New
#1
Got a virus
Hi
I think I got a really stealthy malware today.
I'm using ESET Smart Security and it includes a powerful firewall. All I have is the information I got from it.
It received an attack from another computer of ours and that computer had a free antivirus which did not detect the virus. I bought a license for ESET for it too but it didn't detect it either.
See this photo:
It says:
I had no idea what ARP-cache was so I went ahead and did a quick google search. This thing seems to be valid and rather scary. This seems to be very dangerous as it hijacks webpages. Not on the infected computer, but on other computers on the same network. This sounds very dangerous, it's like a man-in-the-middle attack they could steal any information they want.Code:Disabled network malware: ARP-cache poisoning Source: 192.168.1.106 The ESET Personal Firewall blocked an attack attempt to protect your computer.
My computer seems to be clean (and this attempt was blocked) so let's focus on that IP address.
I tracked down the IP address (.106) and it was DHCP assigned to our downstairs family computer. It was running a popular free antivirus and I replaced it with ESET Smart Security hoping it would capture something but it did not. I also ran Norton Power Eraser. No results.
This must be some kind of well-hidden rootkit. The IP address clearly traces to that computer, and it *was* powered on at the time. The alert went off three times within a few minutes.
Can you help me how to get rid of this nightmare malware? I'll try Malwarebytes soon, is there anything else we could try too? How about the bootable CDs? Kaspersky has a recovery disk I heard. Is it good against rootkits?