HELP QUICK LOL

Discussion in 'Trojan Defence Suite' started by pazuzu, Dec 4, 2003.

Thread Status:
Not open for further replies.
  1. pazuzu

    pazuzu Registered Member

    Joined:
    Nov 26, 2003
    Posts:
    27
    Location:
    N Z
    infection

    i have just confgured tds to stmtp (thx jooske :D) upon
    receving some mail i closed off these ports but think i am infected w slammer worm and one called vb bubble on tcp interrogation , tried taking screenshot but i dunno where its gone grr . please help . pazuzu , sql patch fails to respond upon loading ?? any tips ...
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    What makes you think you could be infected? Did a scan alarm on anything?
     
  3. pazuzu

    pazuzu Registered Member

    Joined:
    Nov 26, 2003
    Posts:
    27
    Location:
    N Z
    yes i saw arbitrary code and the word slammer . i do not program , ie6 keeps getting knocked over , opera now , lol ha . i think slammer is trying to "phone home"
    the actual words were virus detected . and then coding .
    recieving a lot of malformed/crafted pkts since posting here lol ? oh well . but have asviewer results and tds logs for 2 days submitted to support. do'nt really want to fdisk , but alas who knows , as always ty .. time for portscan i think
     

    Attached Files:

    • log.txt
      File size:
      299 bytes
      Views:
      585
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Is this from your firewall?
    A portscan on a certain port doesn't mean immediately you're infected.

    At least make sure your firewall is up, you might like to test your ports at grc.com -shieldsup and all available tests including all ports you like especially to be tested.
    As TDS doesn't detect viruses, which program warned and what did you do then?

    At least try one of the online scans as a second opinion; during that you best close your installed av/at (tds is not necessary as it doesn't run resident)
    and you might like not to set the online scans for automatic cleaning but do that afterwards once you know the results log.
     
  5. Lana irwin

    Lana irwin Guest

    How do I enable or find firewall protection o_O
     
  6. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Hi Lana

    Welcome to wilders :D


    If u need firewall help start a new post here

    http://www.wilderssecurity.com/index.php?board=23




    Snowbound
     
  7. pazuzu

    pazuzu Registered Member

    Joined:
    Nov 26, 2003
    Posts:
    27
    Location:
    N Z
    hi jooske thanks for a speedy reply , yes it was a fwall log . but i did a TDS environment settings check and it came up there . been offline for a couple , duh @ me for not setting 1 bios setting to enable instead of auto lol , modem of course lol . i was using trend's pc-cillin , but alas their customer support sux , so have gone back to good ol' AVG . clean now , downloding spyware guard and mru blaster , Thanx Javacool . and wilders :D
     
Thread Status:
Not open for further replies.