Trojan
- Thread starter sdy234
- Start date
ken545
Emeritus-Security Expert
Log looks ok. How is your system running ?
ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan
*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.
The log that was produced after running ESET Online Scanner.
ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan
*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.
- Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan - Click the
button.
- For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on to download the ESET Smart Installer. Save it to your desktop.
- Double click on the icon on your desktop.
- Click on
- Check
- Click the button.
- Accept any security warnings from your browser.
- Check
- Make sure that the option "Remove found threats" is Unchecked
- Push the Start button.
- ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time. - When the scan completes, push
- Push , and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply. - Push the button.
- Push
The log that was produced after running ESET Online Scanner.
Hi,
so...I installed and run the programm.
It did not find anything, so I was not able to get a text file.
I made a screenshot from the result.
So a false positive?
Is there anything I can do Spybot wont find that the next time I run it????
And how do I get rid of these weird registry entries (track) emtioned in the scan? (see capture 2)
Thank you so much for your time and patience!!!!!
i really appreciate it......
Now I can take care of other problems...............nice DOS attacks for example..............
Never ending story with the Windows engine..............
sdy234
so...I installed and run the programm.
It did not find anything, so I was not able to get a text file.
I made a screenshot from the result.
So a false positive?
Is there anything I can do Spybot wont find that the next time I run it????
And how do I get rid of these weird registry entries (track) emtioned in the scan? (see capture 2)
Thank you so much for your time and patience!!!!!
i really appreciate it......
Now I can take care of other problems...............nice DOS attacks for example..............
Never ending story with the Windows engine..............
sdy234
Attachments
Hi,
that is something my router showed me in its logfile....timestamps of DOS attacks.... am working on it....means work on getting smarter..........
the routers software sucks, sorry..... can't block Mac or IP adresses............the router i had in europe was by far better to handle.........
that is something my router showed me in its logfile....timestamps of DOS attacks.... am working on it....means work on getting smarter..........
the routers software sucks, sorry..... can't block Mac or IP adresses............the router i had in europe was by far better to handle.........
ken545
Emeritus-Security Expert
Seems to me you should reset your router and your cable/DSL modem. Then install a good firewall
http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-firewall.htm
http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-firewall.htm
guess I am blonde............
I know Internet got super insecure nowadays. I am working on getting smarter....the books are piling up....but all these PC issues keep me away from studying them..............and honestly, my mind is set to transfer to Linux. But I need this windows engine for my spouse............and I am the only one careing for Updates/Antivirus/ etc............
I have never had so many issues at once.......
Because of these DOS Attacks and a MAC Adress that always gets rejected and does not belong to any of our devices (I checked them all), I shut down the whole system, if we do not need it.
Pulling the plug.
Maybe not the most advanced way to solve the problem.....
I studied the manual from my router..... it is weird, that I do not find the firewallsettings in my routers settings as described in the manual.... I checked all menue entries............ ?????????
As far as resetting......I guess you do not mean just to unplug the modem/router plug.... right......
I wished I knew more about this Tech stuff..... its not a lack of interest, more finding the right sources and internet is great, but it takes sometimes forever to find qualified information, that gives you hands on advice.........
I really do hope to meet some people here in the future (who know more than me) I can bother with my questions.......
I knew about zonealarm, but can't tell you, why I did not install it after the recovery I did in December....
Was not sure if it is compatible with the windows firewall...guess that was the problem....
Is it compatible with Windows-Firewall and Avast?
So, reset the whole system. Sounds good to me........makes sense.........
But, how do I do that? is it that Factory reset Button in the router setting software?
And still, there are so many things I do need to make research on from WSP till port forwarding, port triggering...........and so on.....list is endless long.
My magnetboard is full with topics to learn.
The transfer from a just windowclicking person without knowing what really is going on, I work my way through, to a person, that understands the system under the hud. But it really is a challenge right now and time consuming
But I am working on it.
Like I mentioned before..... if it was just my engine..... Linux. Immediately! And my personal pc will be hopefully soon transfered to Linux.
