Return to Level1Techs.com

I had an intrusion? A virus attack?

windows10
helpdesk
#1

I thought I would share something that just happened to me a few minutes ago. I was looking up some information with the edge browser on W10, and it was in reference to a company I was curious about. It was a Panamanian company that was unnamed, but I had a phone number. Searching things related to the number, I found a website called “scamguard”, and it had a few reviews all linked to the number I was looking for.
There was a specific website mentioned in the reviews, “dollar4invite”, I won’t make that a link. When I entered the url in the search header on Edge with the .com at the end, it took me to several websites in quick succession. Like it was bouncing me around the web really fast. My history shows 3.
digitalgator.info
eleseems-insector
server4.goaldigger.info
After about 1 second, I was on my desktop and edge was open but smaller, and windows started poopin" like crazy. I immediately powered off my pc with the power button and unplugged the ethernet.
I turned it back on disconnected from online, and checked task manager. Nothing there. I went into defender and did a scan, nothing there. I reconnected the ethernet, no signs of anything.
I have removed some pop-up style crap several times in the past from relative’s computers, but this was way out of my league.
Does anyone out there know what it was? It is just some generic malware, or something more sinister? And most importantly, do I need to wipe my drive or replace it and reinstall windows?

3 Likes

#2

Anything specific or just “crazy”

4 Likes

#3

I feel like he was getting a bunch of new edge browser windows appearing

1 Like

#4

I caught a brief glimpse of what looked like a power shell window or command line window full of text, and on top of it were popping layers of edge browser window? To be honest, when I saw it I reacted at light speed, and just jumped across the living room and pulled the ethernet and powered it down.

0 Likes

#5

yeah thats malware, cant say whether it did anything or not but I would recommend using an AV other than Defender to have a second look.

4 Likes

#6

That sucks:(

0 Likes

#7

Personally unless I am able to have another A/V catch something (more than one I should say) I typically reformat in case it’s something worse. Sorry that you’re only getting bad news in this case.

1 Like

#8

Again no one knows if it had enough time to do everything it was supposed to. Go download something avast AVG or malwarebytes to a flash drive and have another go. MB’s free version has saved me before

4 Likes

#9

You could also connect your hard drive to another PC and do a Malware scan there.
Personally, I like Malewarebyte’s scanner although it tends to be on the false-positive side.

0 Likes

#10

I’ll give that a go, I have a usb somewhere here. Does this mean I will loose my memes? LOL

0 Likes

#11

You wont lose any data from a scan.

3 Likes

#12

you’ll only lose them in the event you have to do a complete reinstall and don’t have them backed up somewhere…

Happened to me earlier this year during troubleshooting

0 Likes

#13

I used malwarebytes once to help find a bad bug off another pc, and it was harder to get rid of than the bug.

0 Likes

#14

iirc, there was a bad build of Malwarebytes some time ago. I haven’t had any issues with it myself, but I recall others having some problems.

Edit: Yup there was a whole thread on it here: Massive memory leak caused by Malwarebytes

0 Likes

#15

Well, I’ll try to keep it on the usb anyways. let me try it.

0 Likes

#16

OK, I ran it and got zero hits. when I was removing the malwarebytes, though, I did see something in my program files.
$GetCurrent
And inside that folder was 2 subfolders:
Logs
Setup

I don’t remember seeing it before, I don’t put much on my PC except for a few games, and I go through it alot cleaning stuff up. So I just canned the folder. Both subfolders were empty.
And now I have one more piece of malwarebytes to get rid of, it says it’s running in explorer. Great.

0 Likes

#17

You could also try to capture your network traffic with wireshark for the time being

1 Like

#18

Wireshark, eh? I guess better to play it safe, I’ll check it out. Thank you all for the advice, once again:)

0 Likes

#19

Wireshark! What unholy madness is this? Such a thing exists?
I looked at a youtube video on it before downloading, and into my download I noticed it is 186GB. I don’t have room for it on my drive, just a 240GB ssd for a few games.
But I am sold, nonetheless. When I upgrade the drive, I will download that first. If I stare at it long enough while clicking around, I’m sure I’ll figure it out eventually.

0 Likes

#20

No way bro. No way. :scream::scream::scream:

2 Likes