Hacks keep geting in. Here is the current ports that TDS-3 shows open. How do I remove these, when I cannot find all of them in my computer?
Port 80= WWW-HTTP - WorldWide Web (Hyper Text Transfer Protocol) (RFC 1945) RAT : AckCmd, Back End, CGI Backdoor, Executor, Hooker, RingZero, RTB666, NerTe, 23,Keylog.ev0,m invisible webserver lite, IIEx, Haan, ItAdEm, Task-X, HTTP

Now, I hasve found and removed some of these, but I am thinking I need to reformat. This is kinda childish of them to keep hacking my computer, as they will be getting caught, I know, if they continue, but how can I stop them , while the "official" process is in motion?

Hello Greg51
What kind of firewall do you have and how do you have your settings for it?

I have two firewalls. Norton Sytem works, and they hacked into that in 20 minutes. and blakcIce, and neither seem to be working. I am in an online game community, and they keep getting the hacks in, via either thier web site, or the ventrillo chat program , I do not see the firewalls, as being very usefull. Ideas? I am in need of help, thanks for answering.
ps., the settings in BlackIce are set to Paraniod btw.

Hi Greg1951, Unfortunately you are letting them in :( When you open the ports to these gaming areas and chats you have to allow open ports. Which the hackers can tunnel back to you with, setting the rules up this is difficult.

Any way can you get Autostart Viewer from the DCS site: http://www.diamondcs.com.au/index.php?page=products

When you run it enable the first three menu items, save it and post the results here so that we can see what is what, they may have dropped other malware on you.

I have not already, make sure you have Execution Protection running and TDS minimised to your system tray whenever you are on line.

HTH Pilli

Hi Greg51,

Welcome to Wilders!

From your brief notes it seems you are basing your supposition that you are hacked only on the ports listing in TDS. Keep in mind that that facility will try to list every trojan or backdoor that has been known to use the port in question but is not necessarily confirming that one of these trojans is using that port. Especially regards to TCP port 80, this is in all likelihood just legitimate Web traffic.

If the TDS memory and file scans show no signs of trojans you can usually disregard the port listing indications from TDS. If you want a much more accurate analysis of current network activity you should try loading the trial version of PortExplorer which will give you a far better ability to make judgements on current activity. You can download it from here

http://www.diamondcs.com.au/portexplorer/downloads/pedemosetup.exe

Hope this helps,

Dan

-{ Quote: "Keep in mind that that facility will try to list every trojan or backdoor that has been known to use the port in question but is not necessarily confirming that one of these trojans is using that port." }-

Now that makes me feel better. Whew. I did the scans and nothing is in the machine. Thank you all. I am using the evailuatiuons of the programs, and will be buying as soon as my norton runs out.

Oh, is there any way to close all ports not in use by the games, or chat rooms?

Hi Greg,
-{ Quote: "Oh, is there any way to close all ports not in use by the games, or chat rooms? " }-
Port Explorer can close ports individually but so can many firewalls but you may have to dig into their manuals as to how to do it, with PE it is easy point and click.

>...as soon as my Norton runs out....
If you are using Norton Anti Virus and if you like it, keep it or replace it with some you like more.
NAV can not be completely replaced by TDS, as TDS is for trojans, worms, and lots of other nasties, but not for the virus part and JS nasties Norton and other specific AV products cover. So no reason to wait with TDS, keep it beside the other as an extra layer in security, protection, detection and for the many tools in it.
The DCS programs and tools together make security so much better and complete.

You don't use those two firewalls together at a time, I hope?
Dolf

There isnt a need to use two software firewalls at the same time. The potential for problems and conficts increases. Secondly, BlackIce is not a true firewall but more of an intrusion detection system. Do not rely on BlackIce for protection.