Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Help with Trojans!!!

  1. #1

    Angry Help with Trojans!!!

    For the love of God someone please tell me what is up with me having trojans all over my comp! My firewalls been goin' crazy and it tells me that i have trojans on drives i dont even have! Worst of all I know practically nothing about TCP/IP or trojans. So if any of you pros out there happen to be reading this I beg you PLEASE HELP ME!

  2. #2
    http://www.moosoft.com/thecleaner/download.php

    free 30 day trial fully functional should clean mess up - if firewall is blocking all connection attempts dont stress too much

    v_Ln

  3. #3
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210
    well.. I would spend some time doing a bit of reading..

    for example.. look at this thread (Memory's post)
    http://www.antionline.com/showthread...hreadid=243829

    get some trojan checkers along with an updated antivirus

  4. #4
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    if you can tell us exactly what your firewall is saying, it would be good.

    When you say your firewall says you have trojans all over your computer on dirves you never knew you had, thats kinda vage.

    Does your firewall say something like Default block deep throat trojan TCP inbound?

    What kind of firewall do you have.
    =

  5. #5
    there are 65535 ports stealth them or close them

    go here and do a scan just for piece of mind.

    http://www.pandasoftware.com

    thats after you get rid of your trojans
    Spread Firefox.

  6. #6
    Senior Member
    Join Date
    May 2002
    Posts
    344
    For the love of God someone please tell me what is up with me having trojans all over my comp!
    You probably downloaded them, listen to val, go get The Cleaner and run it and it will delete all the trojans on your computer.

    My firewalls been goin' crazy and it tells me that i have trojans on drives i dont even have!
    Yeah...thats not good, please be more specific like cheyenne said, we need your exact error message and we need to know what kind of firewall you are running, orelse we wont be able to help you out at all.

    Worst of all I know practically nothing about TCP/IP or trojans.
    A good place to learn about this kind of stuff is to search google.com i posted this post because thats all i wanted to tell you. Before you come to us, try to learn a little bit about your problem. Enter "free virus scanner" or something into google and search for it...most of the time, google will be able to answer your questions.

    lastly, swampy, if trojans are already in the users machine, then closing ports wont really do anything, unless the trojans are relaying messages or something using a specific port, but then it would be stupid in my mind to shut down every port...you wouldnt be able to access the internet or play any online video games (what a shame that would be). Anyways, just download The Cleaner and run it, you shouldnt have to close any ports...
    Support your right to arm bears.


    ^^This was the first video game which i played on an old win3.1 box

  7. #7
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    By any chance do you have file sharing enabled ??
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  8. #8
    thx guys i'lltry all these solutions and give you feedback as soon as i can. Once again if anyone has any questions about programming i can help, but I'll probably just tell you the same stuff everyone else does...ah well, it really bites bein a newb

  9. #9
    white eskimo
    AntiOnline Jr. Member

    Location: Land of the Free
    Registered: May 2002
    Posts: 166

    lastly, swampy, if trojans are already in the users machine, then closing ports wont really do anything, unless the trojans are relaying messages or something using a specific port, but then it would be stupid in my mind to shut down every port...you wouldnt be able to access the internet or play any online video games (what a shame that would be). Anyways, just download The Cleaner and run it, you shouldnt have to close any ports...

    KNOCK,NOCK McFLY http://www.ozcraft.com/scifidu/future.html Nobody said anything about shutting down port 80 or all of the ports for that matter.


    "Closed" indicates that there is nothing listening at a specific port, so even if an attacker connects to your computer there will not be any server waiting there to allow the connection. This is analogous to shutting the door to your house, and locking it to the outside. No one can get in, but anyone can open the door (port) from the inside. This means that a program on your computer could simply open a "closed" port with no restrictions from the operating system.
    "Blocked" ports are not only closed, but they are completely hidden (stealthed) to the world. This would be like shutting and locking your door, and then painting over it so no one can tell there is a door there. In general, not even programs on your computer can open the door if it is properly blocked.


