Gobs of Probs

[longarm]

I need some info and advice, please.

I've been having problems lately with viruses and Norton has stopped getting its updates (presumably from a virus that tells it 'done, you've been updated' when really it didn't even connect at all). I've downloaded Kazaa's Bullguard, and it detected at least one trojan. I do download a lot of stuff from Kazaa, Limewire, Winmx, etc., so, granted, I've been playing with fire, but so be it.

My question's are: which P2P/fileshare networks are the most notorious for viruses and hackers? Are Norton and McAfee etc., really effective, or are the hackers always one step ahead?

I've also had a couple instances lately where I'll be using a program (a game, Explorer, WinAmp, whatever) and suddenly it'll disappear as though it was never running at all. No freeze or stutter, no time while the computer is busy with something, no error message, no nothing, just BAM, desktop is staring at you. Weird. Anybody know what that's about?

I know these types of questions are beaten to death on a website like this, but any and all info or advice would be really welcome.

Thanks.

[phishphreek]

which P2P/fileshare networks are the most notorious for viruses and hackers?

all of them

Are Norton and McAfee etc., really effective, or are the hackers always one step ahead?

they help, but you can't rely just on antivirus.
Anyone can write a program... claim it is a crack when in fact it is a backdoor that in undetectable by antivirus and then take over your pc without you knowing

I would restart your computer, and run a netstat or use fport from www.foundstone.com

check to see what applications are listening for connections.

if you see something you don't recognize... do some research. find out what it is and why it is connecting.

if you are using all that p2p networks and don't even have a firewall installed... you are just asking for trouble. though a firewall won't help you 100%, they help.

Many p2p network software have holes in the software already... just waiting to be exploited.

since you can't do a scan with an up2date software... maybe checkout an online scan?
http://housecall.trendmicro.com/hous...start_corp.asp

there are tons of threads just like this one... so try to do a search using the search box in the top right corner of the AO main page....

[jacksun]

The fact that your sessions just disappear smells a lot like session hijacking to me. Someone just grabs your sessions right at your terminal and can continue on unimpeded with what you were doing including banking, online purchases, and your encypted channel if that was the case. My guess is you have more than just a virus, I would say you have a root kit sitting on your machine.
If you want my professional advice, if you don't know what is happening or what is on your machine you need to rebuild from scratch as everything including documents, programs, and other data is suspect at best, but most likely everything on your machine has been compromised.
A simple virus scan will not correct your problems, nor will a trojan scan. Your at the point where even an expert would elect to nuke this system from high orbit.

[longarm]

Thanks to both of you,

A couple of follow up questions, if that's okay.

Phishphreek, I'm connected on a router, which has an internal firewall, so assuming it's working properly I'm not downloading completely blind. But what's a netstat, or an fport, for that matter. Newbie am I.

And Jacksun, wow, is it really gone shitsville for me? I don't want to seem underparanoid (if thats a word, I know it's not cause I looked it up, it's one of those skills I learned in my schoooool...), but is there any other likely cause that you know of? What's a root kit? Some sort of hyper trojan?

If I'm going to scrap my system and start anew, how much backing up can Backup really give me, anyway.

Also, the friend who built my puter told me that usually video and audio files aren't what you need to worry about when downloading, but program files are the biggest problem. How much validity is there to his standpoint? I'm scanning all files, but do people really attach viruses and trojans to mp3s?

thanks again for all your help.

[antisecurityboy]

find information about Netstat and download at the following link

cheers

find information about Netstat and download at the following link

http://www.analogx.com/contents/down...etwork/nsl.htm

cheers

[rmlj63]

If I were you I would push the eject button and cut your losses. Anything you have such as software backups will be all you have. If that isn't an option, the best you can do is back up your files and pray that none of them are corrupted (its a long shot) and then nuke the virii and the rest of your system. If you experience the same problems after reloading all you backups. Toss the backups and kick yourself for not periodically backing up you most important files.

If it is a new virus and you can find it you can probably get someone to write a fix for it. I'm sure someone on the site has a link for that.

I'll let Jacksun answer about the root kit, but if that happened to you nuke is all you have left on them. Unless you really know specifics about what you have and where you got it.

[ZomBieMann77]

Im gonna have to go with everybody else on this on. Dont bother backing up any .EXE files just your important documents and the put your boot disk in reboot and start all over. Oh yea na d make a pot of cofee too. It might take a while. As far as the P2P goes i would find a more legitimet and trustworthy source for that kinda stuff. Like maybe go buy the CD or program. Dont feel bad. Anybody that tells you they have never had to nuke a system is lying. It happens to the best of us