Anybody else get a virus tonight?

**spade** · 08-16-2009 10:26 PM

Originally Posted by OumaFan

I got one from the stream I guess.

that and a gay porn phone site thing that couldn't be closed out. And firefox wouldn't even open and the computer would just shut off at times.

What are you doing there?

___

**C-Lo** · 08-16-2009 10:56 PM

Yup...

...I got a virus too!

Just logged on to the computer I used to watch the fight last night and it was just bugging out! We have 4 computers in the house and for some reason I chose to use the one that was just about to break when I usually pick the good ones for fights. I was already debating to buy a new one but now, it just makes the decision easier.

**CFH** · 08-17-2009 04:56 AM

My computer is acting fine and my anti-virus doesn't detect anything. I'd wager I still got it though.

**OumaFan** · 08-17-2009 02:59 PM

mine was called skynet, cute. I apparently got rid of it which shocked people on this computer website (bleepingcomputer.com, very helpful, I'm sure they're thrilled with the endorsement) but it was one of those viruses that are mainly known for getting credit card information, luckily I had a credit card disaster years ago and mainly avoid them now, I did call my bank cause I do online banking but nothing.

**CFH** · 08-17-2009 03:04 PM

So aside from running an anti-virus scan, which I've done, is there anything else I can do to check and see if my computer was infected as well?

**OumaFan** · 08-17-2009 03:14 PM

well my anti-virus scan picked up virus corrupted files left and right so if you don't see any that's a good sign.

Try this, its probably a good thing to have on your computer anyway. Malwarebytes anti-malware thing. Its what I think helped me.

Malwarebytes Anti-Malware - Reviews and free Malwarebytes Anti-Malware downloads at Download.com

**OumaFan** · 08-17-2009 03:15 PM

if you really want to go all out this thing doesn't really do anything but it will show you if you've got something

here's the thing from the computer website about how to run it

We can kill this thing though.

Please install RootRepeal
Note: Vista users ,, right click on desktop icon and select "Run as Administrator."

Go HERE, HERE, or HERE and download RootRepeal.zip to your Desktop.

Disconnect from the Internet or physically unplug your Internet cable connection.
Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
Temporarily disable your anti-virus and real-time anti-spyware protection.
After starting the scan, do not use the computer until the scan has completed.
When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.

Extract RootRepeal.exe from the zip archive.
Open on your desktop.
At the top of the window, click Settings, then Options.
Click the Ssdt & Shadow Ssdt Tab.
Make sure the box next to "Only display hooked functions." is checked.
Click the "X" in the top right corner of the Settings window to close it.
Click the tab.
Click the button.
Check all seven boxes:
Push Ok
Check the box for your main system drive (Usually C, and press Ok.
Allow RootRepeal to run a scan of your system. This may take some time.
Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

~Blade

when I ran that the first time this came up

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/16 07:06
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF535F000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7A15000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF05D8000 Size: 49152 File Visible: No Signed: -
Status: -

Name: SKYNETlewfgilt.sys
Image Path: C:\WINDOWS\system32\drivers\SKYNETlewfgilt.sys
Address: 0xF5587000 Size: 167936 File Visible: - Signed: -
Status: Hidden from the Windows API!

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: C:\WINDOWS\system32\SKYNETabwqqlam.dll
Status: Invisible to the Windows API!

Path: C:\WINDOWS\system32\SKYNEToujwckqf.dat
Status: Invisible to the Windows API!

Path: C:\WINDOWS\system32\SKYNETovrdqjdu.dll
Status: Invisible to the Windows API!

Path: C:\WINDOWS\system32\SKYNETrqvpepxj.dat
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETxjvenappfh.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETxmxgokprxe.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETxobcgfnyyb.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETxouftkbfni.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETxrxtcepowx.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETxtvxunmcqf.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETxwbcqvnmsp.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETxxvcxnlqru.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETyigmtnrxkv.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETynxvripjir.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETyovnfvorxi.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETyrbqyneewd.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETyrbrxrxvnl.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\T30DebugLogFile.txt
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\Temporary Internet Files
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\wallpaper.log
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\WizInstaller.log
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\_avast4_
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\_ISTMP1.DIR
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETchroienwen.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETcqxdcsbdie.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETcrnsexjqqo.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETcvitqsbfns.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETeexnlqddtt.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETeiwucrjiej.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETeqvoremdri.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETetbvoufjix.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETeudylbeyio.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETphpfvcdbdr.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETpiksvirtft.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETppfjixjuxp.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETppokviuxtk.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETpporjexbnv.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETpqrnssprxy.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETprirbvfiyv.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETpsqnkbduor.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETpsxnkbduor.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETpylqypqfvk.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETqfuxphorxu.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETqlfkssqlrs.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETqmbvrnspyp.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETqrnsspgroi.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETqspfthxxvr.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNETqvcdgdeofv.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\SKYNEThqjopfquxg.tmp
Status: Invisible to the Windows API!

and on and on and on, believe me it went a lot longer. So basically you'll see something saying you have skynet files if you do.

Not sure if you want to do all that but the malwarebytes thing is good to have on your computer anyway.

User Tag List

Thread: Anybody else get a virus tonight?

Thread Tools

Display

Hybrid View

Re: Anybody else get a virus tonight?

Re: Anybody else get a virus tonight?

Re: Anybody else get a virus tonight?

Re: Anybody else get a virus tonight?

Re: Anybody else get a virus tonight?

Re: Anybody else get a virus tonight?

Re: Anybody else get a virus tonight?

Thread Information

Users Browsing this Thread

Similar Threads

Hmm.....Virus

Does everyone use anti-virus?

MSN virus?

Need help guys with virus checkers etc

Tags for this Thread

Bookmarks

Bookmarks