TechSpot

Need the help of an Expert for this one

By jabberjaw
Aug 29, 2008
  1. So I thought I can solve almost any problem on my computer on my own but it turns out that I was wrong and now I need the help of a true expert.

    I have been trying to solve a problem that so far all of the AntiVirus programs can not, and its already taken a week of my time :(

    It all started for me when my computer contracted a bunch of viruses/ everything else thats bad. At this point I should tell you that I was using the bloated Norton 360 at the time:eek: .

    I have downloaded almost all of the top AntiV softwares to get rid of everything they managed to find (probably working as all decoys for the real problem). The programs got rid of everything but I was still being led to other unwanted sites. Also I am never able to update any of the AntiVirus/AntiSpyware programs or go to their corisponding sites on that computer.Luckily I have a labtop to transfer what I need to.:ha ha: but I now believe that its made it way into one of my flash drives.

    These and other symtoms are telling me that I am dealing with a RootKit. Also the program ComboFix was telling me I had rootkit. I researched and found this
    on the techspot forums HERE (http://www.bleepingcomputer.com/forums/tutorial62.html)

    I followed all of thes directions and these are the to logs I get (Attached).

    I am sorry that this is my second post on this subject the first one here (http://www.techspot.com/vb/topic111290.html)
    but since I posted it incorrectly I felt that my problem was not even going to be considered by the nice folks in here. ;) Any help will be greatly appreciated and thank you in advance.
     
  2. strac27

    strac27 TS Rookie Posts: 22

    Im not really that good with logs but I didnt find anything I find suspicious but just for a double check do everything that it said on this topic http://www.techspot.com/vb/topic111363.html and report back with what you find if anything.
     
  3. LookinAround

    LookinAround Ex Tech Spotter Posts: 6,491   +183

    took a quick look before having to run out but am sure one of the experts will take a look as well (they get back logged sometimes)

    Off hand a couple things

    1) What is this??? G:\zz\T31D1AT.exe Looks like two are running processes

    2) You have several entries pointing to "NameServers"
    O17 - HKLM\System\CCS\Services\Tcpip\..\{069095A0-753F-41A4-A062-DF7319F0CB1A}: NameServer = 66.153.128.98,66.153.162.98
    Do you recognized those IP addresses?

    ***Edit***
    Looks like they trace back to same company
    IP address 66.153.128.98
    Hostname dns1.sccoast.net
    ISP HTC Communications, LLC
    Country United States United States

    IP address 66.153.162.98
    Hostname 98.162-lan-cc.sccoast.net
    ISP HTC Communications, LLC
    Country United States United States
     
  4. jabberjaw

    jabberjaw TS Rookie Topic Starter

    Ok I have finally grasped my hands on a few thing and I came up with a set of new logs!!

    I Found Directions HERE (http://www.techspot.com/vb/post645589-1.html)
    This was a wonderful step by step set of instructions that helped me out EXTREMELY well.
    I have been running the scans for the last couple of days and now have all the logs I need.

    So I pray that I finally got my junk together. If anyone sees anything wrong with my logs please let me know because It would make me so happy and thankful for many reasons.

    And thank you strac27 and LookinAround for your help The two IP addresses are my dns servers that I am Positive.
     
  5. jabberjaw

    jabberjaw TS Rookie Topic Starter

    I am Such an ***** I forgot to include my logs.:eek::eek:
    Here they are
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...