Downloaded a virus

[cleverpun]

http://forums.backpack.tf/index.php?/statuses/user/1-brad-pitt/?status_id=22934

 

I stupidly clicked a link from Alex's account while it was hijacked.

 

I am currently running a pair of virus scans and had an IRL friend change my steam password. Just to be safe, you can block me on steam until I'm certain that I have done everything I can to clear my computer of viruses.

 

Advice on what to do would also be appreciated

[Julia Gillard the Honest]

Blimey! Thanks for the warning.

[ThatOtherChigga #Mack]

Damn...good luck.

[Mr Prince]

If you want to be 100% sure that system is clean do a clean install then change passwords.

 

I would also give proces explorer a change http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

 

Check any dodgy executable and see if signature is verified if its not check what app executeable is from or search it online via right click search online.

Proces explorer helped me spot unknown malware before its very usefull if you known how to use it.

[cleverpun]

If you want to be 100% sure that system is clean do a clean install then change passwords.

 

I would also give proces explorer a change http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

 

Check any dodgy executable and see if signature is verified if its not check what app executeable is from or search it online via right click search online.

Proces explorer helped me spot unknown malware before its very usefull if you known how to use it.

I have misplaced my W7 boot disc, but I'll try the process explorer; I'm not too good at computer stuff, but hopefully it will help

[Mr Prince]

Just make sure if you do clean install to do a format on main drive, and backup stuff first on a usb stick or drive scan that later obviously to be sure its not infected though malware rarely infects other files anymore these day's.

 

i would install nod32 trail + comodo firewall + malwarebytes free for extra security for when you cannot count on nod32 alone.

[Chief D]

Did you give your unusuals to your friend as well?

[cleverpun]

Did you give your unusuals to your friend as well?

I had them log in to my steam account from their computer and change my password. I'm told that will trigger SteamGuard and prevent me from trading

[Chief D]

I had them log in to my steam account from their computer and change my password. I'm told that will trigger SteamGuard and prevent me from trading

I'm not sure about it, honestly. But I think that if you don't even have the hats to begin with, they can't steal them from you.

[Mr Prince]

If steam guard is enabled while you login from different ip then it locks yes, i dont see a trade ban on your account currently cleverpun.

[cleverpun]

If steam guard is enabled while you login from different ip then it locks yes, i dont see a trade ban on your account currently cleverpun.

Other people can't always see trade status (you are currently unable to trade with [user], more information will be shown if they ask to trade with you)

 

I haven't logged onto steam on this computer at all with the new password, and I have only stored it on paper IRL, so there shouldn't be a way to get it even if my computer gets remote controlled.

 

I shredded the offending files using AVG, and the scans are still going. Process Explorer isn't showing any suspicious processes (at least to my untrained eye). When the scans complete I will change my gmail password too

[Mr Prince]

Its save to say if malware bytes does't find anything from full scan its probably clean, to be sure do a system restart and another full system scan.

Some viruses become active after a reboot again.

 

Anyway i believe if acount has trade ban due steamguard then it  looks like this http://steamcommunity.com/id/VinceTheShamwowGuy/

[cleverpun]

Its save to say if malware bytes does't find anything from full scan its probably clean, to be sure do a system restart and another full system scan.

Some viruses become active after a reboot again.

 

Anyway i believe if acount has trade ban due steamguard then it  looks like this http://steamcommunity.com/id/VinceTheShamwowGuy/

That's a probation from Valve, not steamguard

[Alex From Security]

The douche changed my steam password and my email password.

I am pretty much locked out, but I am still signed in to my tablet so I can talk through bp.tf.

I'm so sorry

[Mr Prince]

Their must be a way to regain acces though ? did you try regain acces yet ?

[cleverpun]

The douche changed my steam password and my email password.

I am pretty much locked out, but I am still signed in to my tablet so I can talk through bp.tf.

I'm so sorry

Did it change after you turned off your computer? Because I can leave mine on until the scans complete

 

AVG removed 1 trojan horse, so we'll see if mwb finds anything

[AwesomeMcCoolName]

I had them log in to my steam account from their computer and change my password. I'm told that will trigger SteamGuard and prevent me from trading

No, steam guard is only activated for that particular site. I.e. if you log into steam for the first time on chrome, but you've been logged in on safari for months, safari will still work.

[cleverpun]

No, steam guard is only activated for that particular site. I.e. if you log into steam for the first time on chrome, but you've been logged in on safari for months, safari will still work.

well, as I mentioned, my password is not stored on this computer now, so a trojan horse would not be able to get it anyway

[Punishment_Fatal]

I had them log in to my steam account from their computer and change my password. I'm told that will trigger SteamGuard and prevent me from trading

Changing the password is fine since they have to jump another barrier. Here's the problem though: Steam only locks trading on that device. If he manages to get through, I don't know what to say.

 

Edit: Never mind, it locks it for any new device.

 

I swear, if this is one of the #savetehkeys members, I'll personally hunt them down.

[cleverpun]

Changing the password is fine since they have to jump another barrier. Here's the problem though: Steam only locks trading on that device. if he manages to get through, I don't know what to say.

 

I swear, if this is one of the #savetehkeys members, I'll personally hunt them down.

Duly noted--im gonna change my email passwords and clear Firefox's saved passwords once the final scan is done, then Ill restart my computer and do another set of scans. After that Im not sure what else I can do

[Punishment_Fatal]

Duly noted--im gonna change my email passwords and clear Firefox's saved passwords once the final scan is done, then Ill restart my computer and do another set of scans. After that Im not sure what else I can do

I don't know if you have previous saves, but if you do, try a System Restore and put your computer in Safe Mode.

[Mr Prince]

system restore won't help, if you made a complete backup though aka ghost image you can format main drive and then restore the ghost image should be clean then.

 

windows has this also build in this function but not via system restore, i would't advice using system restore at all it won't magicaly clean up your system.

[AwesomeMcCoolName]

Download a copy of W7 installer off the internet, and then just use your cd key to activate it. 

[Professional Map Painter]

You could try storing any valuables/unusuals in a Bazaar buy now bot as an extra safety precaution. Just set the wishlist to something ridiculous like 10 uncraftable gifted level 56 buds, for example.

[AwesomeMcCoolName]

You could try storing any valuables/unusuals in a Bazaar buy now bot as an extra safety precaution. Just set the wishlist to something ridiculous like 10 uncraftable gifted buds, for example.

If he has access to the account, then he can just log into bazaar and request the items back.

 

If restoring the computer isn't an option, the best shot would probably be to store all the valuable shit on a friends account until the dust settles. I'd assume that if the hacker can't get anything for a week+, he'll just stop checking and give up.