Damn Virus

[The Russian]

Okay, this virus, every time I click a link it takes me to some spam website. The only way I am doing this is by manually typing in the location of what and where. AVG is running a scan now. This is probably from that 4chan image dumper that supposedly didn't work. I wanted to post a bunch of funny pictures. Don't get the wrong idea, it wasn't research. It just started a couple minutes ago.

AVG found this:
"The file is signed with a broken digital signature. issued by: Microsoft Corporation."
"Location: C:\Program Files\Steam\steamapps\common\stormrise\\gfwlsetup\gfwlivesetup.exe"

I doubt that's the problem and AVG isn't done yet. Also there was some strange code in between some of the php code in the web address when I hovered over the "login" button. Something about "PHPSSID"
Help me out :(

[Ad Bot]

[Miga]

gwflivesetup = Games for Windows Live installer, definitely not it.

4chan image dumper

Lol.

4chan

Lol'd again.

[The Russian]

Okay yeah I know. I was sleepy and still sleepy, I usually get on 4chan and do handicapped things when I'm sleepy.

Now help me deal with my problem :C

Could this be something like a tracking cookie/cookie?

[The Russian]

Found the following between "index.php?" and "action=login":
"PHPSESSID=5b1qjomjsh95k6v52mys9esl67&"
I read it carefully and I think it means that it will open some random webpage for a certain amount of time THEN go where I want.

[General Nick]

Found the following between "index.php?" and "action=login":
"PHPSESSID=5b1qjomjsh95k6v52mys9esl67&"
I read it carefully and I think it means that it will open some random webpage for a certain amount of time THEN go where I want.

Probably a tracking cookie or some form of way to get you to a site with viruses.

[The Russian]

Well Nick. AVG finished the scan and came up with 3 tracking cookies.

[(Hit Man)]

Go for it. remove em

[BobSevenSevens]

Internet  will eat those 3 Internet  s!

Did you laugh?

[Sirrus]

Also: Unless you downloaded something else from the internet with one of your Steam game's folder as your target directory, I seriously doubt Steam is going to be distributing viruses.

[Jacob/Lee]

Also: Unless you downloaded something else from the internet with one of your Steam game's folder as your target directory, I seriously doubt Steam is going to be distributing viruses.

Yes, Steam actually cares about all of there customers and members unlike most distributers.

[OneWithFire]

Yes, Steam actually cares about all of there customers and members unlike most distributers.

Uhhhhhh....

No.

[The Russian]

I never really suspected Steam at all. I went to bed and shut down my computer (after removing the tracking cookeis and nothing happening) and this morning ran another scan with AVG.


Guess what it found


It found a file with a reference to an infected file. As soon as the trojan horse was deleted, my interwebs started working again.

[The Russian]

Oh and it found another 2 trojans and 4 tracking cookies. It's all clean now.

[theunknown56]

Internet  will eat those 3 Internet  s!

Did you laugh?

ehh..

[Conan]

Internet  will eat those 3 Internet  s!

Did you laugh?

No.

Get out.

Ontopic: The virus probably haxed a executable, rewrote part of it. Maybe that's why Microsoft said that it had a broken digital signature.

Do some studying on Wikipedia.