 620 Windows 8.1 LG 21:9 Ultrawide 34" 3440x1440 Filco 114 key (Blue Cherry) / HHKB Pro 2 
PowerCaseMouseMouse Pad
Corsair HX850W - 850W Mountain Mods - U2 UFO Orginal - Gloss Black Logitech G400 / Razer Deathadder BE Razer Goliathus Extended / Artisan Hien VE (Sof... 
AudioOtherOther
Creative Sounds Blaster X-FI Titanium HD Asus USB N-53 Wireless USB adapter  12 Case Fans 
  hide details  
Reply
post #8 of 11
@OP

Get a copy of BartPE on CD, boot up from it, use the explorer and start removing all files/directories you're unaware of or those that shouldn't be there.

Unless of course, you're unfamiliar with Windows and it's file system/directories. Then I suggest what others have.
    
CPUMotherboardGraphicsRAM
INTEL ASUS XFX  SAMSUNG 
Hard DriveOptical DriveCoolingOS
WD/ST LG KUHLER WINDOWS 
MonitorKeyboardPowerCase
LG/SAMSUNG IBM MODEL M CORSAIR THERMALTAKE 
MouseMouse PadAudio
MS INTELLIMOUSE EXPLORER 3.0 REGULAR LARGE PAD ONBOARD but it USED TO BE A XONAR DG  
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
INTEL ASUS XFX  SAMSUNG 
Hard DriveOptical DriveCoolingOS
WD/ST LG KUHLER WINDOWS 
MonitorKeyboardPowerCase
LG/SAMSUNG IBM MODEL M CORSAIR THERMALTAKE 
MouseMouse PadAudio
MS INTELLIMOUSE EXPLORER 3.0 REGULAR LARGE PAD ONBOARD but it USED TO BE A XONAR DG  
  hide details  
Reply
post #9 of 11
Thread Starter 
Thanks for the replies guys. I ran malwarebytes, fixed the issues it told me there was, and it helped quite a bit. Still having some small glitches on startup, however, so I'm going to run a couple other scans and borrow my friend's copy of Avast. So glad I don't have to Wipe this one. It's my downloading PC ;D.
The WIP
(11 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8350 @ 4.4Ghz ASUS M5A97 R2.0 Sapphire Nitro Radeon R7 370 Crucial Ballistix 8GB @ 1600 
Hard DriveHard DriveOptical DriveCooling
Kingston HyperX SSD 128GB WD Blue 1TB HDD LG Corsair H80i - Push/Pull 
OSPowerCase
Windows 10 750Watt Corsair NZXT Phantom 
  hide details  
Reply
The WIP
(11 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-8350 @ 4.4Ghz ASUS M5A97 R2.0 Sapphire Nitro Radeon R7 370 Crucial Ballistix 8GB @ 1600 
Hard DriveHard DriveOptical DriveCooling
Kingston HyperX SSD 128GB WD Blue 1TB HDD LG Corsair H80i - Push/Pull 
OSPowerCase
Windows 10 750Watt Corsair NZXT Phantom 
  hide details  
Reply
post #10 of 11
Stop downloading and running illegal things and maybe you won't have these issues? That is the only thing I can assume by you saying "It's my downloading PC ;D."

I haven't been infected with a virus for quite some time, and when I was infected, it was because I let someone else use my computer.
Gaming
(23 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X6 1090T Crosshair IV Formula GTX 560 GTX 580 
RAMRAMRAMRAM
G. Skill F3-12800CL6D-4GBPI G. Skill F3-12800CL6D-4GBPI G. Skill F3-12800CL6D-4GBPI  G. Skill F3-12800CL6D-4GBPI 
Hard DriveHard DriveHard DriveOptical Drive
Seagate Hard Drive Seagate Hard Drive Crucial M4 SSD Sony Optiarc 
CoolingOSMonitorMonitor
Corsair H70 Windows 7 Professional x64 ASUS VH242H 23" Monitor ASUS VH242H 23" Monitor 
MonitorKeyboardPowerCase
Samsung SyncMaster 906BW 19" Monitor Logitech G15 Corsair 1K PSU Lian-Li 70A 
MouseMouse PadAudio
Logitech Performance MX Razer Vespula HT Omega Pro+ 
  hide details  
Reply
Gaming
(23 items)
 
  
CPUMotherboardGraphicsGraphics
AMD Phenom II X6 1090T Crosshair IV Formula GTX 560 GTX 580 
RAMRAMRAMRAM
G. Skill F3-12800CL6D-4GBPI G. Skill F3-12800CL6D-4GBPI G. Skill F3-12800CL6D-4GBPI  G. Skill F3-12800CL6D-4GBPI 
Hard DriveHard DriveHard DriveOptical Drive
Seagate Hard Drive Seagate Hard Drive Crucial M4 SSD Sony Optiarc 
CoolingOSMonitorMonitor
Corsair H70 Windows 7 Professional x64 ASUS VH242H 23" Monitor ASUS VH242H 23" Monitor 
MonitorKeyboardPowerCase
Samsung SyncMaster 906BW 19" Monitor Logitech G15 Corsair 1K PSU Lian-Li 70A 
MouseMouse PadAudio
Logitech Performance MX Razer Vespula HT Omega Pro+ 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › *Sigh* Time to break out the Wipe Drive again.