Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Help ...My friend says his comp is being hijacked

  1. #1
    FLAC bosstone74's Avatar
    Join Date
    May 2002
    Location
    Japan, Oregon
    Posts
    1,180

    Help ...My friend says his comp is being hijacked

    Hey...I have a serious computing problem to run by you. My computer is being hijacked. Someone is using it as a server or something, and I can't find the offending trojan. neither spybot nor AVG seem capable of unearthing it...

    But on the computing side, my "packets sent" stands at 50,000 and rising while my received packets sits idly at 8,500.

    this is what he wrote me...
    BossTone74

  2. #2
    Low Bitrate
    Join Date
    May 2004
    Location
    Curacao, Netherlands Antilles
    Posts
    75
    well .. are those scanning aps .. updated?? i mean .. with the latest definitions??

  3. #3
    FLAC bosstone74's Avatar
    Join Date
    May 2002
    Location
    Japan, Oregon
    Posts
    1,180
    Quote Originally Posted by Q_gamelogic
    well .. are those scanning aps .. updated?? i mean .. with the latest definitions??
    AVG is a virus
    and spybot ...is a spyware remover

    yes the are updated
    BossTone74

  4. #4
    Low Bitrate
    Join Date
    May 2004
    Location
    Curacao, Netherlands Antilles
    Posts
    75
    i know what they are ... and if avg cant "detect" anything ... and you say there must be .. then i say ... avg is CRAPPY ...


    anyways ...

    its a simple fix .. just donwload a firewall .. like zonealam ..(pretty good ) .. and it will ask for permission each time something wants to send and receive ... so lets say you open a IE window ... it will ask .. IE is trying to connect .. do you wish to allow .. ?? and you can check a box ,.. witch will always answer the same .. (permanent yes ... or no) ...

    so then of course .. you then can know whats broadcasting ..


    personnally /... i think its just a paranoid little thing as ... my packet sent is like 5 millon .. and packet reveice is like 2 millon ... so its no biggy ... i have this running for weeks now .....its normal that there might be a bit of traffic .. like ... if you have kazaa open or .... like me .. i have DC++ open ....or msn .... if somebody changes their nick ... thats data transfer righ there

  5. #5
    Raw Wave Rob Withey's Avatar
    Join Date
    Apr 2000
    Location
    Bedfordshire, UK
    Posts
    2,139
    You could use something like ethereal (www.ethereal.com) to look at the packets and find out what they are.
    Old Systems retired due to new car
    New system at design/prototype stage on BeagleBoard.

  6. #6
    Newbie
    Join Date
    Jan 2004
    Location
    Norway
    Posts
    33
    I've seen examples of trojans recently that couldn't be removed with any of the programs I tried. An idea might be to look at the list of running processes for strange-looking names. I ended up reinstalling, because each time I removed something, another process made sure it was restored... Sort of like a tag-team of spyware-progs.

  7. #7
    Raw Wave Confused's Avatar
    Join Date
    Aug 2003
    Location
    Essex, England
    Posts
    2,224
    Check this page and do everything listed. (Link fixed)


    Garry
    Co-Developer of A.I.M.E.E
    www.aimee.cc

  8. #8
    Raw Wave Rob Withey's Avatar
    Join Date
    Apr 2000
    Location
    Bedfordshire, UK
    Posts
    2,139
    Quote Originally Posted by Confused
    Check this page and do everything listed.


    Garry

    Broken link (comma instead of dot). http://www.tastats.com/spyware.php works.
    Old Systems retired due to new car
    New system at design/prototype stage on BeagleBoard.

  9. #9
    Low Bitrate
    Join Date
    Feb 2004
    Posts
    60
    My dads PC had the same problem. Turned out he had the MSBlaster worm. AVG (the free version) woudln't detect it either as it was one of the spawned virii from msblaster and AVGs freeware DB seems to be a little behind sometimes. Ended up doing the removal that virtually every anti-virus site has posted on it.

    Go here and run the scan:
    http://housecall.trendmicro.com/

    If you have one of these and are running on a 56k modem your connection will crawl. Also due to its outward scanning it will cause your sent packets to be much higher than your received packets...

  10. #10
    FLAC
    Join Date
    Jun 2003
    Location
    Memphis - TN
    Posts
    1,272
    get Protowall, blocks incomming and outgoing packets
    2011 Nissan Frontier SL
    AMD X3 2.2 | M4-ATX | 16Gb SSD | 2GB DDR3-1333 | MSI GF615M-P33 MB
    OBDPROS USB | BU-303 GPS l LILLIPUT TS | Car2PC adapter | XM Direct | USB Dual band N with custom mag-mount antenna.

Page 1 of 2 12 LastLast

Similar Threads

  1. gps inside engine comp.?
    By kalito in forum GPS
    Replies: 23
    Last Post: 02-24-2004, 10:57 AM
  2. 5.1 surround from my comp?
    By stkdidy ntshidy in forum General MP3Car Discussion
    Replies: 1
    Last Post: 09-17-2003, 08:04 PM
  3. cpu toast, mobo good, comp turn on?
    By samc in forum General Hardware Discussion
    Replies: 6
    Last Post: 07-19-2003, 03:40 PM
  4. comp wont even Work..pSu
    By samc in forum Power Supplies
    Replies: 5
    Last Post: 04-27-2003, 10:56 PM
  5. Splicing comp. out
    By All4Norway in forum LCD/Display
    Replies: 7
    Last Post: 04-02-2002, 10:26 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •