-
September 18th, 2003, 04:07 AM
#1
Junior Member
Help with Trojans!!!
For the love of God someone please tell me what is up with me having trojans all over my comp! My firewalls been goin' crazy and it tells me that i have trojans on drives i dont even have! Worst of all I know practically nothing about TCP/IP or trojans. So if any of you pros out there happen to be reading this I beg you PLEASE HELP ME!
-
September 18th, 2003, 04:14 AM
#2
http://www.moosoft.com/thecleaner/download.php
free 30 day trial fully functional should clean mess up - if firewall is blocking all connection attempts dont stress too much
v_Ln
-
September 18th, 2003, 04:16 AM
#3
well.. I would spend some time doing a bit of reading..
for example.. look at this thread (Memory's post)
http://www.antionline.com/showthread...hreadid=243829
get some trojan checkers along with an updated antivirus
-
September 18th, 2003, 04:25 AM
#4
if you can tell us exactly what your firewall is saying, it would be good.
When you say your firewall says you have trojans all over your computer on dirves you never knew you had, thats kinda vage.
Does your firewall say something like Default block deep throat trojan TCP inbound?
What kind of firewall do you have.
-
September 18th, 2003, 05:42 AM
#5
Member
there are 65535 ports stealth them or close them
go here and do a scan just for piece of mind.
http://www.pandasoftware.com
thats after you get rid of your trojans
-
September 18th, 2003, 05:58 AM
#6
For the love of God someone please tell me what is up with me having trojans all over my comp!
You probably downloaded them, listen to val, go get The Cleaner and run it and it will delete all the trojans on your computer.
My firewalls been goin' crazy and it tells me that i have trojans on drives i dont even have!
Yeah...thats not good, please be more specific like cheyenne said, we need your exact error message and we need to know what kind of firewall you are running, orelse we wont be able to help you out at all.
Worst of all I know practically nothing about TCP/IP or trojans.
A good place to learn about this kind of stuff is to search google.com i posted this post because thats all i wanted to tell you. Before you come to us, try to learn a little bit about your problem. Enter "free virus scanner" or something into google and search for it...most of the time, google will be able to answer your questions.
lastly, swampy, if trojans are already in the users machine, then closing ports wont really do anything, unless the trojans are relaying messages or something using a specific port, but then it would be stupid in my mind to shut down every port...you wouldnt be able to access the internet or play any online video games (what a shame that would be). Anyways, just download The Cleaner and run it, you shouldnt have to close any ports...
Support your right to arm bears.
^^This was the first video game which i played on an old win3.1 box
-
September 18th, 2003, 10:49 AM
#7
By any chance do you have file sharing enabled ??
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
-
September 19th, 2003, 03:34 AM
#8
Junior Member
thx guys i'lltry all these solutions and give you feedback as soon as i can. Once again if anyone has any questions about programming i can help, but I'll probably just tell you the same stuff everyone else does...ah well, it really bites bein a newb
-
September 20th, 2003, 05:37 AM
#9
Member
white eskimo
AntiOnline Jr. Member
Location: Land of the Free
Registered: May 2002
Posts: 166
lastly, swampy, if trojans are already in the users machine, then closing ports wont really do anything, unless the trojans are relaying messages or something using a specific port, but then it would be stupid in my mind to shut down every port...you wouldnt be able to access the internet or play any online video games (what a shame that would be). Anyways, just download The Cleaner and run it, you shouldnt have to close any ports...
KNOCK,NOCK McFLY http://www.ozcraft.com/scifidu/future.html Nobody said anything about shutting down port 80 or all of the ports for that matter.
"Closed" indicates that there is nothing listening at a specific port, so even if an attacker connects to your computer there will not be any server waiting there to allow the connection. This is analogous to shutting the door to your house, and locking it to the outside. No one can get in, but anyone can open the door (port) from the inside. This means that a program on your computer could simply open a "closed" port with no restrictions from the operating system.
"Blocked" ports are not only closed, but they are completely hidden (stealthed) to the world. This would be like shutting and locking your door, and then painting over it so no one can tell there is a door there. In general, not even programs on your computer can open the door if it is properly blocked.