    We all know that each trojan likes a different port so wouldnt it make since to shut or stealth ports you dont use Mc Fly.

    port 21 - Back Construction, Blade Runner, Doly Trojan, Fore, FTP trojan, Invisible FTP, Larva, WebEx, WinCrash
    port 23 - Tiny Telnet Server (= TTS)
    port 25 - Ajan, Antigen, Email Password Sender, Haebu Coceda (= Naebi), Happy 99, Kuang2, ProMail trojan, Shtrilitz, Stealth, Tapiras, Terminator, WinPC, WinSpy
    port 31 - Agent 31, Hackers Paradise, Masters Paradise
    port 41 - DeepThroat
    port 59 - DMSetup
    port 79 - Firehotcker
    port 80 - Executor, RingZero
    port 99 - Hidden Port
    port 110 - ProMail Trojan
    port 113 - Kazimas
    port 119 - Happy 99
    port 121 - JammerKillah
    port 421 - TCP Wrappers
    port 456 - Hackers Paradise
    port 531 - Rasmin
    port 555 - Ini-Killer, NeTAdmin, Phase Zero, Stealth Spy
    port 666 - Attack FTP, Back Construction, Cain & Abel, Satanz Backdoor, ServeU, Shadow Phyre
    port 911 - Dark Shadow
    port 999 - DeepThroat, WinSatan
    port 1001 - Silencer, WebEx
    port 1010 - Doly Trojan
    port 1011 - Doly Trojan
    port 1012 - Doly Trojan
    port 1015 - Doly Trojan
    port 1024 - NetSpy
    port 1042 - Bla
    port 1045 - Rasmin
    port 1090 - Xtreme
    port 1170 - Psyber Stream Server, Streaming Audio trojan, Voice
    port 1234 - Ultors Trojan
    port 1243 - BackDoor-G, SubSeven, SubSeven Apocalypse
    port 1245 - VooDoo Doll
    port 1269 - Mavericks Matrix
    port 1349 - BO DLL
    port 1492 - FTP99CMP
    port 1509 - Psyber Streaming Server
    port 1600 - Shivka-Burka
    port 1807 - SpySender
    port 1981 - Shockrave
    port 1999 - BackDoor, TtansScout
    port 2000 - TransScout
    port 2001 - TransScout
    port 2002 - TransScout
    port 2003 - TransScout
    port 2004 - TransScout
    port 2005 - TransScout
    port 2023 - Ripper
    port 2115 - Bugs
    port 2140 - Deep Throat, The Invasor
    port 2155 - Illusion Mailer
    port 2283 - HVL Rat5
    port 2565 - Striker
    port 2583 - WinCrash
    port 2600 - Digital RootBeer
    port 2801 - Phineas Phucker
    port 2989 - RAT
    port 3024 - WinCrash
    port 3128 - RingZero
    port 3129 - Masters Paradise
    port 3150 - Deep Throat, The Invasor
    port 3459 - Eclipse 2000
    port 3700 - Portal of Doom
    port 3791 - Eclypse
    port 3801 - Eclypse
    port 4092 - WinCrash
    port 4321 - BoBo
    port 4567 - File Nail
    port 4590 - ICQTrojan
    port 5000 - Bubbel, Back Door Setup, Sockets de Troie
    port 5001 - Back Door Setup, Sockets de Troie
    port 5011 - One of the Last Trojans (OOTLT)
    port 5031 - NetMetro
    port 5321 - Firehotcker
    port 5400 - Blade Runner, Back Construction
    port 5401 - Blade Runner, Back Construction
    port 5402 - Blade Runner, Back Construction
    port 5550 - Xtcp
    port 5512 - Illusion Mailer
    port 5555 - ServeMe
    port 5556 - BO Facil
    port 5557 - BO Facil
    port 5569 - Robo-Hack
    port 5742 - WinCrash
    port 6400 - The Thing
    port 6669 - Vampyre
    port 6670 - DeepThroat
    port 6771 - DeepThroat
    port 6776 - BackDoor-G, SubSeven
    port 6912 - **** Heep (not port 69123!)
    port 6939 - Indoctrination
    port 6969 - GateCrasher, Priority, IRC 3
    port 6970 - GateCrasher
    port 7000 - Remote Grab, Kazimas
    port 7300 - NetMonitor
    port 7301 - NetMonitor
    port 7306 - NetMonitor
    port 7307 - NetMonitor
    port 7308 - NetMonitor
    port 7789 - Back Door Setup, ICKiller
    port 8080 - RingZero
