Page 1 of 4 1234 LastLast
Results 1 to 10 of 33

Thread: Should I be concerned?

  1. #1

    Default Should I be concerned?

    Picture!

    http://i238.photobucket.com/albums/ff9/pointblanch/crap.png




    I know what false positives are and all that. I've been getting these messages (connected to C:\.jagex_cache_32) for the past few days. They're irritating, and as I was writing this a new one opened up.

    In the picture it says 'nexus25.exe'. A Google search of it brought up nothing worth noting. However, the new one that opened up just thirty seconds ago was called 'nexus24.exe', and this is after I deleted nexus25.exe. All they've done as of right now is opened the command prompt and done nothing. I closed the command prompt before anything bad could happen...

    The weird part is that this folder's icon doesn't exist. It isn't hidden, either - I had to type in the directory myself to find the files. It seems they're being created, and aren't residual browsercrap from when I played the browser game to which they're connected. I deleted everything in the folder for now, but I'm all suspicious now.

    Besides this, every time I log in, my firewall says "Port Scan Attack Logged". When I back-trace it, it always stops at my router's IP.

    My computer's freaking me out. Should I be concerned? I don't know if its weird 'not-a-folder' status is allowing it to avoid the AV until it tries to act up, or if it's connected to whoever is trying to find the open ports. I find this all very interesting, and if someone could give me the technical explanation for any or all of this I'd enjoy reading, but if I should be looking for specialists then I'd rather reformat.

  2. #2

  3. #3

    Default

    If you want to dig deeper (or to see any folders that maybe hidden in Windows) try using a Linux live cd to look at your drive with.

  4. #4

    Default

    It's a backdoor Virus so yes it is.

    Get MAWB and scan

    Back up all your files you need and stuff too.

    If your system files get messed up/deleted during the remove progress hit ALT+F10 when you start you computer you should be able to do a factory reset withthat.

  5. #5

    Default

    Googling Nexus and Jagex together is coming up that nexus is a bot for runescape.

    If I had to guess, I'd say its something done installed by the game to check a computer for the bot. It still looks very suspicious though.

    (right now this thread is the top result for "nexus25.exe" 0_o)

  6. #6

    Default



    Quote Originally Posted by Point Blanch View Post
    Picture!

    http://i238.photobucket.com/albums/ff9/pointblanch/crap.png




    I know what false positives are and all that. I've been getting these messages (connected to C:\.jagex_cache_32) for the past few days. They're irritating, and as I was writing this a new one opened up.

    In the picture it says 'nexus25.exe'. A Google search of it brought up nothing worth noting. However, the new one that opened up just thirty seconds ago was called 'nexus24.exe', and this is after I deleted nexus25.exe. All they've done as of right now is opened the command prompt and done nothing. I closed the command prompt before anything bad could happen...

    The weird part is that this folder's icon doesn't exist. It isn't hidden, either - I had to type in the directory myself to find the files. It seems they're being created, and aren't residual browsercrap from when I played the browser game to which they're connected. I deleted everything in the folder for now, but I'm all suspicious now.

    Besides this, every time I log in, my firewall says "Port Scan Attack Logged". When I back-trace it, it always stops at my router's IP.

    My computer's freaking me out. Should I be concerned? I don't know if its weird 'not-a-folder' status is allowing it to avoid the AV until it tries to act up, or if it's connected to whoever is trying to find the open ports. I find this all very interesting, and if someone could give me the technical explanation for any or all of this I'd enjoy reading, but if I should be looking for specialists then I'd rather reformat.
    i had somthing similar, i run avg too and whay you have gotten is a drive by virus. thease ones a very well coded cosidering thay have gotten on by just useing a url to acess a websight, now i got rid of mine with a system restor though windows. if this has been a fequent thing for quie a while them i think your scewed mate if a restor doesent nuke it. i hope you have your shit backed up and on a HDD you keep disconected, cause thease things will hope to other storage mediums, even buring a disk. i hope you dont have to nuke the HDD and reinstall the os, good luck mate

  7. #7

  8. #8

    Default

    Trojans are usually used to gather and relay back information, the port scans, if they're coming from your computer to the router sound like either the trojan's having trouble doing its job of getting sensetive info out, or whoever dropped it is having trouble getting IN.

  9. #9

    Default

    If you find you need to reinstall your OS, have a friend download Dairk's Boot and Nuke. (I'd post a link but my post count is not high enough.) Darik's Boot And Nuke, it will need to be burned on to a disk, if I remember right it is a Disc Image file. This program is made to be used like your Windows disk, put it in your disk drive and boot from it. This program is a complete hard drive wipe, it can get many virus that can hide during a drive format. Here's this the my recommended process in using this program to rid yourself of this virus:


    1. Place the CD has boot and nuke on it in your Primary CD Drive.
    2. Restart your computer, make sure your BIOS is set to boot from your Primary CD Drive
    3. Run the Boot and Nuke Program
    4. Turn your computer off and unplug it and leave it unplugged for about 5 Minutes, some viruses can hide in your RAM, turning your computer off and unplugging it will depriving your computer of power will wipe your RAM.
    5. Reinstall your OS
    6. Reinstall your Anti-Virus and Anti-Spy ware
    7. Run scans, should not take much time as only the OS files are there.


    You may back-up files if you fell it is safe, but as this virus is creating files it may have infected other files, if you back up files archive them in ZIP files and scan them before opening them to restore your info. I advise not backing up your files as you make let the virus loose in your system again.

  10. #10

    Default



    Quote Originally Posted by matrix36 View Post
    i know ur problem you got a pc you should of got a mac


    Hacks are not designed for macs because PC users vastly outnumber mac users, therefore it is not practical to mess with the smaller group.

    Macs are also much more limited than PCs, and most people don't want them because of this.


    Anyways, I won't comment further on that, it's begging for the thread to be derailed.

    ---------- Post added at 10:31 PM ---------- Previous post was at 10:27 PM ----------

    Also, a hard drive wipe is a pretty extreme decision to do right away. It's usually better to try to remove it first. Also, seeing that it didn't show up in google, there is still the possibility it was put there by jagex, by its naming.

Similar Threads

  1. Concerned with being spotted with router
    By Grutzvalt in forum Computers & Gaming
    Replies: 10
    Last Post: 22-Jul-2009, 09:19
  2. Should I be concerned?
    By scoo in forum Off-topic
    Replies: 13
    Last Post: 24-May-2009, 21:11

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
ADISC.org - the Adult Baby / Diaper Lover / Incontinence Support Community.
ADISC.org is designed to be viewed in Firefox, with a resolution of at least 1280 x 1024.