But that has to wait till this windows engine is ready to go..... and secure.
Wished I would have studied that computer stuff or have more people around me who are interested in that stuff.....
I know, you are here to help with malware removal..... but if you could give me advice how to reset that whole system, it would be great.
I really do apologize for asking so much!
sdy234
I know Internet got super insecure nowadays. I am working on getting smarter....the books are piling up....but all these PC issues keep me away from studying them..............and honestly, my mind is set to transfer to Linux. But I need this windows engine for my spouse............and I am the only one careing for Updates/Antivirus/ etc............
I have never had so many issues at once.......
Because of these DOS Attacks and a MAC Adress that always gets rejected and does not belong to any of our devices (I checked them all), I shut down the whole system, if we do not need it.
Pulling the plug.
Maybe not the most advanced way to solve the problem.....
I studied the manual from my router..... it is weird, that I do not find the firewallsettings in my routers settings as described in the manual.... I checked all menue entries............ ?????????
As far as resetting......I guess you do not mean just to unplug the modem/router plug.... right......
I wished I knew more about this Tech stuff..... its not a lack of interest, more finding the right sources and internet is great, but it takes sometimes forever to find qualified information, that gives you hands on advice.........
I really do hope to meet some people here in the future (who know more than me) I can bother with my questions.......
I knew about zonealarm, but can't tell you, why I did not install it after the recovery I did in December....
Was not sure if it is compatible with the windows firewall...guess that was the problem....
Is it compatible with Windows-Firewall and Avast?
So, reset the whole system. Sounds good to me........makes sense.........
But, how do I do that? is it that Factory reset Button in the router setting software?
And still, there are so many things I do need to make research on from WSP till port forwarding, port triggering...........and so on.....list is endless long.
My magnetboard is full with topics to learn.
The transfer from a just windowclicking person without knowing what really is going on, I work my way through, to a person, that understands the system under the hud. But it really is a challenge right now and time consuming
But I am working on it.
Like I mentioned before..... if it was just my engine..... Linux. Immediately! And my personal pc will be hopefully soon transfered to Linux.
But that has to wait till this windows engine is ready to go..... and secure.
Wished I would have studied that computer stuff or have more people around me who are interested in that stuff.....
I know, you are here to help with malware removal..... but if you could give me advice how to reset that whole system, it would be great.
I really do apologize for asking so much!
sdy234
ken545
Emeritus-Security Expert
Good Morning,
Let me ask you, why would hackers want to hit a home user with a DDOS attack, you must be reading the log wrong. If you install Zone Alarm it will turn off the windows firewall as just like Anti Virus you just need one, more than one AV and Firewall are just overkill and can cause problems. Zone Alarm is great and will block most attacks in and out of your computer. Its somewhat normal to have a firewall block access.
The router has a reset button , most are on the back or the bottom of the unit, you just press it in with a ball point pen or paper clip and hold it in for 10 seconds or so and it clears the router...BUT...then you will have to reinstall it to get back online, so you have the disk that came with it.? You can also turn off your computer, turn off the router by pulling the power cord out of the back of it, then turn off your modem the same way. Then let it all set for about 5 minutes this will flush it all out. Then turn back on your modem first and wait until all the lights come back on, then your router, same thing, then turn your computer back on.
Let me know what you want to do
Let me ask you, why would hackers want to hit a home user with a DDOS attack, you must be reading the log wrong. If you install Zone Alarm it will turn off the windows firewall as just like Anti Virus you just need one, more than one AV and Firewall are just overkill and can cause problems. Zone Alarm is great and will block most attacks in and out of your computer. Its somewhat normal to have a firewall block access.
The router has a reset button , most are on the back or the bottom of the unit, you just press it in with a ball point pen or paper clip and hold it in for 10 seconds or so and it clears the router...BUT...then you will have to reinstall it to get back online, so you have the disk that came with it.? You can also turn off your computer, turn off the router by pulling the power cord out of the back of it, then turn off your modem the same way. Then let it all set for about 5 minutes this will flush it all out. Then turn back on your modem first and wait until all the lights come back on, then your router, same thing, then turn your computer back on.
