Home > Can Someone > Can Someone Please Check This Hijackthis Log.and Answer Question About Firewall?

Can Someone Please Check This Hijackthis Log.and Answer Question About Firewall?

You can find hosts file in Windows 2000 and WindowsXP under C:\windows\system32\drivers\etc folder and in Windows95/98/ME under C:\windows folder. The last port (seen by your provider) was that port shown and it was immendiately directed to the http/https traffic when it left their server(s). You can do this by going to "Network Connection" etc. Asked: July 29, 20085:45 PM Last updated: October 17, 20168:09 PM Related Questions How to know if someone is hacking into my computer Hack into phone through Google+ Stream Hacked whilst navigate to this website

I thought it was just a virus. But again, its removal did nothing to change the connection attempts. Tomorrow I am going to chisel my XP system out from the protection I have it behind to do some checking for a few other problems I am helping out with. However, some clever hacker might use similiar programs to spy on your network connection by making your computer phone him and he then contacts your real ISP, making him sitting between

It will notify you on ALL changes on those files and it is impossible for any virus/trojan to hide itself in your computer from this program. Note that the .NET Framework is included with Windows 7 and available on Windows Update with older OSes. as resident, real-time AV. Are you phonelines wiretapped?

  1. First thing what to do after you have secured your connection, is to run full antivirus.
  2. Several functions may not work.
  3. Ask a question, help others, and get answers from the community Discussions Start a thread and discuss today's topics with top experts Blogs Read the latest tech blogs written by experienced
  4. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
  5. Sixth way of redirecting your network traffic is to hijack your phonelines or WLAN connection.
  6. Or Allow logon through Remote Desktop Services.
  7. Can't attach files to my email contined thread PC hijacked?

After pointing your browser to the SEPM console, you will need to specify the credentials that you were provided. Message Edited by Oldsod on 04-23-2008 04:37 PM oldsodApril 23rd, 2008, 09:30 AMReally the best and most honest check to see what is actually leaving the desktop is just a simple It is usually done just to harrash or revenge you since it isnt a real "threat" to your computer, unless you are the source of such attack! Anyway, you should be sceptical, even paranoid.

I saw in TCPViewer these adservers that were connecting, so I wrote rules.) That's why I asked you (or anyone else) to try the rules and then watch your Program alerts On the other pc it is just svchost.exe that is doing all the connection attempts. Please check Scarlett's HJT Log Trojan Horse....Help ebuyer.com offline? It seems like a fact of life on the net.

I have only ever used Zonealarms, so I am going to reinstal it with crossed fingers. Back to topWhat can I expect from RADS? I wouldn't go past 30 minutes because the log will be huge. If you discover that you have been spyed upon like this, concider EVERYTHING compromised.

You can save logs from earlier scanning to remind you what is supposed to be there so you can later compare the results and remove the unwanted stuff. Antivirus software that is not updated is prettymuch useless since it cannot detect latest viruses, so it is VERY IMPORTANT to always have updated and running antivirus on your computer! Usually, dont bother. All of the outgoing contact attempts I posted about have stopped.

proxy server question Powered by vBulletin Version 4.2.2 Copyright © 2017 vBulletin Solutions, Inc. useful reference I have rebooted and run HijackThis and here is the log: Logfile of HijackThis v1.99.1Scan saved at 08:01:29, on 4/21/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Following Follow Security Thanks! Or some virus or worm has "exploded" in your system.

When creating the rule, do not write the site as www-google-analytics.l.google . Back to topHow does RADS work? What can I do?Symantec Endpoint Protection AdministrationWhat is SEPM? my review here Message Edited by Oldsod on 04-23-2008 08:01 PM snagglegrainApril 24th, 2008, 10:54 AM


Oldsod wrote: Ok That is more clear to me now.

Some trojans could simply add hackers server as your proxy to all communications and therefore easily snoop, alter or bash your connection to any sites you visit. Please be carefull before you jump into conclusions here: 99% of all firewall alerts (atleast in ZoneAlarm) are not real "alerts" meaning that someone is actually trying to connect to your BDFree Edition is an on-demand virus scanner, which is best used in a system recovery or forensics role.

That's what the forums are here for.

If you are target for DoS, it just prevents you (and perhaps dozens other people too since they can share your connection somehow) from using the net. I ran the dnsstuff.com aboutyou that you linked for me and it gave different ports each time I ran it (twice).

oldsodApril 23rd, 2008, 12:56 PMThe browser user agent will say In addition, Minibug is not present on my other computer, and it is still exhibiting the same behavior I have described on this computer. Logfile of HijackThis v1.99.1Scan saved at 00:50:44, on 4/22/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exeC:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton SystemWorks\Norton

It might be hard or it might be very easy. I can also RDP into this machine from outside my home using my public IP address. They both require Internet Explorer and those pages being putted to "Trusted sites zone" inorder to work. get redirected here The Destination DNS will then show www-google-analytics.l.google in the Log Viewer.

To answer your question (what do you have installed from Google?), I have GoogleEarth. Everything! However, if you get very strange hits to your firewall from inside your computer to out, then it is very important to disconnect to make sure that whatever it is, and Perhaps there is a firefox/thunderbird installed or updaters for the google applications (such as earth, maps, google desktop search, google browser search engines, google home pages, firefox, etc) enabled to run?

Make sure you have the latest Windows Updates and security software updates New vulnerabilities are discovered everyday therefore it is good to make sure that you have the latest Windows updates I spend a few hours a day. As soon as I deleted the Host file entries, I was back in business. Here are my firewall logs so you can check it out………..…….

Thanks for any assistance! You can download the tool as part of the Support Tool from this link and you can access the link at any time from the SEP console by clicking 'Help and