Posted 15 July 2009 - 02:28 PM
Hello! I hope someone can help me ...
I think I am infected with some sneaky malware o_O
I am running Windows XP home edition.
Service pack 3 + all current updates.
Full Anti-Virus+ all up to date (Avast-Pro, Ad-Aware, Malwarebytes for scans).
I have been doing full scans and boot scans.
I installed java last night and did Kaspersky's online full scan(had to restart it because of a signature error)
All of these say I am fine (no infections found to date).
However I downloaded sandboxie recently and went to install it yesterday.
I noticed it didn't have a digital signature and had a few extra tabs in it's properties.
So I downloaded another copy and the new one looked different slightly.
The new one did not have a digital signature either so I uploaded it to virustotal and got the hashes which were correct.
I tried to do the same to the older copy and I got an error of 0 bytes recieved.
I tried a few more times and also tried jotti.org's scanner and never could get it to upload.
Checking many other files(a few wouldn't upload although fresh copies would) I got a hit on Launcher1.exe (for Disney's PotCo) with AVG scan at Jotti.org
It was labeled SHeur2.APPL. However searching AVG's site found no results for this.
Searching the web only showed one result (which was a porn link that I didn't click).
I also have some very peculiar things going on:
1. In TCPView I do a whois on some connections and get an error that states:
"Whois lookup error: The requested name is valid and was found in the database, but does not have the correct associated data being resolved for."
2. Most web sites I go to, including this one, want to run the adobe flash player add-on.
3. I checked another program (from secunia) I downloaded recently versus a fresh download and they are different.
4. My microphone unmutes itself intermittently; it is broken so it makes a lot of static when it does this
5. I had a weird process that showed up briefly in TCPView labeled: <non-existent>:2112
I have done a full reformat and fresh(security conscious) install ~2 weeks ago.
I have spent MANY hours of research on how to make my computer more secure (before and again after the install).
I haven't gone to ANY porn, hack, or crack sites.
I have not downloaded, shared, installed or used anything illegal or questionable(i.e. hacks, bots, pirated music/software etc.).
I am the only one who uses this computer.
The only media I have physically inserted into my computer since re-installing have been read-only windows and hardware installation discs.