Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Toughest nut to crack. No scanner can find it.


  • Please log in to reply

#1
IO-error

IO-error

    Member

  • Member
  • PipPipPip
  • 276 posts
Hi fellow geeks and tutors.

A few days ago I noticed I still had a persistent spy-/malware problem.
I'm unsure how to move on next. As buying a new harddisk is apparently the only way.
I changed harddisks four times now and it apparently installed itself as a rootkit on all of my harddisks and USB-sticks.

No scanner can find it, so I'm unsure what to do now.
I infected two other systems with this, which were first offline, but when I put it online, it also showed the same strange logs that my pc produced.
I'm throwing away the usb-stick as a precaution.

I'll include a logfile that I mined with Microsoft Network Monitor.
It also shows some other data, which is or might be privacy sensitive.
I don't censor them, because it might be related.

In the logfile you'll see a bunch of lines with DNS:QueryId = 0x1AF5, QUERY (Standard query)
They all go to websites that keep track of IP's and the visitor's time/amount.
There is no doubt about it, it's malware, written to visit websites to produce fake views.

I already scanned with every software you could image and I am willing to try each new program.
But if nobody can come up with something that fights new-age spy-/malware, then I would need to do buy a new harddisk.

Attached Files


  • 0

Advertisements


#2
Snaps

Snaps

    Member

  • Member
  • PipPip
  • 38 posts
If you feel its malware related then post a thread over in the malware section and see if an expert can fix it.
  • 0

#3
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
I suspect that you have some malware on your computer causing issues that we are not able to solve through means we can use here in the Tech Forums. I suggest you read the 'Start Here' topic found here. With these self-help tools you have a high chance of fixing the problems on your own. If you are still having problems after following Step 3 of the guide, continue with Step 4 and 5 and post in the Malware Forum. If you are unable to run any programs, Please create a topic stating what you have tried so far and that you are unable to run any programs. Also, Please do NOT post the logs in this thread.

If you are still having issues after the malware expert gives you a clean bill of health, Please return to THIS thread and we will pursue other options to help you solve your current problem(s).
Add a link to this topic so that malware tech can see what steps have been taken here
  • 0

#4
IO-error

IO-error

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 276 posts
Ah yes, I wasn't paying attention.
I thought I really was in the malware section already. Sorry, won't happen again.
  • 0

#5
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
Not a problem and good luck with your issue. :D
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP