Suspected Attack
From: Alan UK (bigal_1302_at_hotmail.com)
Date: 09/01/03
- Next message: hano: "Local security Policy"
- Previous message: David Walters: "Unable To Access Drives"
- Next in thread: Hey Nonny Mouse: "Suspected Attack"
- Reply: Hey Nonny Mouse: "Suspected Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 1 Sep 2003 01:38:16 -0700
I am running W2k pro with Norton System Works AV (with
Live Update) and a Sygate Personal Firewall (freeware
version) and have an ADSL connection- although not left on
24/7.
After the MSBlast virus I scheduled a weekly Windows
Update and have all the latest bit and pieces.
I recently noticed a lot of attempts (throught the
firewall log) for sites trying to access the internet
using existing software- ie "site.com is trying to access
the internet through Norton Speed Disk" sort of thing.
Although I blocked all I could later the PC went a bit
barmy and kept showing Explorer.exe errors.
After a reboot and every scan (AV, Spyware etc) I could
muster I noticed that the Sygate firewall had gone awol.
The .exe file and Readme.txt were in the folder, but all
the rest had gone- and I discovered them all in the
Recycle bin.
I restored them, but is this a virus/trojan attack to
disbale the firewall or could this have happened during
the Explorer.exe errors? (I realise that could have been
part of any attack too)
Any information would be greatly appreciated, and
particularly any information about further (cost-
effective) methods of protecting the pc short of shutting
it off or disabling so much as to make the internet a
waste of time...I know its a compromise.
:-(
- Next message: hano: "Local security Policy"
- Previous message: David Walters: "Unable To Access Drives"
- Next in thread: Hey Nonny Mouse: "Suspected Attack"
- Reply: Hey Nonny Mouse: "Suspected Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