Let me know what you want to do
Good evening,
believe my this laptop is the most uninteresting one ever........after a recovery with deleting all files anyway.
How do I interpret this then right? Wouldn't insist I make mistakes here....
[WLAN access rejected: incorrect security] from MAC address 4c:82:cf:80:0e:96, Thursday, January 09,2014 21:43:00
[DoS Attack: ACK Scan] from source: 17.149.36.122, port 443, Thursday, January 09,2014 21:42:55
[WLAN access rejected: incorrect security] from MAC address 4c:82:cf:80:0e:96, Thursday, January 09,2014 21:42:51
[DoS Attack: ACK Scan] from source: 74.125.20.188, port 5228, Thursday, January 09,2014 21:42:41
[WLAN access rejected: incorrect security] from MAC address 4c:82:cf:80:0e:96, Thursday, January 09,2014 21:42:41
The DOS stopped. Do not know why. But whenever I turn on the wireless signal, this MAC adress glues on me.......... every few minutes....
I would like to do a clean reset. Building up the internetconnection , router, modem relationship from scratch.
Would like to delete the network in windows, too.
I was just wondering, if I turn off the SSID sending signal....my before attached ipad cant connect anymore.
Some settings like Broadcast signal, are every time turned on back, even I turn it of and leave the settings....
In the manual are Firewall settings explained, (and it is the right model one) , but cant find them either....
I will install zonealarm, but remember having there problems to with entries, that want to connect, but their names were not clear to me, what exactly it is....
This does not tell me anything either....regarding that sticky MAC adress of mine.............
Company Echostar Technologies
Prefix 4C:82:CF
Address space 4C:82:CF:00:00:00 - 4C:82:CF:FF:FF:FF
Address 94 Inverness Terrace E
Englewood CO 80112
United States
will get to work.
sdy234
believe my this laptop is the most uninteresting one ever........after a recovery with deleting all files anyway.
How do I interpret this then right? Wouldn't insist I make mistakes here....
[WLAN access rejected: incorrect security] from MAC address 4c:82:cf:80:0e:96, Thursday, January 09,2014 21:43:00
[DoS Attack: ACK Scan] from source: 17.149.36.122, port 443, Thursday, January 09,2014 21:42:55
[WLAN access rejected: incorrect security] from MAC address 4c:82:cf:80:0e:96, Thursday, January 09,2014 21:42:51
[DoS Attack: ACK Scan] from source: 74.125.20.188, port 5228, Thursday, January 09,2014 21:42:41
[WLAN access rejected: incorrect security] from MAC address 4c:82:cf:80:0e:96, Thursday, January 09,2014 21:42:41
The DOS stopped. Do not know why. But whenever I turn on the wireless signal, this MAC adress glues on me.......... every few minutes....
I would like to do a clean reset. Building up the internetconnection , router, modem relationship from scratch.
Would like to delete the network in windows, too.
I was just wondering, if I turn off the SSID sending signal....my before attached ipad cant connect anymore.
Some settings like Broadcast signal, are every time turned on back, even I turn it of and leave the settings....
In the manual are Firewall settings explained, (and it is the right model one) , but cant find them either....
I will install zonealarm, but remember having there problems to with entries, that want to connect, but their names were not clear to me, what exactly it is....
This does not tell me anything either....regarding that sticky MAC adress of mine.............
