HELP QUICK LOL

pazuzu · #1 December 4th, 2003, 04:08 PM

infection

i have just confgured tds to stmtp (thx jooske

) upon
receving some mail i closed off these ports but think i am infected w slammer worm and one called vb bubble on tcp interrogation , tried taking screenshot but i dunno where its gone grr . please help . pazuzu , sql patch fails to respond upon loading ?? any tips ...

Jooske · #2 December 4th, 2003, 04:14 PM

What makes you think you could be infected? Did a scan alarm on anything?

pazuzu · #3 December 4th, 2003, 04:59 PM

Quote:

quoting: Jooske link=board=5;threadid=17292;start=0#msg106899 date=1070572484]
What makes you think you could be infected? Did a scan alarm on anything?

yes i saw arbitrary code and the word slammer . i do not program , ie6 keeps getting knocked over , opera now , lol ha . i think slammer is trying to "phone home"
the actual words were virus detected . and then coding .
recieving a lot of malformed/crafted pkts since posting here lol ? oh well . but have asviewer results and tds logs for 2 days submitted to support. do'nt really want to fdisk , but alas who knows , as always ty .. time for portscan i think

Jooske · #4 December 4th, 2003, 05:58 PM

Is this from your firewall?
A portscan on a certain port doesn't mean immediately you're infected.

At least make sure your firewall is up, you might like to test your ports at grc.com -shieldsup and all available tests including all ports you like especially to be tested.
As TDS doesn't detect viruses, which program warned and what did you do then?

At least try one of the online scans as a second opinion; during that you best close your installed av/at (tds is not necessary as it doesn't run resident)
and you might like not to set the online scans for automatic cleaning but do that afterwards once you know the results log.

#5 December 4th, 2003, 08:39 PM

How do I enable or find firewall protection

snowbound · #6 December 4th, 2003, 08:46 PM

Hi Lana

Welcome to wilders

If u need firewall help start a new post here

http://www.wilderssecurity.com/index.php?board=23

Snowbound

pazuzu · #7 December 8th, 2003, 07:07 PM

Quote:

quoting: Jooske link=board=5;threadid=17292;start=0#msg106944 date=1070578734]
Is this from your firewall?
A portscan on a certain port doesn't mean immediately you're infected.

At least make sure your firewall is up, you might like to test your ports at grc.com -shieldsup and all available tests including all ports you like especially to be tested.
As TDS doesn't detect viruses, which program warned and what did you do then?

At least try one of the online scans as a second opinion; during that you best close your installed av/at (tds is not necessary as it doesn't run resident)
and you might like not to set the online scans for automatic cleaning but do that afterwards once you know the results log.

hi jooske thanks for a speedy reply , yes it was a fwall log . but i did a TDS environment settings check and it came up there . been offline for a couple , duh @ me for not setting 1 bios setting to enable instead of auto lol , modem of course lol . i was using trend's pc-cillin , but alas their customer support sux , so have gone back to good ol' AVG . clean now , downloding spyware guard and mru blaster , Thanx Javacool . and wilders

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search