Trojan.Zlob.Q Activity blocked by Norton, but not found during scans.

[shafe88]

In my Norton history their is a few intrusion attempts that were blocked for Trojan.Zlob.Q Activity. I've done a regular Norton scan, Norton power erase scan, Malwarebytes scan, Malwarebytes Antimalware scan, Malwarebytes Anti-Rootkit scan plus a scan with superantispyware and all those scans find nothing. I've also checked for unknown software, unknown browser extensions plus changed Microsoft Edge's home page. Hears a little more detailed info

Default Action No Action Required
Action Taken No Action Required
Attacking Computer ACER (192.***.*.118, 563**)
Attacker URL tablezip.info/u/?a=(bunch of letters and numbers)
Destination Address 81.171.14.67
Source Address ACER (192.***.*.118)
Network traffic from tablezip.info/u/?a=(bunch of letters and numbers) The attack was resulted form \DEVICE\HARDDISKVOLUME4\WINDOWS\SYSTEM32\WINDOWSPOWERSHELL\V1.0\POWERSHEL.EXE

 

[atomicWAR]

Someone's trying to get a direct line to your machine. Do you know what you were doing at any of those times (ie same website, watching video, gaming, etc)? When the first attack happened did you change/add/remove any software? I would be trying to find a correlation real quick. If you can't and hit a dead end on finding the attack vector a system wipe and windows reinstall may be useful. Change all log-in info etc. If that doesn't get the intrusions to stop. You may need to look more closely at your back-up data and isolate it as well (may want to regardless). You would also need to watch your browsing habits closer as well to find the vector until your sure things are cleared up.

 

[atomicWAR]

Also...piss anyone off lately?

 

[guanyu210379]

https/www.symantec.com/security_response/writeup.jsp?docid=2016-020300-4629-99&tabid=3

Try full system scan!
Read the link I posted

 

[shafe88]

https/www.symantec.com/security_response/writeup.jsp?docid=2016-020300-4629-99&tabid=3

Try full system scan!
Read the link I posted

I've done full system scan, with Norton plus other software such as Malwarebytes.

 

[shafe88]

Someone's trying to get a direct line to your machine. Do you know what you were doing at any of those times (ie same website, watching video, gaming, etc)? When the first attack happened did you change/add/remove any software? I would be trying to find a correlation real quick. If you can't and hit a dead end on finding the attack vector a system wipe and windows reinstall may be useful. Change all log-in info etc. If that doesn't get the intrusions to stop. You may need to look more closely at your back-up data and isolate it as well (may want to regardless). You would also need to watch your browsing habits closer as well to find the vector until your sure things are cleared up.

I really don't remember what I was doing at the time of the attacks, I think they might of happened when I was away from my computer as I've never noticed any popup from Norton, and only found out about the attacks by looking through my Norton history. Nothing really changed since the attacks started except for a few updates being installed and a graphics driver being download from AMD's website. A while back I did get a few popups to take a Xfinity/Comcast survey and receive a free gift, but I never clicked on them, I just simply closed the tab. I'm usually careful about my browsing and mostly visit xfinity.com, Amazon and youtube. I never pissed anyone off lately. I'll diffidently be doing a fresh install as I planed on doing a fresh install after upgrading to a 2 tb drive. My plan was to clone my current drive to the new 2tb drive then use the recovery partition to do a fresh/factory install of windows 8.1. FYI I'm currently running windows 10.

 

[atomicWAR]

LMk if a fresh install fixes things. If it doesn't someone is attacking your IP directly at which point you may need to request a change from your provider (assuming static IP) or getting your IP refreshed (assuming dynamic).

 

[shafe88]

LMk if a fresh install fixes things. If it doesn't someone is attacking your IP directly at which point you may need to request a change from your provider (assuming static IP) or getting your IP refreshed (assuming dynamic).

I'm in the process of backing up my personal/important files to external HDD, once my files are done backing up I will reinstall windows via recovery. I have one quick question, should I use the recovery partition on my hard drive or should I use the recovery USB I made before upgrading to windows 10? When I do the reinstall of windows, I'd really like to do a reinstall of windows 8.1 instead of windows 10.

 

[JoshRoss]

If you are planning to install a fresh copy of Windows, I guess you won't need full malware removal tips. In that case, you should back up your files and do a completely fresh install of Windows 8.1 (Although, I am not sure why you would want a worse version of Windows). Recovery only sets back your Windows state to the previous one if you are using the system one. If you are using USB one, it is probably not going to be a problem. But overall, I strongly recommend just doing a brand new fresh install of your Windows copy. Trust me, it will save you a whole lot of trouble.

 

[shafe88]

If you are planning to install a fresh copy of Windows, I guess you won't need full malware removal tips. In that case, you should back up your files and do a completely fresh install of Windows 8.1 (Although, I am not sure why you would want a worse version of Windows). Recovery only sets back your Windows state to the previous one if you are using the system one. If you are using USB one, it is probably not going to be a problem. But overall, I strongly recommend just doing a brand new fresh install of your Windows copy. Trust me, it will save you a whole lot of trouble.

Worse version of windows? Actually windows 8.1 is better in my opinion, it runs smoother and seems to do less background task. I got Windows 8.1 installed, so far so good not.

 

[JoshRoss]

I would go between 7 or 10. This is my personal opinion, so feel free to ignore it. I do agree on your point of bloatware. Windows 10 installs a ton of useless software for you to use, but after removing it, you won't have many issues. And I dislike a lot of things about how Win8.1 displays everything, sure you can change it to some degree, but still.

 

[shafe88]

I would go between 7 or 10. This is my personal opinion, so feel free to ignore it. I do agree on your point of bloatware. Windows 10 installs a ton of useless software for you to use, but after removing it, you won't have many issues. And I dislike a lot of things about how Win8.1 displays everything, sure you can change it to some degree, but still.

It's not just the bloatware, is the extra background task that eats up resources which can't be removed and some can be disabled while most cant. Removing the bloatware doesn't always work as it automatically reinstall, I've had problems with apps reappearing after I removed them.

 

[JoshRoss]

Hmm, interesting. I haven't encountered the issue of not being able to. If you turn off all the privacy and auto-update settings for everything you do not need, it shouldn't reappear. Personally, I haven't had that issue before, but UI and OS is a personal preference, so to each its own.

Oh, and by the way, Win 8.1 has equally as much bloatware, and it works the same way as 10 in regards to stopping/disabling useless applications