Company Echostar Technologies
Prefix 4C:82:CF
Address space 4C:82:CF:00:00:00 - 4C:82:CF:FF:FF:FF
Address 94 Inverness Terrace E
Englewood CO 80112
United States
will get to work.
sdy234
ken545
Emeritus-Security Expert
Those smileys came because of the Fs for the address you posted being close together created them, no biggie
https://www.google.com/search?q=Ech...7&sourceid=chrome&espv=210&es_sm=122&ie=UTF-8
You can try resetting your router by pressing in the reset button like I posted before, this will wipe it back to factory defaults, then you can go into the Control Panel > Networking and Sharing Center > Manage Wireless Neworks and remove the current ssid. When you set it back up , change your ssid to a different name than what you where using before
Do you need help with this ?
https://www.google.com/search?q=Ech...7&sourceid=chrome&espv=210&es_sm=122&ie=UTF-8
You can try resetting your router by pressing in the reset button like I posted before, this will wipe it back to factory defaults, then you can go into the Control Panel > Networking and Sharing Center > Manage Wireless Neworks and remove the current ssid. When you set it back up , change your ssid to a different name than what you where using before
Do you need help with this ?
Thanks, I did it last night. Reset the Router with the pin, reset the Modem, installed the Router with the CD and deleted all old internetaccesspoints in the control panel plus changed ssid, too.
The MAC Adress ist still there........... maybe it's the modem....i guess it has to deal with the hardware to get connected.
I only do not understand when I disable Enable Wireless Router Radio, all my devices can not connect. (Would like to have that disabled.....)
And when I disable SSID broadcast, devices which were connected before can't connect. (...That, too...)
Only, when both are enabled I have wireless connectivity.
Thank you so much!
I really appreciated your patience, help and time!!!!!
sdy234
The MAC Adress ist still there........... maybe it's the modem....i guess it has to deal with the hardware to get connected.
I only do not understand when I disable Enable Wireless Router Radio, all my devices can not connect. (Would like to have that disabled.....)
And when I disable SSID broadcast, devices which were connected before can't connect. (...That, too...)
Only, when both are enabled I have wireless connectivity.
Thank you so much!
I really appreciated your patience, help and time!!!!!
sdy234
ken545
Emeritus-Security Expert
Hi,
There are forums for many many things, software programs, hardware and the list goes on. This forum is for Malware Removal and this point you seem fine
Why dont you go here and register, like this forum its free. A lot of us forums work together. Use the same user name your using here so I can find you and follow along.
www.whatthetech.com
Then after your registered, go to there networking forum and they will be able to answer any questions for you and also to make sure you set up is secure
Post here
http://forums.whatthetech.com/index.php?showforum=128
Ken
There are forums for many many things, software programs, hardware and the list goes on. This forum is for Malware Removal and this point you seem fine
Why dont you go here and register, like this forum its free. A lot of us forums work together. Use the same user name your using here so I can find you and follow along.
www.whatthetech.com
Then after your registered, go to there networking forum and they will be able to answer any questions for you and also to make sure you set up is secure
Post here
http://forums.whatthetech.com/index.php?showforum=128
Ken
Hi Ken545!
Thank you sooo much for all the advices you gave me, I really appreciate them!
Thanks to you, I feel this Windows Laptop is more secure again.
I am so glad, that there was only a false positive!
I am very happy that I got help here from you!
I will think about the other forum. My way does not end here
So much more I am interested in
I hope you have a great time and lots of fun in doing what you are doing!
All the best to you
Thank you!!!!!!!!!!!!!!!!!!!!!!
sdu234
Thank you sooo much for all the advices you gave me, I really appreciate them!
Thanks to you, I feel this Windows Laptop is more secure again.
I am so glad, that there was only a false positive!
I am very happy that I got help here from you!
I will think about the other forum. My way does not end here
So much more I am interested in
I hope you have a great time and lots of fun in doing what you are doing!
All the best to you
Thank you!!!!!!!!!!!!!!!!!!!!!!
sdu234
ken545
Emeritus-Security Expert
Your very welcome
Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.
Malwarebytes is the free version and yours to keep and will not be removed
Safe Surfn
Ken
- Click START then RUN
- Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.
Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.
Malwarebytes is the free version and yours to keep and will not be removed
How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.- Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
- WhattheTech
- Grinler BleepingComputer
- GeeksTo Go
- Dslreports
Safe Surfn
Ken