Re: Is this a trojan tryng to send a message out ?
- From: Jonah <jonah123@xxxxxxxxxxx>
- Date: Fri, 26 May 2006 22:44:32 +0100
On Fri, 26 May 2006 20:51:54 +0200, "Dave Neve"
<NoAddressForSpammers@xxxxxxxx> wrote:
HiWhatever it is you did not get rid of it, probably is a trojan but
I suspect that I have got a trojan in my computer after having downloaded a
freebie.
My anti virus warned me and I got rid of it with SmitfraudFix.
But when I start up, the suspected program still tries to send a message out
thru IE.
The details (according to Kerio firewall) are
Distant Localhost 127.0.0.1 Port 1038
Distant details TCP local port 1039 and 1040
What surprises me are the local host adresses but I don't really know much
about TCP protocol.
Is this really an outgoing call or just some sort of legitimate activity at
startup for this software.
The software has no real reason to access Internet as it is just a type of
keyboard shortcut software (but I wonder if it is actually logging keyboard
activity?)
Thanks in advance
Dave Neve
PS I did try the IE group but surprisingly had little help
even if it is innocent you still need to ensure your PC is not
compromised.
Try this link - courtesy of David J Lipman who is one of the best
security posters around.
http://claymania.com/removal-trojan-adware.html
and go and have a look at
microsoft.public.security.homeusers
There are many posts in there with great anti malware advice Tell them
exactly what the malware is reported as and you will get a more
specific answer.
IE group? nobody with any sense uses IE any more for general
browsing 8-) get Firefox and add the "noscript" enhancement.
Jonah
.
- References:
- Is this a trojan tryng to send a message out ?
- From: Dave Neve
- Is this a trojan tryng to send a message out ?
- Prev by Date: Re: Windows XP is starting up
- Next by Date: Re: *I NEED HELP ON GHOST RECON!!!
- Previous by thread: Is this a trojan tryng to send a message out ?
- Next by thread: Registry help
- Index(es):
Relevant Pages
|
