Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Suspicious TCP/UDP connections on Currports

26 Jan 2014   #31
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Sophos is a reputable vendor and they specifically mention somoto.

Try http://www.sophos.com/en-us/products...nload-now.aspx

I might run through a few other "standard scanners". I just want to be sure you're sysyem is in good shape. Maybe one or two more.

Post anything Sophos reports. I think it's ok to remove anything that shows up, you don't want to rerun the scans (some cases yes, but I'll let you know if you need to scan, then clean)

Assume, I mean clean for the rest of this exercise.


My System SpecsSystem Spec
.
26 Jan 2014   #32
oddblob

WINdows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by Slartybart View Post
Sophos is a reputable vendor and they specifically mention somoto.

Try Download Free Virus and Malware Removal Tool | Sophos

I might run through a few other "standard scanners". I just want to be sure you're sysyem is in good shape. Maybe one or two more.

Post anything Sophos reports. I think it's ok to remove anything that shows up, you don't want to rerun the scans (some cases yes, but I'll let you know if you need to scan, then clean)

Assume, I mean clean for the rest of this exercise.
Awesome, I'm running the Sophos tool now, although regarding ESET and what it found, I noticed it doesn't remove these? Should I do this myself and just delete the file/folders it flagged?
My System SpecsSystem Spec
26 Jan 2014   #33
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Haven't read the log, but that's probably the conclusion I'll reach.

Wait unitl Sophos finishes - it might offer up the opportunity to remove them. If it does, let it.
My System SpecsSystem Spec
.

26 Jan 2014   #34
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Restart your system



Then, please download Junkware Removal Tool to your desktop.
  • Right click, run as administrator: JRT.exe
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Based on the results of Sophos and JRT, there's one more - a cleanup really.

Bill
-
My System SpecsSystem Spec
26 Jan 2014   #35
oddblob

WINdows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by Slartybart View Post
Sophos is a reputable vendor and they specifically mention somoto.

Try Download Free Virus and Malware Removal Tool | Sophos

Post anything Sophos reports. I think it's ok to remove anything that shows up, you don't want to rerun the scans (some cases yes, but I'll let you know if you need to scan, then clean)

Assume, I mean clean for the rest of this exercise.
Still running Sophos scanner, it's been on item:
PHYSICAL:0080:0000:0000:0001
for ages now I've googled this, but all I got was some mbam forum which didn't help really... the number of threats is still 0 which is good! I don't suppose you know what PHYSICAL:0080:0000:0000:0001 means? :S
My System SpecsSystem Spec
26 Jan 2014   #36
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

It's deep scanning - it will run for a while.
If Sophos found something down there, it will take a while to fix it, quite a while.

Do NOT interrupt the scan. It might be hours..

We'll see if we need to run something else. I hope not.

This wasn't much help, but you can read it: Free Virus Removal Tool | Sophos Antivirus and Malware Removal Tool
My System SpecsSystem Spec
26 Jan 2014   #37
oddblob

WINdows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by Slartybart View Post
It's deep scanning - it will run for a while.
If Sophos found something down there, it will take a while to fix it, quite a while.

Do NOT interrupt the scan. It might be hours..

We'll see if we need to run something else. I hope not.

This wasn't much help, but you can read it: Free Virus Removal Tool | Sophos Antivirus and Malware Removal Tool
I'll leave it overnight then and see any results in the morning, just out of interest as I've never heard of PHYSICAL:0080:0000:0000:0001, what actually is this?
My System SpecsSystem Spec
26 Jan 2014   #38
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

It's deep in the disk sectors... too much for me to understand.
My System SpecsSystem Spec
27 Jan 2014   #39
oddblob

WINdows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by Slartybart View Post
It's deep in the disk sectors... too much for me to understand.
Helo, just woken up and it's still on the same item! PHYSICAl:0080:000:0000:0001
Starting to think it's stuck... :S
My System SpecsSystem Spec
27 Jan 2014   #40
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

It's possible that it found something and is fighting with it... it's also possible that it's just stuck.

Launch Task Manager and look at Processes, show process from all users, sort by CPU descending, and post a screen shot. I don't know the process name(s) for Sophos, I can figure that out from the Task Mgr shot.

The Sophos doc wasn't in that much detail, let me look again to see if there are any warnings about stopping it. It's never a good idea to kill a disk operation, but it is necessary some times. I'll let you know what I find.
My System SpecsSystem Spec
Reply

 Suspicious TCP/UDP connections on Currports




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Suspicious E-Mail
I got a very suspicious e-mail. It's in my spam, fortunately but I was wondering if anyone knows anything about this phishing attempt?
Chillout Room
Suspicious file
OK. I need help. There is an unknown file on the desktop which wont go. If I delete, it comes back if I refresh the desktop. When I right click on this file, there are only 3 options: Cut, Create Shortcut and Delete. I have scanned my computer with Hitman Pro, MBAM, Windows Defender and...
System Security
Should I get suspicious?
:sarc: I'm getting this every once in a while in Resource Monitor - Network . It happens a little while after I open an IE window. Open the image and you'll understand what I mean. Is this normal???
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 22:12.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App