Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

WORD macro virus - help & advice please [Solved]


  • This topic is locked This topic is locked

#61
trampas

trampas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 99 posts
Today on a different PC, connected to the internet via a firewall, I allowed adobe_updater.exe to run. It connected to an IP on one of the Akamei domains 184.84.x.x (is this normal ?).

A bit later I noticed that adobe_updater.exe had been hijacked and was connected to a different IP on the AAPT domain.

Guess what, a port scan (or very similar) was in progress. Literally thousands of connections had been set up between my firewall and PC.

I can see where that was heading but how don't understand how adobe_updater.exe got hijacked.

Edited by trampas, 20 April 2012 - 10:54 PM.

  • 0

Advertisements


#62
trampas

trampas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 99 posts
Thinking back over my experiences of the last few weeks, I've had infections or attempted infections on several occasions, all when I was doing an automatic software update. Google on one occasion, then Avira, then Adobe.

When I search for related information on the internet I find EvilGrade :

http://krebsonsecuri...ets-an-upgrade/

This, or something like it, is being used against me.

maliprog, which forum should this be going in ?
  • 0

#63
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP