What's new
By:
  • Visit Rebornbuddy
  • Visit Panda Profiles
  • Visit LLamamMagic
  • Visit Resources
  • Visit Downloads
  • Visit Portal

strange connection

Z

zoktar

New Member
Joined
Jul 20, 2010
Messages
285
Reaction score
1
svchost.exe TCP xxxxxxxx: 58880 91.212.158.75: 443 ESTABLISHED

91.212.158.75 leads through some weird russian hosts, im i infected what do u think?, iv run multiple scans adware,malware,spyware,anti-virus.

just wanted to make sure this wasnt some hb/gb thing.

im tryin to find out whats giving me 1k ms sometimes, case im part of some annoying botnet :/ ddos i mean ;P
 
Last edited:
Hi there,

I am not so sure if you are still having this problem on your machine, but one in my company had. I had actually the same behaviour as you had, even though scans with various AV Vendors, MBAM or other tools didn't helped at all.

Nevertheless I saw a new application installed called 'Malware Detector', which I classified as a ScareWare / FakeAV Application.

I took the files and submitted them to various vendors - so they will release soon a fix.

In case you want to have a look on your own, check out %APPDATA% on your machine for any strange folders. I found the infection in there (typical location for such files / applications)

BTW: What OS are you running?

Regards
 
windows 7 64bit, after some digging i found other AV software and i was indeed infested with multiple virus/scamware etc., and still am, im in progress of a reinstall.

apperently "new" type of malware does some odd installation making it invisible to normal AV/spyware scans, i installed some anti virus app that scans through the different boot up phases, let me see if i can find it again. well i cant find it, doh, i uninstalled it cause besides the boot up scans, i was doin lot of other stuff, and i was sort of bizzy. anyway it did find everything i think, but it wasnt able to remove everything, as i still have some adware installed. it could have been trojan killer, but i dont think it was.
ifaqu said:
Hi there,

I am not so sure if you are still having this problem on your machine, but one in my company had. I had actually the same behaviour as you had, even though scans with various AV Vendors, MBAM or other tools didn't helped at all.

Nevertheless I saw a new application installed called 'Malware Detector', which I classified as a ScareWare / FakeAV Application.

I took the files and submitted them to various vendors - so they will release soon a fix.

In case you want to have a look on your own, check out %APPDATA% on your machine for any strange folders. I found the infection in there (typical location for such files / applications)

BTW: What OS are you running?

Regards
Click to expand...
 
Last edited:
Hi zoktar,

I recommend to you, to download MBAM (Malwarebytes' Anti-Malware: Malwarebytes) .. It's free of charge, on the link you will find the download button for the free version.

Anyway, once installed you can update MBAM and have your machine checked. I don't know if MBAM is already able to detect it, but worth to try as I always had good experience with this.

In case you would need further assistance, let me know.
 
MBAM didnt detect the ones i had, but i usually have it installed, these new types of trojans installs itself into windows own "protection" thingys(basicly windows wont allow you to even read these types of files even tho they are run, etc), thats why normal antiviris/malware wont find them, it really annoying. im on the hunt after that antivirus i had earlyer, so i have it ready when i reinstall, it was a quite extensive program, after it would do very thorough scans of virtually every layer of windows, it would allow immunity. tho i was ridden with malware at the time, and i did not have time to go through the whole process, my thought was that after a new install id do this, and ofc iv deleted and forgot what it was called sigh. i reinstalled trojan killer and i remember i did install this and it did find some stuff other av software didnt find it was not this awsome, boot phase scanner. im still looking for it again.


edit: http://www.greatis.com/unhackme/
i think it was this software, installing it now.
ifaqu said:
Hi zoktar,

I recommend to you, to download MBAM (Malwarebytes' Anti-Malware: Malwarebytes) .. It's free of charge, on the link you will find the download button for the free version.

Anyway, once installed you can update MBAM and have your machine checked. I don't know if MBAM is already able to detect it, but worth to try as I always had good experience with this.

In case you would need further assistance, let me know.
Click to expand...
 
Last edited:
Hm, the only application in regards to 'immunity' that pops to my mind would be 'Spybot Search & Destroy' OR Immunet ...

Hope this helps...
 
ye it was this unhackme software, it quite complicated and can messup your windows if ur not carefull..

edit: i think this is the hottest root kit removal software that currently exists. tho the author has made like 100 forks of it so i donno what to buy lol. and i think his English is limited when observing sentences made lol. like this one

"I'm not familiar with computer security and I'm afraid to use RegRun but I'm sure that I'm infected."

Don't worry to hesitate our support team.

thought it was kinda funny to worry about hesitating the support team =)
 
Last edited:
You must log in or register to reply here.
Back
Top