1. There is no such thing as a "pending" ban or Steam admin. Anyone threatening your account is a scammer trying to scare you. Read more.

Hacker hacks my PC in game

Discussion in 'SteamRep General Discussion' started by FlyingMonkey, Oct 16, 2015.

  1. SilentReaper(SR)

    SilentReaper(SR) Retired Staff

    Messages:
    11,992
    SteamRep Admin:
    STEAM_0:0:89705646
    @Dafty™
    Actually, Lava is more then proficient in ICT, WA Horse is doing regular computer cleaning of malware. And I've been myself working in ICT over 20 years. The only "registry cleaner" that is useful in RAT attacks are the ones that anti-malware is including in their system of scanning. Programs like CCleaner or Glary Utilities etc., have no effect on the likes of such, they only check for "broken" registry links. The usage of such is then only of merit once the malware has actually been removed, then cleaning the registry with such tools will reveal often entries that linked to said malware in it.

    We deal daily with non-informed (and lazy) users here, that are just not aware on a lot of features and possibilities of software. As such, we have strict policies regarding things like TeamViewer and the likes. You mention options to block the remote viewer to use, but most are just not aware and will go the "easy" way. Also, as this forum is also read by hijackers and phishers, who will attack our users here, which is why we are very strict on offers of "remote tools" here. Hence Lava's warning to you was correct.

    I've updated that guide a bit. (see my last reply there)
    Roudydogg1 likes this.
  2. FlyingMonkey

    FlyingMonkey New User

    Messages:
    9
    Steam:
    STEAM_0:1:48727199
    Downloaded MalwareBytes and I found a virus called "PUP Optional". Removing it now.
    Thanks for all the help. You guys are great and I literally can't be more thankful. Once again, thanks! :)
    SilentReaper(SR) likes this.
  3. Horse

    Horse Administrator SteamRep Admin

    Messages:
    73,306
    SteamRep Admin:
    STEAM_0:1:34690691
    Those are pretty common and variants that change all the time. MalwareBytes can only do but so much.... combine that with Avast Home Free's Boot scam (set to delete upon detection after fully updated) will do a pretty good job. You still have to manually go into your startup, remove entries from starting so when you complete the malwarebytes scan you've already set avast to go into the boot scan so you restart from removing what MBs finds and right into Avast you go before Windows even starts. For even worse machines I yank the drives and slave them to scan some things out. Every machine is different and takes time to properly clean, tweak and update properly. I've been doing it for a long long time... and I've seen it all including the little old lady that had her s✿✿✿ hijacked and held for ransom with the hijacker calling her on the phone flashing pictures up on desktop warning if she didn't pay up they would delete everything. Yeah I've seen it all buddy.
  4. Dafty™

    Dafty™ New User

    Messages:
    6
    Steam:
    STEAM_0:0:2120477
    I understand that under the high volume of new users you have come through here a large percentage of them are out to do malicious things and I guess my reassurance means nothing which is also understandable. I genuinely just wanted to help, I deal with this kind of thing on a hourly basis.

    I think cleaning your registry is extremely beneficial to your computers performance, that's purely the reason why "everyone" should. I just felt it linked to scanning your registry for malicious files and was a thing he "may as well do". Seen some extremely complex viruses implanted into peoples registry, very dangerous place for them to be.

    As for the malware removers, they are genuinely my favourite programs and make life a lot easier if you use the correct ones. True there is a lot of spam/scam ones out there but a detailed search on the web can find legitimate programs that work wonders, they can find viruses and rats an ordinary anti-virus couldn't find. A paid program I used to use found RATs by looking for irregular port connections.

    Just reference to your last comment on how you've seen everything. A CEO of a toy company I was employed by had his computer hacked and held ransom, encrypted his entire HDD in a 32 bit key. My job was to "decrypt it" so he didn't have to pay this guy 80 EURO. Obviously impossible, even with a super computer. But yeh... took me 2 days of explaining for him to understand its impossible and just pay him.
  5. Horse

    Horse Administrator SteamRep Admin

    Messages:
    73,306
    SteamRep Admin:
    STEAM_0:1:34690691
    Hard core there.... this is why even the everyday user should backup stuff every so often :)
  6. Clive

    Clive SteamRep Admin

    Messages:
    6,436
    SteamRep Admin:
    STEAM_0:0:43668349
    I remember someone telling me they had a client who got a crypto-lock virus, but thought "it's fine, I have a backup", then plugged their external into their comp without removing the virus first on their PC. RIP
  7. Horse

    Horse Administrator SteamRep Admin

    Messages:
    73,306
    SteamRep Admin:
    STEAM_0:1:34690691
    [​IMG]
  8. SilentReaper(SR)

    SilentReaper(SR) Retired Staff

    Messages:
    11,992
    SteamRep Admin:
    STEAM_0:0:89705646
    Tip for you guys:
    - Right click the folder with the required data, select properties.
    - Pick tab "Previous versions", and mash some buttons.

    Yeap, can enable that for everywhere. Make sure to do so beforehand tho...