PA
Fri Feb 27 21:33:01 CST 2004
tom c. wrote:
> I have been geeting chronic port scan attacks from remote
> address 127.0.0.1 port 20480 ever since I did Christmas
> shopping.How do I stop this and who do I report this to?I
> have a firewall that has intercepted all so far as I know
> but sooner or later???Thanks so much for any help.
Check your system for "hijackware":
Dealing with Hijackware
http://mvps.org/winhelp2002/unwanted.htm
http://www.mvps.org/inetexplorer/Darnit.htm#tshoot
http://aumha.org/a/parasite.htm
CoolWebSearch Chronicles
http://www.merijn.org/cwschronicles.html
You *must* seek updates for Ad-Aware, Spybot, etc., before each and every
use, even "right out of the box". But even then, they can't catch
everything. When all else fails, HijackThis
(
http://www.merijn.org/files/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware. **Post
your files to
http://forums.spywareinfo.com/ or the Spyware forum at
http://forum.aumha.org/ for expert analysis, not here.**
Also update your virus definitions and then run a full system scan. From
now on, do both daily.
[Many anti-spyware sites continue to suffer from a week-long DoS attack.
Alternative download pages for Ad-Aware, Spybot, HijackThis and CWShredder
may be found on this page:
http://aumha.org/a/parasite.htm.]
So How Did I Get Infected Anyway?
http://boards.cexx.org/viewtopic.php?t=957
--
HTH - Please Reply to This Thread
~Robear Dyer (PA Bear)
MS MVP-Windows (IE/OE), AH-VSOP
AumHa Forums
http://forum.mvps.org/
Protect Your PC
http://www.microsoft.com/security/protect