• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

HELP: My computer is spewing packets into the world... particpating in maybe a trojan initated DDOS?

A

AccruedExpenditure

Diamond Member
My ethernet send light is on solid. 90 million packets sent in 12 hours. I believe that my computer has been infected by a trojan. I've ran an updated norton AV but it can't catch it. I've also download the stinger tool and it can't detect anything.

Any suggestions...

I've installed a packet sniffer to see what kind of outbound traffic my computer is sending, it looks like UDP packets directed towards 200.230.118.2
=/
 
The best thing to do would be to shut off every last application that isn't nessisary, and then fire up the packet sniffer of choice, and see what's being sent, and where.
 
Originally posted by: ViRGE
The best thing to do would be to shut off every last application that isn't nessisary, and then fire up the packet sniffer of choice, and see what's being sent, and where.
Click to expand...

That's the thing, I think the trojan disabled my task manager... anytime I control alt delete to get to my win2k task manager, it the console box disappears and I return to my previous window 😕
 
Originally posted by: Gnote
Originally posted by: ViRGE
The best thing to do would be to shut off every last application that isn't nessisary, and then fire up the packet sniffer of choice, and see what's being sent, and where.
Click to expand...

That's the thing, I think the trojan disabled my task manager... anytime I control alt delete to get to my win2k task manager, it the console box disappears and I return to my previous window 😕
Click to expand...

you could try booting into safe mode. That might help, might not.
 
Originally posted by: illusion88
Originally posted by: Gnote
Originally posted by: ViRGE
The best thing to do would be to shut off every last application that isn't nessisary, and then fire up the packet sniffer of choice, and see what's being sent, and where.
Click to expand...

That's the thing, I think the trojan disabled my task manager... anytime I control alt delete to get to my win2k task manager, it the console box disappears and I return to my previous window 😕
Click to expand...

you could try booting into safe mode. That might help, might not.
Click to expand...

tried it, no avail, no internet in safemode either.
 
I would format your box. You most likely have subseven installed on your machine. We recently were the target of about 400 machines hitting our mailserver with a syn attack. Most of the machines I reverse scanned had subseven on them. Most of the machines were also in .nl .sk .ca and a few cox and bellsouth boxes. Also check out what Savij posted.
 
Thanks sajiv and tranceport. I tried your link sajiv and it couldn't find the slammer virus on my hd. I'm pretty sure what I have is some variant of the sub7 trojan on my computer. Short of reformating, does anyone have any ways for me to remedy my issue.
 
Originally posted by: Gnote
Thanks sajiv and tranceport. I tried your link sajiv and it couldn't find the slammer virus on my hd. I'm pretty sure what I have is some variant of the sub7 trojan on my computer. Short of reformating, does anyone have any ways for me to remedy my issue.
Click to expand...

Eww, sub7 - I had to deal with that one a few times - it never does REALLY go away - if you can spare, reformat. Its a bitch, you think you have it gone, then 2 days later it comes back, and it just repeats over and over.
 
yeah i got a msg on my machine today backdoor.trojan in my serv-u daemom exe... bizarre...nothing was running...uninstalled the app deleted the norton quarantined item hope im good.
 
Originally posted by: beatmix01
yeah i got a msg on my machine today backdoor.trojan in my serv-u daemom exe... bizarre...nothing was running...uninstalled the app deleted the norton quarantined item hope im good.
Click to expand...

funny i got the same thing today when i did a norton scan. same virus. norton quarantined it and i killed it. no idea what it was or now i got it. im behind a huge hardware FW and i run norton and a SW firewall
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top