Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is my comp a spambot?


  • Please log in to reply
3 replies to this topic

#1 TRad

TRad

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 30 December 2009 - 04:27 PM

OK, let's start with facts.

I use laptop with WinXP/Comodo. I don't like "real time" antivirs, but I systemically scan the files.

For couple days the webbrowsing is very clumsy, very sluggy. Mails/usenet seems to be OK. Transfers of large files go with full speed (or almost full speed), so I doubt it's IPS fault. I tried to use another comp - and it seemed to work fine.

I checked net traffic with WireShark. The only running program was firewall. After 2-3 minutes of silence my system startedto run several DNS queries, then it started to send TCP to several strange adresses. I'm not an expert by any chance, but from what I've read I understand such behaviour is consistent with spambots.

I scanned the comp with online Panda scanner - it showed nothing. I scanned with MKS Vir (a Polish antivir) - nada. I scanned with ESET NOD-32 - zip. I tried some free Spyware scanners (sorry, don't remember names) - zero effects.

I've sent the OTL scans to some local experts - they haven't found nothing suspicious.

So the situation at this moment:
- probably something is using my comp to transmit something somewhere,
- I can't locate the problem.

Does anyone has any suggestion what could/should I do (except reinstalling the system, this solution I've found on my own).

best regards

TRad

BC AdBot (Login to Remove)

 


#2 keyboardNinja

keyboardNinja

    Bleepin' Ninja


  • Members
  • 4,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:teh interwebz
  • Local time:07:29 PM

Posted 30 December 2009 - 04:46 PM

Well, until you figure out what is sending these queries, you should keep the computer off of the internet (just in case it is a spambot).

And I recommend using a real-time active protection program. It doesn't drag down a system any at all. Just scanning the files is often not enough. An active protection program would probably tell you if the queries were malicious.

Try scanning with Malwarebytes and SUPER Antispyware (just Google them for the downloads). If there's anything funky, they should tell you. And if you don't want to pay for a real-time protection to find out if that would fix the problem, just download a free version of AVG, Avira, Avast, or Vipre, etc...even if you download a trial version of something, it will run long enough to tell you if you're infected.

I'm sure a pro will come in here and ask for a bunch of logs to further diagnose it, but for now, that is my advice. Keep it off the net, and run some anti-malware through it.

Best of luck to you. :thumbsup:

Edited by keyboardNinja, 30 December 2009 - 04:48 PM.

PICNIC - Problem In Chair, Not In Computer

Posted Image Posted Image

20 Things I Learned About Browsers and the Web

#3 TRad

TRad
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 30 December 2009 - 08:25 PM

It seems that MalwareBytes was good enough. Thanks, I wouldn't guess I need to try another antivir.

best regards

TRad

#4 keyboardNinja

keyboardNinja

    Bleepin' Ninja


  • Members
  • 4,815 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:teh interwebz
  • Local time:07:29 PM

Posted 30 December 2009 - 10:58 PM

Well, one isn't always enough to do the job. The best way to stay secure is to have ONE active protection anti-virus, and multiple on-demand scanners. You have ZERO active protection, and have only done ONE on-demand scan that I suggested (I haven't heard of the others and wouldn't trust them). You aren't protected enough, if you ask me.

Take my advice and download some more anti-malware software, or you're risking your computer. I can't make you do it. I can only strongly suggest it. It's your choice.

Heck, you can even get Microsoft Security Essentials. It's completely free, and is the whole package (anti-virus, anti-spyware, rootkits, trojans, worms, etc..).

http://www.microsoft.com/Security_Essentials/

At least install that, if nothing else.

Like I said, I can only suggest. If you want to fix your computer, you have to take the initiative.

Cheers. :thumbsup:
PICNIC - Problem In Chair, Not In Computer

Posted Image Posted Image

20 Things I Learned About Browsers and the Web




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users