I have been tracking down several viruses on a computer for several hours.
I found two forms of MyDoom, A and B. In addition, I found REDLOF.A virus infections with several extensions. I am left with this strange (scary) program in the Windows Add/Remove Programs tab that I have little idea what it is, L O.P. U ninstal1. Before it uninstalls, it wants me to type in a number sequence (sort of blurred) into a box just to make sure that I am not a machine. It seems to be a very strange way to delete a program almost to the levels of a virus/trojan. I don't know if is still in service or stopped by the virus scanner (PC-cillin 2002, recently updated to the newest version/pattern). However, the PC-cillin Firewall keeps registering "ping" attacks from various IP addresses. I refuse to delete it because it may either re-install itself or send personal information to the hacker.
Is there any way to get rid of this program without going through this "insert numbers in a box" routine?
Here is a breif history of what has happened since I have logged on and updated.
PC-cillin 2002 Log List
Type,Time,IN/OUT,Protocol,Source IP Address,Source Port,Destination IP Address,Destination Port,Description
Firewall,08:24:19,IN,ICMP,65.19.195.14,N/A,65.19.206.58,N/A,Ping Attack,
Firewall,08:24:19,IN,ICMP,65.19.195.14,N/A,65.19.206.58,N/A,Ping Attack,
Cloaking,08:30:47,IN,TCP,211.49.164.132,2290,65.19.206.58,4899,Cloaking,
Cloaking,08:30:47,IN,TCP,211.49.164.132,2290,65.19.206.58,4899,Cloaking,
Cloaking,08:30:49,IN,TCP,211.49.164.132,2290,65.19.206.58,4899,Cloaking,
Cloaking,08:30:49,IN,TCP,211.49.164.132,2290,65.19.206.58,4899,Cloaking,
Firewall,08:32:45,IN,ICMP,209.102.206.202,N/A,65.19.206.58,N/A,Ping Attack,
Firewall,08:32:45,IN,ICMP,209.102.206.202,N/A,65.19.206.58,N/A,Ping Attack,
Cloaking,08:46:55,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:46:55,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:46:58,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:46:58,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:47:04,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:47:04,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:56:34,IN,TCP,64.228.141.37,2102,65.19.206.58,17300,Cloaking,
Cloaking,08:56:34,IN,TCP,64.228.141.37,2102,65.19.206.58,17300,Cloaking,
Firewall,09:12:58,IN,ICMP,65.17.9.62,N/A,65.19.206.64,N/A,Ping Attack,
Firewall,09:12:58,IN,ICMP,65.17.9.62,N/A,65.19.206.64,N/A,Ping Attack,
Firewall,09:44:17,IN,ICMP,65.19.18.153,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:44:17,IN,ICMP,65.19.18.153,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:52:22,IN,ICMP,65.16.241.58,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:52:22,IN,ICMP,65.16.241.58,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:59:22,IN,ICMP,65.17.97.115,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:59:22,IN,ICMP,65.17.97.115,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,10:19:46,IN,TCP,65.19.206.120,1489,65.19.206.71,135,NetBIOS Browsing,
Firewall,10:19:46,IN,TCP,65.19.206.120,1489,65.19.206.71,135,NetBIOS Browsing,
BTW, this pinging crap is rather annoying now and slowing down the connection.
I found two forms of MyDoom, A and B. In addition, I found REDLOF.A virus infections with several extensions. I am left with this strange (scary) program in the Windows Add/Remove Programs tab that I have little idea what it is, L O.P. U ninstal1. Before it uninstalls, it wants me to type in a number sequence (sort of blurred) into a box just to make sure that I am not a machine. It seems to be a very strange way to delete a program almost to the levels of a virus/trojan. I don't know if is still in service or stopped by the virus scanner (PC-cillin 2002, recently updated to the newest version/pattern). However, the PC-cillin Firewall keeps registering "ping" attacks from various IP addresses. I refuse to delete it because it may either re-install itself or send personal information to the hacker.
Is there any way to get rid of this program without going through this "insert numbers in a box" routine?
Here is a breif history of what has happened since I have logged on and updated.
PC-cillin 2002 Log List
Type,Time,IN/OUT,Protocol,Source IP Address,Source Port,Destination IP Address,Destination Port,Description
Firewall,08:24:19,IN,ICMP,65.19.195.14,N/A,65.19.206.58,N/A,Ping Attack,
Firewall,08:24:19,IN,ICMP,65.19.195.14,N/A,65.19.206.58,N/A,Ping Attack,
Cloaking,08:30:47,IN,TCP,211.49.164.132,2290,65.19.206.58,4899,Cloaking,
Cloaking,08:30:47,IN,TCP,211.49.164.132,2290,65.19.206.58,4899,Cloaking,
Cloaking,08:30:49,IN,TCP,211.49.164.132,2290,65.19.206.58,4899,Cloaking,
Cloaking,08:30:49,IN,TCP,211.49.164.132,2290,65.19.206.58,4899,Cloaking,
Firewall,08:32:45,IN,ICMP,209.102.206.202,N/A,65.19.206.58,N/A,Ping Attack,
Firewall,08:32:45,IN,ICMP,209.102.206.202,N/A,65.19.206.58,N/A,Ping Attack,
Cloaking,08:46:55,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:46:55,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:46:58,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:46:58,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:47:04,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:47:04,IN,TCP,219.131.2.237,3021,65.19.206.58,80,Cloaking,
Cloaking,08:56:34,IN,TCP,64.228.141.37,2102,65.19.206.58,17300,Cloaking,
Cloaking,08:56:34,IN,TCP,64.228.141.37,2102,65.19.206.58,17300,Cloaking,
Firewall,09:12:58,IN,ICMP,65.17.9.62,N/A,65.19.206.64,N/A,Ping Attack,
Firewall,09:12:58,IN,ICMP,65.17.9.62,N/A,65.19.206.64,N/A,Ping Attack,
Firewall,09:44:17,IN,ICMP,65.19.18.153,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:44:17,IN,ICMP,65.19.18.153,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:52:22,IN,ICMP,65.16.241.58,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:52:22,IN,ICMP,65.16.241.58,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:59:22,IN,ICMP,65.17.97.115,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,09:59:22,IN,ICMP,65.17.97.115,N/A,65.19.206.71,N/A,Ping Attack,
Firewall,10:19:46,IN,TCP,65.19.206.120,1489,65.19.206.71,135,NetBIOS Browsing,
Firewall,10:19:46,IN,TCP,65.19.206.120,1489,65.19.206.71,135,NetBIOS Browsing,
BTW, this pinging crap is rather annoying now and slowing down the connection.
Facebook
Twitter