Go Back   Computer Forums > General Computing > Hardware
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 05-07-2009, 08:43 AM   #1
Bogan
 
Neodude112320's Avatar
 
Join Date: Feb 2006
Location: Australia
Posts: 8,471
Send a message via MSN to Neodude112320
Default Strange Network and Virus Issues

Ok,First of all when i surf the internet ,occasionally i'll get a page resdirect to http://truconv.com/?a=157&s=3 and fire fox will give me this warning;

Quote:
Reported Attack Site!


This web site at truconv.com has been reported as an attack site and has been blocked based on your security preferences.




Attack sites try to install programs that steal private information, use your computer to attack others, or damage your system.

Some attack sites intentionally distribute harmful software, but many are compromised without the knowledge or permission of their owners.
And then when i was in my Routers logs i noticed:

Quote:
Sun, 2009-05-03 09:09:31 - TCP Packet - Source:85.190.0.3,45618 Destination:220.253.185.71,1025 - [DOS]
Sun, 2009-05-03 09:09:31 - TCP Packet - Source:85.190.0.3,44232 Destination:220.253.185.71,58 - [DOS]
Sun, 2009-05-03 09:09:31 - TCP Packet - Source:85.190.0.3,44407 Destination:220.253.185.71,1027 - [DOS]
Sun, 2009-05-03 09:09:31 - TCP Packet - Source:85.190.0.3,43104 Destination:220.253.185.71,8000 - [DOS]
Sun, 2009-05-03 09:09:31 - TCP Packet - Source:85.190.0.3 Destination:220.253.185.71 - [PORT SCAN]
Sun, 2009-05-03 09:09:31 - TCP Packet - Source:85.190.0.3,51500 Destination:220.253.185.71,1025 - [DOS]
Sun, 2009-05-03 09:09:34 - TCP Packet - Source:85.190.0.3 Destination:220.253.185.71 - [PORT SCAN]
Sun, 2009-05-03 09:09:34 - TCP Packet - Source:85.190.0.3,44232 Destination:220.253.185.71,58 - [DOS]
Sun, 2009-05-03 09:09:34 - TCP Packet - Source:85.190.0.3,39518 Destination:220.253.185.71,2280 - [DOS]
Sun, 2009-05-03 09:09:34 - TCP Packet - Source:85.190.0.3,44407 Destination:220.253.185.71,1027 - [DOS]
Sun, 2009-05-03 09:09:34 - TCP Packet - Source:85.190.0.3 Destination:220.253.185.71 - [PORT SCAN]
Sun, 2009-05-03 09:09:34 - TCP Packet - Source:85.190.0.3,56700 Destination:220.253.185.71,559 - [DOS]
Sun, 2009-05-03 09:09:34 - TCP Packet - Source:85.190.0.3 Destination:220.253.185.71 - [PORT SCAN]
Sun, 2009-05-03 09:09:34 - TCP Packet - Source:85.190.0.3,57914 Destination:220.253.185.71,559 - [DOS]
Sun, 2009-05-03 09:09:34 - TCP Packet - Source:85.190.0.3 Destination:220.253.185.71 - [PORT SCAN]
Sun, 2009-05-03 09:09:40 - TCP Packet - Source:85.190.0.3,56072 Destination:220.253.185.71,1202 - [DOS]
Sun, 2009-05-03 09:09:40 - TCP Packet - Source:85.190.0.3,45047 Destination:220.253.185.71,80 - [DOS]
Sun, 2009-05-03 09:09:40 - TCP Packet - Source:85.190.0.3,39528 Destination:220.253.185.71,8090 - [DOS]
Sun, 2009-05-03 09:09:40 - TCP Packet - Source:85.190.0.3,36275 Destination:220.253.185.71,63000 - [DOS]
Sun, 2009-05-03 09:09:40 - TCP Packet - Source:85.190.0.3 Destination:220.253.185.71 - [PORT SCAN]
Sun, 2009-05-03 09:09:40 - TCP Packet - Source:85.190.0.3,43147 Destination:220.253.185.71,1098 - [DOS]
And Lastly,I keep on getting Trojan Horse BHO.IIJ and Trojan BHO.IIK?? I Have AVG With everything on and working,what the hell is going on? Im going to do some scanning using some other tools and report what happends.
__________________

__________________
Desktop:BitFenix Survivor~Gigabyte GA-P67A-UD3R~ i7 2600K @ 4hz~AMD 6870 1GB~12gb Team Elite DDR3 1333~3xWD In RAID5~W7 Ult
Laptop:Alienware M11x~ i7-2637M 1.7GHz~16GB 1333MHz DDR3~GeForce GT 540M~W7 Ult
Neodude112320 is offline   Reply With Quote
Old 05-07-2009, 09:03 AM   #2
Wizard of Wires
 
setishock's Avatar
 
Join Date: Feb 2005
Location: Not sure
Posts: 10,030
Default Re: Strange Network and Virus Issues

BHO means Browser Helper Object. That is an add on to your browser that is making the redirects. In IE go look at the objects and files, For FF check the skins and add ons you're using.
You should also close all ports on your router and go completely dark. My systems will not respond to a port scan. Nada, Zippo, totally unresponsive. As far as a ping, it dies in the two routers. You see all the ports standing open? You need to close all of them off.
__________________

setishock is offline   Reply With Quote
Old 05-07-2009, 09:28 AM   #3
Bogan
 
Neodude112320's Avatar
 
Join Date: Feb 2006
Location: Australia
Posts: 8,471
Send a message via MSN to Neodude112320
Default Re: Strange Network and Virus Issues

Well the things is i have the routers firewall up and running?

Also im getting redirected here aswell:

I Went through my addons on IE and FF and still have the same issue,i havnt installed any addons for both since my last re-install which was 2 months ago and i have only had this problem for about 1 week.
__________________
Desktop:BitFenix Survivor~Gigabyte GA-P67A-UD3R~ i7 2600K @ 4hz~AMD 6870 1GB~12gb Team Elite DDR3 1333~3xWD In RAID5~W7 Ult
Laptop:Alienware M11x~ i7-2637M 1.7GHz~16GB 1333MHz DDR3~GeForce GT 540M~W7 Ult
Neodude112320 is offline   Reply With Quote
Old 05-07-2009, 10:35 AM   #4
Site Team
 
celegorm's Avatar
 
Join Date: Sep 2006
Posts: 10,713
Send a message via AIM to celegorm
Default Re: Strange Network and Virus Issues

Run NOD32's online scanner. Also get Malwarebytes and run that.

THen I would try running combofix and see where all that gets you.
__________________
"as a fanboy i refuse to admit it and will pull countless things out of my butt to disprove it"

Team Thelegorm! Total Kills: 21 (i iz in uor profile, editsing your sigz)
celegorm is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 02:59 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0