norwegian
Premium
join:2005-02-15
Outback
 ·WestNet Broadband
1 edit | ongoing issues
gday all again,
what can i say this time
firefox opened checked ports 1031:used by IAD2 - BBN IAD,RAT: UltimateRAT
couterspy found visage PC surveillance(7 cases) in
c;\doc n set\allusers\applicdata\kasper AV personal\5.0\qmng.i0100,i0101,i0200,i0201,10300,i0301,qmng.repi
cws in c:\programfiles\tds3\ext.unp\upx.exe, but ive been assured that this is a false by tds(wilders sec)
spybot has found something im querying
winlogon \??\c:\WINDOWS\system32
a few processes in spybot dont have files associated just blank spaces, i can type them all out if ya want after
port 1062 RAT: Newon EDIT |
|
norwegian
Premium
join:2005-02-15
Outback
·WestNet Broadband
| that RAT issue, i have firefox set as the main browser and everytime i open about 10 different ips and i know firefox doesnt do that when clean, i only installed it this morning and i love it usually, so i realise the issue is elsewhere, but because its default it is getting the attention, even though all this is thru IE i dont get any of it......come on IE7 |
|
norwegian
Premium
join:2005-02-15
Outback
·WestNet Broadband
| reply to norwegian
to those who know whats happening just a note: that issue with kav, ive had that a coupla times where i was updating through their server, it almost downloads the whole file then stops , then it downloads the whole lot again
but counterspy had never picked it up before, i did send kaspersky an email before but never recieved an answer...maybe someone with a friend , and so on,might be able to pass it on, i think my whole issue started with it
anyway just a point to let you know
at least i know a bit of my question
and to think i was going mad over it.
happy easter to all good people |
|
norwegian
Premium
join:2005-02-15
Outback
·WestNet Broadband
| reply to norwegian
i cant figure it out, i just queried a link on dcs port ex, it was in process 300,(which my task manager says i dont have, but it was linked to kaspersky again, i cant understand that one, no trojans, spys otherwise, just scan with counterspy again and see, i couldnt link to kaspersky again, and it is supposed to be updating every hour, but havent seen a thing
why with all these issues it is an updater that is affected, or so it seems
i lost internet there too until i hooked up again and msn messenger flashed up breifly, yet i havent had that open for an hour, i have goto the link to open it and then sign in
oh well maybe one day i will find an answer to all these strange happenings |
|
norwegian
Premium
join:2005-02-15
Outback
·WestNet Broadband
| reply to norwegian
does anyone remember me posting a question on a startup program with no name.....it was put down to a bad uninstall.....well ITS BACK..... and no uninstalls
please someone must know what is going on, surely im not the only person on the planet with an issue like this |
|
norwegian
Premium
join:2005-02-15
Outback | reply to norwegian
i know came back to the computer to see windows messeger open linked to 207.46.106.72, which is microsofts site,is it them checking out my computer or someone bouncin, i have ascreen shot of it, but i doubt that will tell anyone much |
|
norwegian
Premium
join:2005-02-15
Outback
·WestNet Broadband
| reply to norwegian
i did a rootkit scan and found all files with kavichs on the end, i beleive this is normal, but i also found a regisrty entry in
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\(and some coding)
i tryed to get the screen shot to convert to something postable, but i think i need to install one of my photo programs to transfer from rich text 4MB to JPEG to show what i mean,
1 key reg_sz (default)
2 key devicedesc reg_sz (coded)
3 key deviceInstanceIds reg_multi_sz(driver-ati catalyst)
4 key displayname reg_sz (coded)
5 key MFG reg_sz (coded)
6 key providername reg_sz (coded)
7 reinstallstring reg_sz 6.14.10.64.67
is this normal |
|
norwegian
Premium
join:2005-02-15
Outback
·WestNet Broadband
| reply to norwegian
i found this file in %temp%, it isnt something regular in my temp file in the past, and in reading a bit of its files it mentions toshiba, which of which i have nothing on my computer , and i have had in the past file sharing on the internet thru epsons smart panel(port 4500), i cant remember the file rite now,
but i havent got around to installing any hardware other than ethernet and graphics card, maybe you can inform me more about it
i have passworded it too, but who gets that ??? |
|
norwegian
Premium
join:2005-02-15
Outback
·WestNet Broadband
| reply to norwegian
everything has been ok, until now....but it is a question for now
i went to a govt site in australia, looking for a site: worksafe
as i opened up the page, the ports went up by 10's until it was 300 odd and going
now i realise the amount of people accessing this site,but considering the issues at the moment i have to ask some one knowledgeable
there was no search happening, as i was on a page, not searching but was about to, so why would this happen
is it DoS and if it is, i cant handle big brother dragging my backside over it
i got a screen shot too for the reference if needed |
|
