Do You Know This One ?

Discussion in 'malware problems & news' started by Snowie, Jan 2, 2006.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Would almost suggest a system restore from before that download and try again.
    Port Explorer up, in case it happens spy on the sockets for all needed info.
    But block it after asap as you did now of course.
    It might have been a coincidence.
    You could also make an AutoStartViewer log and let Gavin have a look at it (f.e.)
    Maybe something piggybacked on your download, or like said above somebody didn't play by the rules, so spying on those connections doesn't hurt.
     
    Jooske, Jan 3, 2006
    #26
  2. Snowie

    Snowie Guest

    Jooske

    Your advice is most appreciated...thank you. I did install a backup made on 12/25/05 which reverted the system back to that date....an have not had any further issues since then.

    Yes, my guess is that something piggybacked into the system an was detected by the firewall before it could download anything........


    well, time to shut down for the night............


    warm regards

    snowie
     
    Snowie, Jan 3, 2006
    #27
  3. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    4,099
    Hi,

    Just a note: SpywareBlaster's setup is digitally signed, and the digital signature will be invalidated if anyone tries to modify it. (And Windows will warn you, if you have Windows XP SP2.)

    The Coral Distribution Network (that third link on the download page) basically provides a world-wide distributed network of machines (mostly hosted by educational institutions) that work together to provide fast mirroring of content (including downloads) to anyone. Lots of sites use Coral to mirror heavily-accessed content (for example, Slashdot frequently uses it to mirror links to stories).

    Your machine may be pinged or tracerouted when you click on the link, however that has a very important purpose - it helps to determine which of those machines is going to serve the file to you (i.e. it's trying to figure out which is the closest mirror, so you get the fastest download, and so the server can be ready to serve another user faster).

    I hope this helps. :)

    Best regards,

    -Javacool
     
    javacool, Jan 4, 2006
    #28
  4. controler

    controler Guest

    Hi

    I was thinking something similar except I thought when you clicked on a download link the file was delivered to your computer via multi servers at the same time and not just the one which was closest but I guess if this was the case, snowy would have seen a bunch of outbounds attemps to different servers at the same time. Istill wonder how he got all the outbound attemps without knowingly clicking on a download link

    Thanks for sharing that info Java.
     
    controler, Jan 4, 2006
    #29
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...