OT: Virus infection WAS Re: Computer Statement Usage
From: Peter E.C Dashwood (dashwood_at_enternet.co.nz)
Date: 10/17/04
- Previous message: Frederico Fonseca: "Re: Creating tables"
- In reply to: Robert Wagner: "Re: Computer Statement Usage"
- Next in thread: Robert Wagner: "Re: OT: Virus infection WAS Re: Computer Statement Usage"
- Reply: Robert Wagner: "Re: OT: Virus infection WAS Re: Computer Statement Usage"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 17 Oct 2004 13:01:02 +1300
Robert,
I'm really sorry you have been infected and I know you will be doing
everything you can to remove this.
Please don't take offense at the following (comparatively simple)
suggestions; I am not trying to "teach my grandmother to suck eggs" and my
advice in no way reflects on your competency or ability.
(It's just that sometimes when we are under stress we miss what might
otherwise be obvious...)
1. Download and run hijackthis. I have found it extremely useful when there
are registry hooks involved. Inspection of the log from it may give you some
further clues.
http://www.tomcoyote.org/hjt/
2. Download AdAware, update it to the latest version, then run it. It is
free for personal use.
http://www.lavasoftusa.com/software/adaware/
3. I'm sure you have a very good virus protector, but has it been updated?
4. There is Trojan detector software available from: http://xoftspyware.com/
(I found this product outstanding. It found some registry entries that were
missed by AdAware, but AdAware found some stuff missed by Xoft...)
If all of the above reports "clear" and yet you know there is something
running somewhere, then it is possible it is a direct attack on you
personally, with a "tailored" virus or worm. All you can really do is keep
monitoring the ports and running processes. You might think about checking
for executable files that were created/modified around the time the symptoms
started appearing.
Hope you crack it soon.
Pete.
"Robert Wagner" <robert@wagner.net.yourmammaharvests> wrote in message
news:1q4nm0lq7unpc0quhqp489tkefpt5tebmm@4ax.com...
> On 11 Oct 2004 19:52:46 -0400, docdwarf@panix.com wrote:
>
> >In article <dl3mm011cq6ctjpl1micqvtfccmklqf8ah@4ax.com>,
> >Robert Wagner <robert@wagner.net.yourmammaharvests> wrote:
> >>On Mon, 11 Oct 2004 13:07:22 -0700, "Chuck Stevens"
> >><charles.stevens@unisys.com> wrote:
> >>
> >>>(Top posting):
> >>>
> >>>I am having difficulty understanding how the average reader of a
response
> >>>such as the one below would be stimulated to anything but contempt and
> >>>disgust toward its author.
> >>
> >>You're right. The next morning I regretted posting it.
> >>
> >>I wrote it after spending 24 hours battling hackers, followed by an
> >>hour or two celebrating victory. Putting it bluntly, I was drunk.
> >
> >Hmmmm... one of those dead-language-aphorisms is trying to surface...
> >something about wine and truth.
>
> Translated: 'Nothing is said while inebriated that wasn't thought
> while sober.' I wrote about crudeness and cruelty, so I might have
> been thinking about .. what?
>
> FWIW, the victory was illusory, hacker code is still functioning. We
> keep thinking .. if I could find THE file and delete it, the problem
> would gone. In this case it's not a file, it's a sequence of registry
> entries and scripts intertwined with legit Microsoft stuff. They use
> Microsoft software to install their hooks.
>
- Previous message: Frederico Fonseca: "Re: Creating tables"
- In reply to: Robert Wagner: "Re: Computer Statement Usage"
- Next in thread: Robert Wagner: "Re: OT: Virus infection WAS Re: Computer Statement Usage"
- Reply: Robert Wagner: "Re: OT: Virus infection WAS Re: Computer Statement Usage"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
