Re: how are you connecting ?
Thanks again chaps this weekend I´ll get my PC sorted.8o
- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Reply to: Worm
Collapse
You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:
- You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
- You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
- If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
Logging in...
Previously on "Worm"
Collapse
-
Guest replied
-
Guest repliedRe: how are you connecting ?
hijackthis is quite handy in addition to stinger (run in safe mode, some virii know how to fool it if they are running).
and of course Mr Russovich's excellent utils from sysinternals.com.
Leave a comment:
-
Guest repliedhow are you connecting ?
If you are on broadband go out and buy a properish firewall router, less than £100.
then run a software firewall as well. (I like kerio)
def get the tools for specific removal.
When Im looking at a possibly flaky machine I go through the process list and google the name of everything executing.
then go through the registry for the startup programs and google on those as well.
Leave a comment:
-
Guest repliedWell thanks for the advice, Im going to try these anti-virus programs out and then stick the patch and a firewall on.
Leave a comment:
-
Guest repliedSounds like you need to run Stinger.
Then you need to patch the machine to the hilt, and install up-to-date AV and firewall.
(Just removing the msblast.exe file doesn't fix it, there's stuff left in the registry to help it "reproduce".)
Leave a comment:
-
Guest repliedif you're not patched, firewalled, ad-awared, spybotted,
anti-virused, mbsa'd, routed, etc, then you're doomed
have you tried
securityresponse.symantec....tool.html
yet?
Leave a comment:
-
Guest repliedRe: sounds nimda-esqe
Well there is a virus checker, but I'm going to download the rpc patch and a firewall.
What caused the problem I think was teekids.exe that is a variant of msblaster.
I deleted teekids but it seems to have left something hanging around.
You wouldn't know what that was ?
Leave a comment:
-
Guest repliedsounds nimda-esqe
to me. also sounds like you have a fairly unprotected, unpatched machine?
Leave a comment:
-
Guest repliedRe: have you tried
Thanks Scotspine.
I've noticed the virus does file transfers generates TFTPXXX files in my system32 directory.
Does this ring a bell ?
Leave a comment:
-
Guest repliedhave you tried
procexp.exe from sysinternals,com. it gives more info about users of services, processes etc and might help carify things a bit?
Leave a comment:
-
Guest started a topic WormWorm
I have a problem on Windows 2000 that everytime I login into the internet through my modem, a svchost process consumes increasing amounts of CPU resources until I have to switch off.
There are now no new obvious executables and I suspect some viral service is being run by the svchost. I can't find any recent dll files.
A few months ago I caught the blaster virus, which I sort of suspect has something to do with it. I removed the msblast executable, but it appears some svchost service remains.
It would even be helpful if I could abort the svchost, which would enable me to download microsoft patches though I^m not sure this would work until I'm free of this worm.
Any help appreciated.Tags: None
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Streamline Your Retirement with iSIPP: A Solution for Contractor Pensions Sep 1 09:13
- Making the most of pension lump sums: overview for contractors Sep 1 08:36
- Umbrella company tribunal cases are opening up; are your wages subject to unlawful deductions, too? Aug 31 08:38
- Contractors, relabelling 'labour' as 'services' to appear 'fully contracted out' won't dupe IR35 inspectors Aug 31 08:30
- How often does HMRC check tax returns? Aug 30 08:27
- Work-life balance as an IT contractor: 5 top tips from a tech recruiter Aug 30 08:20
- Autumn Statement 2023 tipped to prioritise mental health, in a boost for UK workplaces Aug 29 08:33
- Final reminder for contractors to respond to the umbrella consultation (closing today) Aug 29 08:09
- Top 5 most in demand cyber security contract roles Aug 25 08:38
- Changes to the right to request flexible working are incoming, but how will contractors be affected? Aug 24 08:25
Leave a comment: