Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Does anyone know of any malware relating to

I noticed my web browsing was going slower than normal, I ran netstat
and had 20-30 connections on various ports to that site,

spysweeper found nothing
avast found a win32.xx virus (only after running a full system scan)
ad-aware found some tracking cookies and various stuff
spybot found a win32 something

I have avast,outpost and spysweeper running at all times so I guess its
fairly new and got through, I have tried blocking the domain name in
outpost but it seems to change ip regularly, I have tried blocking it
in the hosts file and clearing the cache but then netstat shows
connections to a different domain name (? I think it was?).

Any suggestions or ideas? It only seems to happen when firefox is open,
and thats just with google open and thats it.



I was able to use outpost to block but then it just
started using another site, so i blocked that too then it started using
another ad site, all the sites it tries are in my hosts file, they all
resolve to, I would think that no traffic would be getting
through in that case, but when i do netstat it shows successful tcp
sessions. its really killing my browsing speed.

what i would really like is some tips on finding malware that scanners
dont pick up.



flamer wrote:
Quoted text here. Click to load it

tcpview from should be able to tell you
which process is making the suspect connections...

if the connections are being made by a program you think is normal (like
your browser) then it might be necessary to submit a hijackthis log to
one of the web forums that help people with hijackthis logs (note: this
group is not such a forum)...

"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Site Timeline