Jump to content
Heads Up! This website is no longer maintained, if your a member from our era, consider joining the discord to say hello.
Sign in to follow this  

The most intelligent virus I've ever met

Recommended Posts

Well, today a friend from FB told me about a shaming video being uploaded on Youtube.. and I saw all my friends' accounts in Youtube responding to this...

(one option is that my friend got hacked... because he doesn't send viruses to other people)

and then it said I need to download a new flash player version.. of course I did because I wanted to see the video

after I downloaded - of course the computer shut down...

Now the interesting part... after my computer rebooted and then it went automatically to Safe Mode so I'll attempt to fix it.. BUT then it rebooted again and came back to Normal Mode (in that part I said WOW)

and when I entered in Normal Mode.. my antivirus (Windows Security Essentials) popped up a message of enhanced mode (of course another action of the virus who hijacked the antivirus and made this message to make me feel a little safer) so every time I tried to get in the antivirus it told me that it's in an Emergency Mode that it's automatically reacting to any virus action (yeah right...)

Now I tried to remove it with another program that removes threats (not exactly antivirus) and the virus sabotaged it....

now before you say "why didn't u try from Safe Mode??" I tried but every time i got in Safe Mode: after 10-15 seconds it reboots again and gets back to Normal Mode.

 

I had 2 options left (Format and System Restore)

Of course, I tried system restore before formatting...

BUT the virus damaged system32 files - so I couldn't restore the system...

Now I'm going over to a friend so his dad can format my computer :P

 

Now... For conclusion... The hacker who thought about this was totally smart (I guess) he thought about every step I'm going to try and that was pretty amazing (too bad people have no life and they are messing with viruses too much)

also I'm lucky that I made a backup for my computer before that happened so I'm pretty happy as it could have ended worse *computer explodes* lol

It just reminds me how I need to be careful on the internet

 

Hope you guys learned from this long annoying topic

and you can share your own experiences with intelligent viruses just like I did.. because personally.. I think it's amazing how the lifeless dude who made it knew about every step I'm going to do.

Edited by Major Zhuinden
Teehee. You should really spell stuff like this, you know.

Share this post


Link to post

Make a batch file with the following in side of it:

echo@
shutdown -a

Save it as whatever you want but name the extension as a .bat file. Whenever your computer is about to shut down, just run this batch file and it will counter the shutdown. This should help you when attempting to remove the program.

 

Note: I've seen viruses that behaved similar to this. The key here is to kill their processes (via task manager or some alternate means) before their monitoring programs can be started up. Most programs that behave like this come in two parts. An actual virus program that does the evil stuff, and a monitoring program that makes sure the virus is running. Both will start the other up if the other is killed, so make sure you identify one before the other so you can delete it as soon as it's killed. That way it can't be restarted to continue the vicious cycle.

Share this post


Link to post

Eh, I wouldn't think a program would sabotage all other possible antiviruses and antimalware utilities, but okay.

 

I've had some issues with viruses hiding in System Volume Information, or one that blocked Taskmgr.exe from running.

I worked around it that I started up Task Manager right when Windows was starting up, and it started running BEFORE the virus could have blocked it.

So I went and deleted uzqzchfx.exe from my Windows\System32 and it all started working again :P Apart from that it infected every single goddamn EXE file on the computer. It was a bitch to kill.

Another one hacked itself into the UserInit of Windows, so it started up if you logged in. And I tried to delete it from the registry, but I actually blocked myself out with that - I couldn't log in! xD yeah, that needed a reinstall afterwards.

Share this post


Link to post

---POST 1---

Kay, just letting you guys know :P my friend's dad, who volunteered to fix the computer.. pretty much succeeded (by using AVG Rescue program scan)

but there's only one problem.. when the computer rebooted because of the virus the first time.. Facebook was open..

and idk if it has anything to do with it but I cannot load Facebook 0_0 idk how or why.. I can load any other site but Facebook...

Any ideas why and how to fix it?

 

---POST 2---

also it seems like the internet got slower 0_0 and I cannot install anti virus AVG

 

---POST 3---

well exactly it damaged everything that has been operated when it rebooted... so i cannot open MapleStory either...

any help?

 

---POST 4---

wow I find bugs every time... second thought **** this virus!!

and **** the ****er who have ****ing made it!!!

The bug I just found is that every time I search something at Google.. and I click a result.. it comes back to Google... how the heck could the virus affect my internet???

Edited by Major Zhuinden

Share this post


Link to post

My guess is it edited your host file. It can be found in the following location:

C:\Windows\System32\drivers\etc\hosts

Share this post


Link to post

1. Don't use Windows Security Essentials; use Avast! or anything really, just not that.

 

2. Try Malwarebytes' Antimalware for removal, rkill (ie. Not allowing you to download these tools - it comes in many filetypes to protect from that) to remove any malicious process that might be affecting it, and a manual process killer if you'd like to be 100% sure.

 

http://www.bleepingc...nti-virus/rkill <--Rkill

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html <--- Malwarebytes

http://download.cnet...4-10223605.html <---Process Explorer (Kill anything that looks suspicious, but if you don't know what it is you might cause more harm than good)

 

3. As Viper said, it probably edited your hosts file in which case you will need to do the following:

 

http://download.blee...s/hostsperm.bat <--Download that, it allows you to edit your hosts file

 

Then navigate to C:\Windows\System32\drivers\etc\hosts and delete it. Redownload it from which ever applies to you

 

Windows XP HOSTS File Download Link (http://download.blee...indows-xp/hosts)

Windows Vista HOSTS File Download Link (http://download.blee...ows-vista/hosts)

Windows 2003 Server HOSTS File Download Link (http://download.blee...03-server/hosts)

Windows 2008 Server HOSTS File Download Link (http://download.blee...08-server/hosts)

Windows 7 HOSTS File Download Link (http://download.blee...windows-7/hosts)

 

Your Windows HOSTS file should now be back to the default one from when Windows was first installed.

 

That's what I usually do to remove all terrible shit.. if it doesn't work you'll probably have to just completely format it to the bone.

 

Good luck!

Share this post


Link to post

ok.. seems like the damages the virus has done are just too much...

it also made the computer be slower when I start it and last night when my brother turned off he computer.. it said it's being turned off.. but it didn't do anything

I asked my friends dads and he said that to many files were corrupted and damaged (and missing of course after the avg rescue)

so we decided to format the computer to make sure there are no and tracks or any left missing/damaged files.. (including the fact that he damaged over 140 files)

 

P.s: Thank you guys for all your suggestions.. i tried most of them but still it was too late... i am definitely going to highly secure my computer next time and I won't get into any link my friend sent me...

 

I appreciate so much your efforts and I hope other people will use those tips besides me.

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×