Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 06-01-2009, 12:32 PM   #1
Baseband Member
 
Join Date: Oct 2007
Posts: 82
Default a trojan virus and a hacker

Hello,

I have reason to believe that someone is trying to hack into my computer with the help of a virus I seem to have contracted.

It all started with WinPC Antivirus being inadvertently installed on my computer. I was able to get rid of it (found the executable and deleted it and was no longer bothered by anything to do with WinPC Antivirus), but since then my real antivirus software has been detecting a couple malicious things:

1) Every time I boot my computer (and at random moments on occasion) it tells me it detected the virus Trojan.Win32.TDSS.adzx. It is unable to disinfect or delete the file, but seems to be able to quarantine it successfully (although the warning keeps coming back).

2) Once in a while it tells me that my firewall has successfully blocked an intrusion attempt (called "Nmap TCP scan"), and it gives me the details:

remote address: 220.191.241.2
remote port: http(80)
local address: 192.168.1.101
local port: 43293
DNS name: 189.43.134.140.digi.com.br

Is there anything I can do about either of these problems?
__________________

gib65 is offline   Reply With Quote
Old 06-01-2009, 12:44 PM   #2
Site Team
 
celegorm's Avatar
 
Join Date: Sep 2006
Posts: 10,713
Send a message via AIM to celegorm
Default Re: a trojan virus and a hacker

View this post. I've used this program a lot recently and it's given me great results.

http://www.bleepingcomputer.com/foru...post&p=1278885
__________________

__________________
"as a fanboy i refuse to admit it and will pull countless things out of my butt to disprove it"

Team Thelegorm! Total Kills: 21 (i iz in uor profile, editsing your sigz)
celegorm is offline   Reply With Quote
Old 06-01-2009, 03:58 PM   #3
Baseband Member
 
Join Date: Oct 2007
Posts: 82
Default Re: a trojan virus and a hacker

Hi celegorm,

I'll have a look at that site and report back.
gib65 is offline   Reply With Quote
Old 06-01-2009, 07:18 PM   #4
Fully Optimized
 
Spec's Avatar
 
Join Date: Aug 2005
Posts: 1,641
Default Re: a trojan virus and a hacker

I think you stole that link from me posting it everywhere but alright...
__________________
Thermaltake ARMOR/ mATX intelG33 Motherboard/4gb G.SKILL High Gaming Performance ddr2-1200/Radeon 3870 1gb edition/850w Thermaltake superduty psu

PokerDegenerate: Don't listen to these guys, I like the IDE makes it look vintage like a 68 Camaro SS...
Spec is offline   Reply With Quote
Old 06-04-2009, 11:31 AM   #5
Baseband Member
 
Join Date: Oct 2007
Posts: 82
Default Re: a trojan virus and a hacker

Well, I gave that ComboFix a shot and the virus is still there.

I post the log anyhow - it's at http://www.shahspace.com/combofix.txt. Maybe someone can gleen something from it.
gib65 is offline   Reply With Quote
Old 06-05-2009, 04:19 AM   #6
Solid State Member
 
Net_Surfer's Avatar
 
Join Date: Jun 2009
Posts: 6
Default Re: a trojan virus and a hacker

Quote:
Originally Posted by celegorm View Post
View this post. I've used this program a lot recently and it's given me great results.

http://www.bleepingcomputer.com/foru...post&p=1278885
Hi Guys,
my ears were ringing, so I have to come here and see what was all about

Just kidding.

I am Net_Surfer from BleepingComputer and the one helping the victim with a virus problem in that link that you suggested.


gib65 invited me here to view his problem with a virus, So I send a PM and I hope gib65 will reply back and follow my advise.

I can help the member's here if you will like, but it will be better if they go to bleepingcomputer and open a topic there so they can get help with malware.

gib65, I will add a little note about using ComboFix:


Hello gib65,
ComboFix is a program, created by sUBs, that scans your computer for known malware, and when found, attempts to clean these infections automatically. In addition to being able to remove a large amount of the most common and current malware, ComboFix also displays a report that can be used by trained helpers to remove malware that is not automatically removed by the program.

You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.


A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.

Combofix is a very complex and dangerous tool. It is not a one fit all tool and it is not automatically removing what needs to be removed by itself. It is like a scalpel in the hands of a surgeon. A surgeon can remove exactly what is need and no more while an untrained person would either cut too much or not enough.

Combofix is powerful enough to be able to render your computer unbootable if used wrongly or to leave your computer infected if you do not know what you are doing.

ComboFix SHOULD NOT be used unless requested by a forum helper



Please do not install any new programs or update anything unless told to do so while we are fixing your problem.

If you need help with malware removal, then please create a topic at Bleepingcomputer and ask for help. Please note that the forum has policies, so please be sure to read any pinned topics and rules for the forum about how you should go about receiving help. there you will find the instructions about how to use DDS scan tool.
You will need to run DDS scan tool and post the logs in your new topic then send me the link of your thread via PM so I can analyze them and after that I will be able start your fix.

Please note that ComboFix Tool gets updated every few days and the copy that you have will be an old one that I can not use, but I will need to see the log it created "IF" you ran it, if you did not ran it then please wait until I advise you to use it, the log will be here if you did run it : "C:\ComboFix.txt" so post that log alone with the DDS logs.


A clean up would not happen in one evening, volunteers are in different time zones and have their own life too, however I will try to help you as fastest I can.

Kind regards
Net_Surfer
__________________

Net_Surfer is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 04:10 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0