Keltec site virus
- Thread starter WyMark
- Start date
I got to it fine from work, but then went to another location and got the virus. I thought it must be coincidence, maybe that pc was infected already and it just happened to show up when I hit the site. Got that cleaned up and went home and pulled it up from there and got it again.
Not going to try again, though. It's a pretty ugly one.
Not going to try again, though. It's a pretty ugly one.
g.willikers
New member
Did you have to put the computer out of its misery?
No, but I'm missing a lot of desktop icons, my start menu is empty, and not sure what else yet. Look up System Check, it's some pretty nasty stuff. I'd let Keltec know I got it from their site, but I'm not going there again to find an email link. Maybe they already caught it and removed it by now.
Last Escape Pod
New member
My computer automagically blocked the website when I tried to get on it.
I wonder though, why would there be a virus on the Keltec website? What hacker would want to mess with them? I guess there's a really ****** off customer with coding skills or Colt can't take the competition.
I wonder though, why would there be a virus on the Keltec website? What hacker would want to mess with them? I guess there's a really ****** off customer with coding skills or Colt can't take the competition.
Crazy88Fingers
New member
A couple years ago hackers managed to take down my local car club's website. All 12 of us were pretty upset. Point is, some people just have too much free time on their hands.
imsobored152
New member
Download unhideme to bring em back. Combofix works real well doing away with viruses and will bring back your icons
Sent from my Samsung Galaxy using tapatalk
Thanks imsobored, I'll give those a try. Just finally got a chance to finish getting things cleaned up this morning. Was still having Google search redirect problems, downloaded fixtdss from Symantec and it found and removed a rootkit. So it's mostly back to normal.
I'll try the tools you listed and see if my Start menu comes back. I don't even have Control Panel on there now. Bastards.
Not sure if Keltec is aware, but I sure as hell ain't going back to see if it's fixed. This was a major pain in the ass. xxxxxxxxxxxxxxx
I'll try the tools you listed and see if my Start menu comes back. I don't even have Control Panel on there now. Bastards.
Not sure if Keltec is aware, but I sure as hell ain't going back to see if it's fixed. This was a major pain in the ass. xxxxxxxxxxxxxxx
Last edited by a moderator:
Glenn E. Meyer
New member
I hear your pain. I was trying to download a pdf from another university and my work computer took a hit like that. The IT guys took it away for major surgery.
The attack went right through all our supposed protections.
The attack went right through all our supposed protections.
imsobored152
New member
I used a symantec removal tool to get rid of a rootkit too. Except it was in my boot.ini file which effectively stopped windows from starting. So be careful with those
Sent from my Samsung Galaxy using tapatalk
Sent from my Samsung Galaxy using tapatalk
TriumphGuy
New member
I work in IT and can verify for certain that as of the time of this post, there is absolutely some bad mojo on their website. It's using the Sun Java plugin to download a virus called "Win32/Karagany.H" onto your computer. Here's the kicker. Karagany.H is something called a Trojan Horse virus. Its job is to download more bad things.
I'd recommend staying the heck off of that site until they have it sorted out. If you really must visit it, uninstall the Java runtime from your computer first. I'd also recommend having your PC fixed by a professional if you get a virus like this. You really don't want your credit card number and all of your passwords in the hands of some dirtbag running a botnet out of a third world country.
I'd recommend staying the heck off of that site until they have it sorted out. If you really must visit it, uninstall the Java runtime from your computer first. I'd also recommend having your PC fixed by a professional if you get a virus like this. You really don't want your credit card number and all of your passwords in the hands of some dirtbag running a botnet out of a third world country.
Crazy88Fingers
New member
Should us Mac guys be worried?
TriumphGuy
New member
Yes, you should be worried that you paid too much for your computer.
I kid. I have one and like it for the most part, though the only reason you don't see viruses for OS X is that the market share isn't big enough to make it worth the effort to write them.
Back on topic, I emailed Kel-Tec about the problem at about noon today and haven't heard back yet. I'm not in front of a computer that I can safely test it on to check whether or not it's safe to go back yet.
TriumphGuy
New member
I'm not sure. It's redirecting to their current URL though. As of right now, it looks like the virus is still present, BTW. I'm guessing that their IT staff is on vacation. If that happened where I work and lasted more than about 15 minutes, heads would roll and people would be looking for jobs.
Looks like it's been going on for weeks now, and Kel Tec is well aware of it.
http://www.thektog.org/forum/showthread.php?t=246024
My AVG came up as soon as I hit the site, I started trying to kill processes but then it locked me out of task manager. I tried to find the file AVG warned on to rename it, but then it rebooted me. At that point it's all over but the crying.
http://www.thektog.org/forum/showthread.php?t=246024
My AVG came up as soon as I hit the site, I started trying to kill processes but then it locked me out of task manager. I tried to find the file AVG warned on to rename it, but then it rebooted me. At that point it's all over but the crying.
TriumphGuy
New member
That makes me a lot less likely to buy that KSG I've been wanting. If they can't get it fixed, the site should be down or at least moved to a differently server. They're causing all kinds of customers to have to pay to have their computers fixed and putting them at risk for identity theft. That's pretty darn unprofessional.
Looks like they're getting hacked multiple times. That can be tough to deal with. If you're going to go to the KelTek site, be sure to have an antivirus app running and disable Java. I have it permanently disabled because few sites use it (it is different from JavaScript, which is in common use) and it's not worth the hassle. You can get a perfectly good antivirus program free from Microsoft, so there's no reason not to run one. Any decent AV program with current sig files would have blocked the virus. If there were 4 Rules for Computer Safety this would be one of them. I'm also suddenly somehow reminded of the kind of misinformation tossed around in Glock vs Colt conversations. They are both good products. Give it a rest and save the thread please.