We all know that each trojan likes a different port so wouldnt it make since to shut or stealth ports you dont use Mc Fly.
port 21 - Back Construction, Blade Runner, Doly Trojan, Fore, FTP trojan, Invisible FTP, Larva, WebEx, WinCrash
port 23 - Tiny Telnet Server (= TTS)
port 25 - Ajan, Antigen, Email Password Sender, Haebu Coceda (= Naebi), Happy 99, Kuang2, ProMail trojan, Shtrilitz, Stealth, Tapiras, Terminator, WinPC, WinSpy
port 31 - Agent 31, Hackers Paradise, Masters Paradise
port 41 - DeepThroat
port 59 - DMSetup
port 79 - Firehotcker
port 80 - Executor, RingZero
port 99 - Hidden Port
port 110 - ProMail Trojan
port 113 - Kazimas
port 119 - Happy 99
port 121 - JammerKillah
port 421 - TCP Wrappers
port 456 - Hackers Paradise
port 531 - Rasmin
port 555 - Ini-Killer, NeTAdmin, Phase Zero, Stealth Spy
port 666 - Attack FTP, Back Construction, Cain & Abel, Satanz Backdoor, ServeU, Shadow Phyre
port 911 - Dark Shadow
port 999 - DeepThroat, WinSatan
port 1001 - Silencer, WebEx
port 1010 - Doly Trojan
port 1011 - Doly Trojan
port 1012 - Doly Trojan
port 1015 - Doly Trojan
port 1024 - NetSpy
port 1042 - Bla
port 1045 - Rasmin
port 1090 - Xtreme
port 1170 - Psyber Stream Server, Streaming Audio trojan, Voice
port 1234 - Ultors Trojan
port 1243 - BackDoor-G, SubSeven, SubSeven Apocalypse
port 1245 - VooDoo Doll
port 1269 - Mavericks Matrix
port 1349 - BO DLL
port 1492 - FTP99CMP
port 1509 - Psyber Streaming Server
port 1600 - Shivka-Burka
port 1807 - SpySender
port 1981 - Shockrave
port 1999 - BackDoor, TtansScout
port 2000 - TransScout
port 2001 - TransScout
port 2002 - TransScout
port 2003 - TransScout
port 2004 - TransScout
port 2005 - TransScout
port 2023 - Ripper
port 2115 - Bugs
port 2140 - Deep Throat, The Invasor
port 2155 - Illusion Mailer
port 2283 - HVL Rat5
port 2565 - Striker
port 2583 - WinCrash
port 2600 - Digital RootBeer
port 2801 - Phineas Phucker
port 2989 - RAT
port 3024 - WinCrash
port 3128 - RingZero
port 3129 - Masters Paradise
port 3150 - Deep Throat, The Invasor
port 3459 - Eclipse 2000
port 3700 - Portal of Doom
port 3791 - Eclypse
port 3801 - Eclypse
port 4092 - WinCrash
port 4321 - BoBo
port 4567 - File Nail
port 4590 - ICQTrojan
port 5000 - Bubbel, Back Door Setup, Sockets de Troie
port 5001 - Back Door Setup, Sockets de Troie
port 5011 - One of the Last Trojans (OOTLT)
port 5031 - NetMetro
port 5321 - Firehotcker
port 5400 - Blade Runner, Back Construction
port 5401 - Blade Runner, Back Construction
port 5402 - Blade Runner, Back Construction
port 5550 - Xtcp
port 5512 - Illusion Mailer
port 5555 - ServeMe
port 5556 - BO Facil
port 5557 - BO Facil
port 5569 - Robo-Hack
port 5742 - WinCrash
port 6400 - The Thing
port 6669 - Vampyre
port 6670 - DeepThroat
port 6771 - DeepThroat
port 6776 - BackDoor-G, SubSeven
port 6912 - **** Heep (not port 69123!)
