Worst virus ive seen in my life taking over all electronics

Status
Not open for further replies.

johanolling94

Estimable
Oct 6, 2015
2
0
4,510
Hello my name is johan and i have a really big problem i was random surfing and noticed some slowdowns in page loading and decided to download tcpview , and there was alot of weird traffic going out from all sort of stuff and i got scared ofc couse suddenly my girfriend had same problem on her computer and suddenly it was weird downloads on her android phone
did alot of lurking and found out the virus had clone our windows and installed its own drivers,
made its own rules, it hides from antiviruses by installing its own version of that program
or making a exeption that i cant delete ive tryed to format the computer didnt help
tryed to download every possible antivirus i could find tryed to change rules,delete virus files,
kill with ctrl alt delete, its like the freaking mastermind of viruses it uses every method it can to spread bluetooth,homenetwork,wifi, i attached some info if u need me to post anything else please say so and i beg my pardon for my bad typing.
njdgyoypn
 

itmoba

Estimable
Aug 14, 2015
153
0
4,660
Okay, so I did a reverse lookup on the addresses you listed; thereafter, I looked them up in blacklists. It turns out that more than one of the addresses turned up on blacklists. It seems, as it were, that you've got the TribalFusion virus (a malicious tracker cookie) and a nasty bot that's responsible for sending out crap. So, the problem seems that it's an upstream problem more than a downstream problem (i.e., you're sending out more information than you are receiving).


  • 216.239.120.246 --> cnet (phx2-dw-cbsi-xw-lb.cnet.com)
    204.11.109.68 -->tribal fusion (a.tribalfusion.com)
    54.231.17.208 --> AWS (s3-1.amazonaws.com)
    80.239.254.105 --> teliacarrier (80-239-254-105.customer.teliacarrier.com)
    173.241.240.195 --> openx (ox-173-241-240-195.xa.dc.openx.org)
    80.239.254.105 --> teliacarrier (80-239-254-105.customer.teliacarrier.com)
    185.29.133.224 --> no record (?????)
    52.16.159.63 --> AWS (ec2-52-16-159-63.eu-west-1.compute.amazonaws.com)
    172.241.240.105 --> as15003 (172.241.240.105.rdns.as15003.net)

Example: http://www.blocklist.de/en/search.html?as=AS15003
 

megajehanzaib

Estimable
Jul 16, 2014
8
0
4,510


Not always. I once had a strange kind of virus or worm (cuz it took a lot of time to get active) in my pc which I to date don't have solid info about. The only thing I know is that any installed software I ran, it created a app for that and renamed it matching to the latter software but it had a character or two before the starting filename. Slowly, I noticed that firefox (my default browser) did not load Youtube videos. It simply said that the script had stopped working. This happened on other flash apps aswell. I tried other browsers like chrome, opera tor etc and none of them worked. Only Internet Explorer used to work. And later I noticed that most of my games were missing .dll files which used to work perfectly before. I installed all the requirements like C++ redist and etc but it still did not work. Anyways, I reinstalled windows only formatting my C Drive and I noticed that upon installing new browser, it worked but after a couple of days the problem came back. I did a reinstall again and the same problem.

The solution was, I backed up everything (Forgot the old pictures which I still regret to this date) and completely formatted my HDD with DBAN (Darik's Boot And Nuke). After that, everything got to normal again.

Sorry for the long reply :p
 
Status
Not open for further replies.