Intrusion Attempt
- Thread starter jadinolf
- Start date
You probably have a trojan or worm on your computer, but without internet connectivity, it's not active. So when you connect to the internet, it activates. Get some nice antivirus program and get rid of it.
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
Sounds like what was happening with my little sister's computer. It inhaled some Trojans/Downloaders that NAV 2005 didn't recognize yet, and they'd keep trying to drag in ones that Norton did recognize. It had quarantined over 4800 of the ones that it did recognize, but was not hitting the root of the problem.
If it were me, I would vaporize the whole Windows installation, and start over and get stuff secure from the start this time around. But I'm just crazy like that :evil: If you don't want to do that just yet, try this real quick:
If it were me, I would vaporize the whole Windows installation, and start over and get stuff secure from the start this time around. But I'm just crazy like that :evil: If you don't want to do that just yet, try this real quick:
- back up any data you can't afford to lose
- Disable System Restore
- Download 30-day trial of Webroot SpySweeper, install & update it. Don't scan yet.
- Download free ZoneAlarm firewall software from http://www.zonelabs.com but don't install it yet.
- Uninstall Norton Antivirus 2005. After all of the Symantec/Norton software is removed, install ZoneAlarm to provide firewall protection. Don't let stuff connect that you don't know what it is, when ZoneAlarm prompts for decisions.
- Download 30-day trial of Kaspersky Antivirus Personal 5, install it, configure it like this and update it. You'll probably need a reboot to complete the installation. Don't scan yet.
- Download this text file and extract the files as shown, but don't scan yet.
- So now you are ready to drop the hammer on this stuff :evil: Restart in Safe Mode, run the McAfee command-line scanner, then scan with Kaspersky, then with SpySweeper.
- Restart in normal mode and scan again. Stuff still detected, or is it clean now?
- If it's clean, run Microsoft Baseline Security Analyzer and address all of the weaknesses it finds, particularly weak/blank passwords or open shares.
- If it's not clean, then I say Drop The Bomb On It? with a full reformat/reinstall, and take steps to secure it during and during the building process.
- Oct 12, 1999
- 20,952
- 3
- 81
Originally posted by: mechBgon
Sounds like what was happening with my little sister's computer. It inhaled some Trojans/Downloaders that NAV 2005 didn't recognize yet, and they'd keep trying to drag in ones that Norton did recognize. It had quarantined over 4800 of the ones that it did recognize, but was not hitting the root of the problem.
If it were me, I would vaporize the whole Windows installation, and start over and get stuff secure from the start this time around. But I'm just crazy like that :evil: If you don't want to do that just yet, try this real quick:
Hope that helps
- back up any data you can't afford to lose
- Disable System Restore
- Download 30-day trial of Webroot SpySweeper, install & update it. Don't scan yet.
- Download free ZoneAlarm firewall software from http://www.zonelabs.com but don't install it yet.
- Uninstall Norton Antivirus 2005. After all of the Symantec/Norton software is removed, install ZoneAlarm to provide firewall protection. Don't let stuff connect that you don't know what it is, when ZoneAlarm prompts for decisions.
- Download 30-day trial of Kaspersky Antivirus Personal 5, install it, configure it like this and update it. You'll probably need a reboot to complete the installation. Don't scan yet.
- Download this text file and extract the files as shown, but don't scan yet.
- So now you are ready to drop the hammer on this stuff :evil: Restart in Safe Mode, run the McAfee command-line scanner, then scan with Kaspersky, then with SpySweeper.
- Restart in normal mode and scan again. Stuff still detected, or is it clean now?
- If it's clean, run Microsoft Baseline Security Analyzer and address all of the weaknesses it finds, particularly weak/blank passwords or open shares.
- If it's not clean, then I say Drop The Bomb On It? with a full reformat/reinstall, and take steps to secure it during and during the building process.
Sorry for the delay in getting back but I was installing and updating "The Cleaner" and "Trojan Remover". Ran scans and no active malicious files were found. I'll follow mechBgon's details and see what happens.
I really didn't think I had a problem. I just thought a trojan was trying to get into my system.
Thanks all
Could you post links to the progs you installed?
Otherwise, what Mech suggests is the way to go.
Also, add Trojanhunter [yummy slurp splat] to that.
Otherwise, what Mech suggests is the way to go.
Also, add Trojanhunter [yummy slurp splat] to that.
- Oct 12, 1999
- 20,952
- 3
- 81
If you have tenacious trojans, please refer to my detailed spyware removal instructions here: http://theflyingpenguin.com/spyware-removal.shtml
wow, never heard of those.
Try trojanhunter - that has picked up on lots that others have failed on.
www.trojanhunter.com/
Be sure to install it, update it, reboot into SAFE mode to run it. Very slow but should be worth it.
Try trojanhunter - that has picked up on lots that others have failed on.
www.trojanhunter.com/
Be sure to install it, update it, reboot into SAFE mode to run it. Very slow but should be worth it.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 22K
-
News NVIDIA and Intel to Develop AI Infrastructure and Personal Computing Products- Started by poke01
- Replies: 384
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
Facebook
Twitter