Computer with trojan

Discussion in 'Computer Security' started by phwashington@comcast.net, Sep 12, 2007.

  1. Guest

    I just was looking at a firewall and noticed that one of the computers
    was spitting out random requests to various computer ip addresses. I
    think that this is a pretty good sign that the computer has a trojan
    of some sort. Is there a way to track which program is creating this
    activity and get rid of it.
    I'm not exactly sure how this system got hacked. It has a firewall and
    anti-virus and is not used for email. The only thing I can think of
    was that skype was installed on it sometime back for testing purposes.
    The only thing I can thing of currently is to turn off all programs
    which are allowed to connect to the internet and see which ones start
    trying to converse and then gradually allowing ones I'd expect to be
    acceptable.
    Is there some software out there that would track which program is
    trying to communicate on the internet and trace the program.
    It doesn't seem to be that smart of a program, because it just keeps
    sending out these request to random IP's and ports. I would think
    that this might be a lot harder if it was doing this about once every
    five seconds instead of about 3 times per second.
    , Sep 12, 2007
    #1
    1. Advertising

  2. On Tue, 11 Sep 2007 21:56:25 -0700, ""
    <> wrote:

    >I just was looking at a firewall and noticed that one of the computers
    >was spitting out random requests to various computer ip addresses. I
    >think that this is a pretty good sign that the computer has a trojan
    >of some sort. Is there a way to track which program is creating this
    >activity and get rid of it.


    netstat - if you're lucky.

    >I'm not exactly sure how this system got hacked. It has a firewall and
    >anti-virus and is not used for email.


    How did you expect such thingies to prevent a system from getting
    hacked?

    >The only thing I can think of
    >was that skype was installed on it sometime back for testing purposes.
    >The only thing I can thing of currently is to turn off all programs
    >which are allowed to connect to the internet and see which ones start
    >trying to converse and then gradually allowing ones I'd expect to be
    >acceptable.
    >Is there some software out there that would track which program is
    >trying to communicate on the internet and trace the program.


    netstat, CurrPorts, TCPview..

    >It doesn't seem to be that smart of a program, because it just keeps
    >sending out these request to random IP's and ports. I would think
    >that this might be a lot harder if it was doing this about once every
    >five seconds instead of about 3 times per second.


    No matter whether your system is actually infected or not it's
    obviously in a state in which you are not in control. Your system is
    no longer trustworthy. Now flatten and rebuild and then implement a
    security concept.
    Straight Talk, Sep 12, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Joel Rubin
    Replies:
    2
    Views:
    667
  2. D@Z
    Replies:
    5
    Views:
    733
    Liza Smorgaborgsson
    Jan 30, 2006
  3. jamesa01
    Replies:
    2
    Views:
    458
    Steve
    Feb 27, 2006
  4. Au79
    Replies:
    1
    Views:
    373
    Plato
    Apr 29, 2006
  5. Lee
    Replies:
    10
    Views:
    1,409
    pcbutts1
    Nov 23, 2007
Loading...

Share This Page