port 6939 - Indoctrination
port 6969 - GateCrasher, Priority, IRC 3
port 6970 - GateCrasher
port 7000 - Remote Grab, Kazimas
port 7300 - NetMonitor
port 7301 - NetMonitor
port 7306 - NetMonitor
port 7307 - NetMonitor
port 7308 - NetMonitor
port 7789 - Back Door Setup, ICKiller
port 8080 - RingZero
port 9400 - InCommand
port 9872 - Portal of Doom
port 9873 - Portal of Doom
port 9874 - Portal of Doom
port 9875 - Portal of Doom
port 9876 - Cyber Attacker
port 9878 - TransScout
port 9989 - iNi-Killer
port 10067 - Portal of Doom
port 10101 - BrainSpy
port 10167 - Portal of Doom
port 10520 - Acid Shivers
port 10607 - Coma
port 11000 - Senna Spy
port 11223 - Progenic trojan
port 12076 - Gjamer
port 12223 - Hack«99 KeyLogger
port 12345 - GabanBus, NetBus, Pie Bill Gates, X-bill
port 12346 - GabanBus, NetBus, X-bill
port 12361 - Whack-a-mole
port 12362 - Whack-a-mole
port 12631 - WhackJob
port 13000 - Senna Spy
port 16969 - Priority
port 17300 - Kuang2 The Virus
port 20000 - Millennium
port 20001 - Millennium
port 20034 - NetBus 2 Pro
port 20203 - Logged
port 21544 - GirlFriend
port 22222 - Prosiak
port 23456 - Evil FTP, Ugly FTP, Whack Job
port 23476 - Donald Dick
port 23477 - Donald Dick
port 26274 - Delta Source
port 29891 - The Unexplained
port 30029 - AOL Trojan
port 30100 - NetSphere
port 30101 - NetSphere
port 30102 - NetSphere
port 30303 - Sockets de Troi
port 30999 - Kuang2
port 31336 - Bo Whack
port 31337 - Baron Night, BO client, BO2, Bo Facil, BackFire, Back Orifice, DeepBO
port 31338 - NetSpy DK ,Back Orifice, DeepBO
port 31339 - NetSpy DK
port 31666 - BOWhack
port 31785 - Hack«a«Tack
port 31787 - Hack«a«Tack
port 31788 - Hack«a«Tack
port 31789 - Hack«a«Tack
port 31791 - Hack«a«Tack
port 31792 - Hack«a«Tack
port 33333 - Prosiak
port 33911 - Spirit 2001a
port 34324 - BigGluck, TN
port 40412 - The Spy
port 40421 - Agent 40421, Masters Paradise
port 40422 - Masters Paradise
port 40423 - Masters Paradise
port 40426 - Masters Paradise
port 47262 - Delta Source
port 50505 - Sockets de Troie
port 50766 - Fore, Schwindler
port 53001 - Remote Windows Shutdown
port 54320 - Back Orifice 2000
port 54321 - School Bus, Back Orifice 2000
port 60000 - Deep Throat
port 61466 - Telecommando
port 65000 - Devili
link so you can scan your ports:
http://scan.sygate.com/prescanfaq.html
oh and by the way eskimo I didnt think your post helped any with his question all you did was quote what others said and suggest google http://www.google.com/ like you were trying to flame some newbie its not like the guy was asking how he could be a
script kiddie pl.n.
The lowest form of cracker; script kiddies do mischief with scripts and programs written by others, often without understanding the exploit.
and the only thing he probably did wrong was not look at old post .
oh yeah heres a link for your mood eskimo
Mood: horny
Reason: i want ( . ) ( . )
Mood Updated:
09-03-2003 05:59 PM
http://www.adultfriendfinder.com/go/...08&ffz=p140122
oh and dont ever mention my screen name in the same paragraph that you refer someone to google.
Mr. wannabe Moderator/Quoter
-
September 20th, 2003, 11:26 AM
#10
Swampy_ finger..
As for your McFly swipe at White_Eskimo ..dont be such a childish Fuctard.. Growup Unless YOU expect US to treat you the same when WE think YOU are not exactly right,, Challenge others comments yes but be a rude little fart about it,,no..
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|