    port 9400 - InCommand
    port 9872 - Portal of Doom
    port 9873 - Portal of Doom
    port 9874 - Portal of Doom
    port 9875 - Portal of Doom
    port 9876 - Cyber Attacker
    port 9878 - TransScout
    port 9989 - iNi-Killer
    port 10067 - Portal of Doom
    port 10101 - BrainSpy
    port 10167 - Portal of Doom
    port 10520 - Acid Shivers
    port 10607 - Coma
    port 11000 - Senna Spy
    port 11223 - Progenic trojan
    port 12076 - Gjamer
    port 12223 - Hack«99 KeyLogger
    port 12345 - GabanBus, NetBus, Pie Bill Gates, X-bill
    port 12346 - GabanBus, NetBus, X-bill
    port 12361 - Whack-a-mole
    port 12362 - Whack-a-mole
    port 12631 - WhackJob
    port 13000 - Senna Spy
    port 16969 - Priority
    port 17300 - Kuang2 The Virus
    port 20000 - Millennium
    port 20001 - Millennium
    port 20034 - NetBus 2 Pro
    port 20203 - Logged
    port 21544 - GirlFriend
    port 22222 - Prosiak
    port 23456 - Evil FTP, Ugly FTP, Whack Job
    port 23476 - Donald Dick
    port 23477 - Donald Dick
    port 26274 - Delta Source
    port 29891 - The Unexplained
    port 30029 - AOL Trojan
    port 30100 - NetSphere
    port 30101 - NetSphere
    port 30102 - NetSphere
    port 30303 - Sockets de Troi
    port 30999 - Kuang2
    port 31336 - Bo Whack
    port 31337 - Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBO
    port 31338 - NetSpy DK ,Back Orifice, DeepBO
    port 31339 - NetSpy DK
    port 31666 - BOWhack
    port 31785 - Hack«a«Tack
    port 31787 - Hack«a«Tack
    port 31788 - Hack«a«Tack
    port 31789 - Hack«a«Tack
    port 31791 - Hack«a«Tack
    port 31792 - Hack«a«Tack
    port 33333 - Prosiak
    port 33911 - Spirit 2001a
    port 34324 - BigGluck, TN
    port 40412 - The Spy
    port 40421 - Agent 40421, Masters Paradise
    port 40422 - Masters Paradise
    port 40423 - Masters Paradise
    port 40426 - Masters Paradise
    port 47262 - Delta Source
    port 50505 - Sockets de Troie
    port 50766 - Fore, Schwindler
    port 53001 - Remote Windows Shutdown
    port 54320 - Back Orifice 2000
    port 54321 - School Bus, Back Orifice 2000
    port 60000 - Deep Throat
    port 61466 - Telecommando
    port 65000 - Devili

    link so you can scan your ports:

    http://scan.sygate.com/prescanfaq.html

    oh and by the way eskimo I didnt think your post helped any with his question all you did was quote what others said and suggest google http://www.google.com/ like you were trying to flame some newbie its not like the guy was asking how he could be a
    script kiddie pl.n.

    The lowest form of cracker; script kiddies do mischief with scripts and programs written by others, often without understanding the exploit.
    and the only thing he probably did wrong was not look at old post .

    oh yeah heres a link for your mood eskimo
    Mood: horny
    Reason: i want ( . ) ( . )
    Mood Updated:
    09-03-2003 05:59 PM

    http://www.adultfriendfinder.com/go/...08&ffz=p140122

    oh and dont ever mention my screen name in the same paragraph that you refer someone to google.

    Mr. wannabe Moderator/Quoter
    Spread Firefox.

  10. #10
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Swampy_ finger..

    As for your McFly swipe at White_Eskimo ..dont be such a childish Fuctard.. Growup Unless YOU expect US to treat you the same when WE think YOU are not exactly right,, Challenge others comments yes but be a rude little fart about it,,no..
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •