I’ll get into the history of my suspicion in a bit. First I’ll explain the recent events that have made me unsure of my PC’s current state of security.
This morning before work, I hopped onto Google Chrome (my browser of Choice) and did my morning routing of email, news and social media. My Homepage is Google and it would not load properly. Usually nothing of note, google like any other site has it’s downtime and I thought nothing of it. Twenty Minutes later I try google again to search for more info on some stories I had read. To my surprise Google was still down on Chrome so I hopped over to Bing and did it there. While I was on Bing I decided to check and see what the problem’s Google was having and how long it had been down. To my surprise Google was up and looking back at the time log had no issues for the better part of an hour, so I tried Google again…nothing 404. I checked to see if Chrome was up to date an it was. Next I Opened Firefox and IE to see if I Could access Google on those browsers, and I Could. I tried once more on Chrome and this time I got a warning message telling me there was Malware ahead, So I closed Chrome and Opened up it’s setting to ensure they were as I kept them and that no extensions were running. Everything on that avenue was as I had configured it.
The above got me thinking back to last week when I accessed my Youtube (Google account) for the first time in a month. A warning popped up saying that a suspicious login was blocked from this Area of the world:
Wednesday, June 26, 2013 4:42:55 AM UTC
IP Address: 60.166.233.92
Location: Hefei, Anhui, China
I was promted to change my password, but I didn’t trust the pop up so I closed it and opened a new page to login directly to Google itself and change my password there rather than trust the pop up to do so. Changed it, and though nothing of it because according to Google it had blocked the attempt. I knew my password at the time was nothing special and I only used it to comment on Youtube videos, nothing else. But around the same time as that I came back to my computer after work and saw a message that read “Windows will apply these changes after the next reboot.”. I checked to see if it was updates and I checked the event log to see if any changes were made there, nothing. Scanned for Virusess with Microsoft Security Essentials, Malwarebytes and Kasperskey’s TDSS Rootkit Killer. Found nothing. Checked my installed programs and found nothing out of the ordinary, I also checked the running processes in the task manager and found nothing odd.
All of this came back to me this morning while I was having odd problems with Google and made me a little suspicious. So I restarted the PC In safe mode and scanned everything again with Security Essentials, Malwarebytes and TDSS Killer. Found nothing. By that time I had to go to work and my PC is now off and will remain so until I decide what to do. I am an IT tech, so any information, will help and I should be able to understand even the most technical of explanations. Since my degree I have been a lot more cautious about what I click on and where I go on the web, but working in the field that I do I know that even then getting a virus or getting hacked is still quite possible. Should I go ahead and Re-Install My OS? Or are there some other things that I can try? Or am I just overreacting and being paranoid?
2
✅ Answers
If you have a real stubborn virus or wish to check for the kind of virus that can hide from the normal virus scanners, use the directions below.
First thing to try is to run RKill. The first link below discusses how it works and it is VERY IMPORTANT to read this page. The second link is for the virus removal guides offered by Bleepingcomputer. You will need another puter to download RKill and malwarebytes. You will need both of them on a thumb drive, DVD or a CD. RKill has different filenames because some malware will not allow processes to run unless they have a certain filename. Therefore when attempting to run RKill, if a malware terminates it please try a different filename. READ the instruction carefully on how to use the programs together.
http://www.bleepingcomputer.com/forums/topic308364…
http://www.bleepingcomputer.com/virus-removal/
If all else fails you will need to try to recover your data and files. If you can not boot into Windows to make a backup of your files then you can go to the link below and read on how to download a Linux Live CD to boot the system to recover what you want. If you have a Windows 8 puter then you need to turn of secure boot before using the CD. The live CD will also allow you to check out the rest of the puter. It helps to have a thumb drive or a external drive to copy your data and files to.
http://www.howtogeek.com/howto/windows-vista/use-u…
Since you are a IT tech I will not go into how to use recovery to reset your puter back to factory settings.
Source(s): TWB 35+ years of experience in the service industry. You name it, I have probably fixed it. I did not design it, I did not build it, I did not break it, but I am the one who can fix it. What that means is that I have spent a life time taking these things apart and seeing how they are made.
The difficult we do right away, the impossible just takes a little longer.
I hear voices, so please be quite so I can listen to them.
And how much time have you spent laboring thru all these burdensome tasks only to end up with the same uncertainty?
Sometimes the tsunamis of malicious acts overwhelms even the most diligent users resulting in compound PC misbehaviors, and no clear vector.
With Windows, the quickest method is reformat and be done with it.
Sidebar: Do you have these mods done on Chrome?