Main Page 
PC Review
Forums
Newsgroups
Hardware
Anti-Virus
Complicated ... maybe virus/trojan ... (crossposting)
Forums
Newsgroups
Hardware
Anti-Virus
Complicated ... maybe virus/trojan ... (crossposting)
 |
Complicated ... maybe virus/trojan ... (crossposting) |
|
|
Thread Tools | Rate Thread |
19-03-2004, 07:08 PM
|
#1 |
|
Guest
Posts: n/a
|
Complicated ... maybe virus/trojan ... (crossposting)
I posted the following message in the 24hourhelpdesk group ... only relevant answer below ... I've run CWShredder and that said my machine was clean ... haven't done HiJackThis yet ... have also updated and rerun all the antivirus and trojan programs mentioned ... they show nothing ... Any ideas from this group as to what might have landed on my machine? --------------------------------------------------------------------------------------------------------------------------------- (This is my original posting.) > > Bear with me on this ... Win98SE > > Was online ... doing usual stuff ... saw a 'progress bar' >flash across the screen ... the sort of thing you get when downloading >or deleting files ... but too fast to see what it was. > > Shut down everything in the SysTray except EZ-AV (real-time >protection was enabled) and ZoneAlarm. > >Control-alt-delete showed nothing unusual running. Then tried "What's >Happening" to show running processes ... saw pstores.exe which I had >never noticed before ... but google shows it to probably be harmless. > >Tried to reboot ... and among other things, Windows said that "Spyware >Remover" was not responding ... I don't have this on my machine (I >hope) and never did. But it sure was in memory. > > Rebooted and ran updated EZ-AV, TDS-3, Stinger, Housecall, >Spybot, and Ad-Aware. Nothing found by any of those. > > Reset all access in ZA to ask first ... then rebooted. > > Now after after I'm up and online for a few minutes, ZA blocks >an attempt to send a packet out ... even though it's asking for every >other program, it doesn't ask on this attempt ... just logs it as "TCP >flags s)" with no program name shown ... most recent attempt was to >connect with server.bodhostdns2.com ... and the 'analysis' on the ZA >site is "ZoneAlarm has blocked an outgoing communication from your >computer to port 80 on a remote computer whose IP address is >66.98.212.46." > >Anybody got any ideas here? None of the antivirus/antitrojan programs >I use show anything.. > >Sorry to be so long winded ... ... but I'm baffled and suspicious. > > Thanks. > --------------------------------------------------------------------------------------------------------------------------------- (This is the response in the other newsgroup) Download and use the following: CWShredder (CoolWebSearch remover) http://www.spywareinfo.com/~merijn/cwschronicles.html http://www.spywareinfo.com/~merijn/files/cwshredder.zip HijackThis http://mjc1.com/mirror/hjt/ If your issue isn't resolved by the above steps, post the full contents of the HijackThis log here. --------------------------------------------------------------------------------------------------------------------------------- |
|
|
19-03-2004, 09:33 PM
|
#2 |
|
Guest
Posts: n/a
|
Re: Complicated ... maybe virus/trojan ... (crossposting)
"Bob" <olderman@pipeline.com> wrote in message news:njgm505lpaejoea9lv720eu3o50hdcp8oc@4ax.com... > > I posted the following message in the 24hourhelpdesk group ... > only relevant answer below ... I've run CWShredder and that said my > machine was clean ... haven't done HiJackThis yet ... Since they have welcomed you to post your HijackThis log for them to analyze, I suggest that you do so. They will be able to point out other things you have on your system that you don't want or need also. People are starting to depend too much on removal programs. |
|
|
|
|
| Thread Tools | |
| Rate This Thread | |
|
|
