[SOLVED] White screen with red countdown timer - - - is this some sort of hijacker or virus ?

Toggle sidebar Toggle sidebar
TorQueMoD

TorQueMoD

Distinguished
Aug 29, 2008
116
5
18,695
I have no idea what happened. I was just working on my game design, and then randomly this timer came up on the screen. Rather, I should say I was unwrapping a model, and when I finished and minimized 3DS Max, this timer was on screen. It's not stopping me from doing anything. Windows works as normal aside from the giant timer counting to negative infinity? lol

View: https://youtu.be/l0stwMRsi6Y


There doesn't seem to be any program running. I've just been backing up my old HDD with TeraCopy to a new NVMe SSD. Maybe this got on to my system before and copying the files over triggered it?

It's a brand new desktop PC running Windows 11.
I added my dxdiag to Pastebin: https://pastebin.com/5yB1XVsh
 
Ralston18 said:
Full disclosure: I did not view the YouTube video or open the link to dxdiag.

Just as a matter of being very cautious....

= = = =

Look in Process Explorer (Microsoft, free) for any unexpected or unknown processes that are running.

https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer
Click to expand...
I don't mean to sound rude, but you know you can't get infected by a video or a text file right? I understand wanting to be cautious, but there's a point where it crosses into too cautious 😛

Nothing out of the ordinary that I can see with Process Explorer. Not that I really know what I'm looking for.
Windows Defender and Malware bytes both turned up nothing. Or, rather Malware bytes thought that AccuRig (an automatic character rigging software from Reallusion) was a PUP, so it found one false positive.

https://imgur.com/waBJhka
View: https://imgur.com/waBJhka


https://imgur.com/cjvj7Pu
View: https://imgur.com/cjvj7Pu
 
Last edited:
I was looking at the startup programs, and found one that was simply called "Program" that was running. I disabled it from Starting with Windows and then tried to figure out where it was coming from but windows returned the error "Cannot find that file" or whatever. I rebooted my computer and it's gone. We'll see if it shows up again. It might just be the most ineffectual hijacking program ever made, or some sort of distraction tactctic? I dunno. I unplugged my internet the moment I saw it too, but Windows Firewall has been running the whole time so I doubt it was actually someone trying to get access. Who knows?
https://imgur.com/a/UZGdjYI
View: https://imgur.com/a/UZGdjYI
 
TorQueMoD said:
I don't mean to sound rude, but you know you can't get infected by a video or a text file right? I understand wanting to be cautious, but there's a point where it crosses into too cautious 😛
Click to expand...
You can definitely get infected by a video or a text file, but not by streaming a video from YouTube.
 
@TorQueMoD

Who knows how "Program" slipped in.

In Process Explorer use sorting to list usage from high to low via the column headers.

Click the column header and you should see a small upward or downward pointing > indicating that the column can sorteded and how it is sorted.

Imgur images are static so there is no way to change views or sorts in the posted screenshots.

However printing out the images/screenshots can be useful as a reference for comparison purposes. If the countdown comes back then look for what else may have changed.

= = = =

As for infection vectors - google, if necessary, "zero day virus".

There are many bad guys out there very focused on data theft, spying, and simply outright vandalism/destruction. They use fake/counterfeit websites, common key typo combinations, misleading instructions.... Endless opportunities and exploits.

If you have ever gone online looking for some document - the document is likely to show up. Clicking the offered link however can result in all sorts of alerts and alarms. Real and fake.

My definition of "too cautious": shutting down my computer, locking it up, throwing away the key. :)

And lots of backups - just in case.
 
  • Like
Reactions: TorQueMoD
I just realized I didn't post my solution. Here it is:

I openedTask Manager then opened the Startup tab. I sorted by Publisher Descending (Click on Publisher twice) so it showed me programs that did not have a Publisher listed at the top of the list (and in my mind most likely to be the culprit) and there was a program simply called "Program" so I disabled it and rebooted. Problem solved. Hope it helps someone else.
 
JayGau said:
You can definitely get infected by a video or a text file, but not by streaming a video from YouTube.
Click to expand...
Really? I thought you had to run an exe or a macro. How could a video or txt file contain a virus? There's nothing to execute. Maybe you could make an executable look like a video or txt file, but it seems crazy to me the actual files could execute a virus.
 
Code is code.

If the computer is presented a series of bits that instructs the computer to do something then the computer will do so.

For the most part AV software etc. is used to watch for series of bits that are instructing the computer to do something that is known to be malignent and/or out of context.

Overall, the biggest problem is end users who tend to click before thinking.

To be fair though, the bad actors are always coming up with new schemes and attacks.

You cannot be too cautious.
 
@TorQueMoD I tried to respond on your video, but was unable. I wanted to let you know that this ISN'T a virus! I've been speaking to an online community about this issue after it occurred to me.

I noticed that you have PowerToys in your list of processes, and I also use Powertoys. Which is relatively rare. Upon speaking to this online community they pointed out to me that Ctrl + 3 opens a timer when you have 'ZoomIt' enabled in PowerToys!
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom