Main Area and Open Discussion > Living Room
Possible rootkit attack
bit:
Hasn't TOR Vidalia ceased to exist?
Now it's either TorBrowser or the main gateway/relay program.
TorBrowser 5.5a3 (latest alpha) connected OK after about a minute the first time I started it, thereafter it connected in about 10 seconds.
Only needed to allow tor.exe through the firewall.
-4wd (September 23, 2015, 09:13 PM)
--- End quote ---
Now you mention it, yes, I see I've actually installed torbrowser-install-5.0.3_en-US.exe.
I tried basic connect option, and it 'starts', but never 'connects'.
I tried various 'provided bridges'; no success.
I entered Firewall and set a rule to 'allow' TOR connect & TOR exe; no success.
I entered Advanced Firewall, set a rule to allow 'domain', 'private', & 'public' (i.e. 'all'); no success.
I've seen some reports that if your PC clock is off by even a few minutes it can fail to connect, but I just reset my clock to check automatically with correct zone Internet time last night and it should be good.
4wd:
Try the alpha version: https://www.torproject.org/dist/torbrowser/5.5a3/torbrowser-install-5.5a3_en-US.exe
All I did was run it to extract, then run the Start Tor Browser shortcut, clicking Connect on the next window.
Just tried again, took 35 seconds for connection on first run, 5 seconds for subsequent runs.
Copy the folder to a flash drive and try it on another computer.
I entered Firewall and set a rule to 'allow' TOR connect & TOR exe; no success.-bit (September 23, 2015, 09:38 PM)
--- End quote ---
What TOR Connect ?
bit:
Try the alpha version: https://www.torproject.org/dist/torbrowser/5.5a3/torbrowser-install-5.5a3_en-US.exe
All I did was run it to extract, then run the Start Tor Browser shortcut, clicking Connect on the next window.
Just tried again, took 35 seconds for connection on first run, 5 seconds for subsequent runs.
Copy the folder to a flash drive and try it on another computer.
I entered Firewall and set a rule to 'allow' TOR connect & TOR exe; no success.-bit (September 23, 2015, 09:38 PM)
--- End quote ---
What TOR Connect ?
-4wd (September 23, 2015, 10:27 PM)
--- End quote ---
re: [What TOR Connect ?]: I meant 'Start Tor Browser'.
^I'll give it a try, and tnx.
PS - My PC clock keeps resetting itself 2 hours ahead, and just did it again.
When I first right click on the clock to correct it, the first thing I always get (and didn't used to) is a pop-up mssg;
"A restricted .CPL program has been blocked:
C:\Windows\System32\timedate.cpl
Allow program to run?"
I discovered some setting that should be checked to maintain the clock, wasn't checkmarked, and just reset it again.
bit:
I installed it where it wants to install, to Desktop\Tor Browser.
On a one-time basis, after each fresh uninstall, reg check, and reinstall, it starts and progresses all the way to 'Loading authority certificates', then hangs.
On all subsequent restarts, it only progresses to 'Loading network status' and hangs.
I have contacted their help email address.
I think they may show me how to access and send them the log, for troubleshooting.
If so, I'll confirm success or failure here. Tnx. :up:
bit:
I seemed to have a rootkit which was causing startup to go directly into BIOS and give me a pop-up that used poor English and flawed grammar, informing me that 'something intruded' and asking me to click on OK.
I didn't click on 'OK', I hit 'reset' button, which rebooted successfully to Desktop.
Every so often, the weird BIOS pop-up would reappear, and 'reset' got me past it.
I have [FoolishIT], which I'm guessing was partially blocking a full-blown rootkit takeover.
So I did a backup restore of my entire OS from an older backup HD which was saved about April 2015.
Among a plethora of other actions, I ditched free AVG and updated Norton 360 Premier (which was never uninstalled from the backup), and I reinstalled Malwarebytes, which used to delay all folder & file openings for 10 to 20 seconds, and the MWB-related folder & file opening delays are gone. :)
A MWB scan found 6 threats and killed them.
I also ran updates and scans with Adwcleaner (which killed a few baddies), Desinstaller, and JRT.exe.
Then I spent a couple hours searching for vital up-to-date files on the goofed up HD that needed to be copied to the backup outdated HD.
Then I ran Glary reg-check, then CCleaner cleaner & reg-check, then ChkDskAssist on the backup HD.
Finally, I ran a [EaseUS Todo Backup Free 4.0] clone HD restore from the good but outdated HD to the goofed up-to-date HD.
AFAICT, all threats are gone, everything is up-to-date on both HDs, the backup HD is updated & disconnected again for 'the next time', and everything seems to be running smoothly.
On top of all this, I also discovered my vintage TOR Vidalia works fine now. :)
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version