Skip to comments.
TECHNICAL SUPPORT QUERY - FIREWALL GETTING SLAMMED SO HARD THAT IE TIMES OUT
Posted on 09/30/2003 6:33:35 AM PDT by Chancellor Palpatine
Here is my problem:
Yesterday AM, my box at home (a P3 running WinMe) was running really slow. It is on a cable modem through Insight. I rebooted a couple of times, and unplugged the modem several times just to be able to open a browser. I figured it was just with them, and didn't bother with a trouble call.
After I got home from work, it was worse, so I called tech support. Only then did I look at my Zone Alarm, which showed an alarming number of hits (the tech guy was no help). I have been good about running McAfee and updating my definitions there and on Ad Aware - and ran scans with both. I also managed to update my Zone Alarm - which was showing huge hits (according to the tech guy, my attempted intrusions were coming worldwide - Europe, Asia, South America, according to the IPs of several of the thousands of attempted hits).
This morning, I booted up the home box, and in the space of about twenty minutes, nearly 4000 hits came in.
I called tech support again and asked if he could assign me a new IP - his suggestion was that I wait 48 hours or so and stay off the net (the modem is unplugged), and set the thing to change then - something about them giving up on me.
Also, McAfee found on "potentially unwanted" program related to adware that it can't clean, delete or quarantine, nor could I do it via "find". It is c:/_restore/archive/fs85.cab (Stinger didn't catch that at all).
I feel like there is some trojan or something in it, HELP!
TOPICS: Technical
KEYWORDS: technicalsupport
Navigation: use the links below to view more comments.
first 1-20, 21-31 next last
Comment #2 Removed by Moderator
To: Chancellor Palpatine
all that porn finally catching up with ya, is it...? ; )
3
posted on
09/30/2003 6:38:07 AM PDT
by
xsmommy
To: Chancellor Palpatine
Sounds like the Welchia worm.
Check the log file of your firewall and look to see how many hits came through on port 135, also check to see if there are any errors defining the cache or buffer as being full.
If this is the case, there is a removal tool at Symantec, McAfee may also provide a tool.
Good Luck
4
posted on
09/30/2003 6:38:36 AM PDT
by
HEY4QDEMS
To: Poohbah; Bush2000
Oh, and when the computer was off, the moment I plugged in the modem, the "cable activity" light flickered like a strobe in a disco.
5
posted on
09/30/2003 6:40:32 AM PDT
by
Chancellor Palpatine
(....try weasel, the other yellow meat....)
To: William Creel
There was no one particular port that was being targeted, the tech guy had me browse the list for that. Not a lot of similarity, but as I said, there were thousands of hits.
6
posted on
09/30/2003 6:42:12 AM PDT
by
Chancellor Palpatine
(....try weasel, the other yellow meat....)
Comment #7 Removed by Moderator
Comment #8 Removed by Moderator
To: Chancellor Palpatine
Search the net on the "...potentially related to adaware" program.
I seem to remember a virus or trojan that renames itself as an adaware file or something like an adaware file.
9
posted on
09/30/2003 6:43:08 AM PDT
by
VeniVidiVici
(There is nothing Democratic about the Democrat party.)
To: HEY4QDEMS
I'll check that when I get home. Thanks.
To: Chancellor Palpatine
I need your current IP in order to lend assistance.
hehehe.
11
posted on
09/30/2003 6:44:36 AM PDT
by
Registered
(Gray Davis won't be baaaaahhck)
To: William Creel
I'll check that when I get home. Its an interesting sort of thing - but frustrating as all hell.
To: Registered
Hell, every hacker in the world has it now. What is one more, LOL.
To: Chancellor Palpatine
Boot into safe mode and do a virus scan
Remove any file-sharing software on your computer
14
posted on
09/30/2003 6:45:23 AM PDT
by
AppyPappy
(If You're Not A Part Of The Solution, There's Good Money To Be Made In Prolonging The Problem.)
To: AppyPappy
I think he should slap a shipping label on it and send it your way.
15
posted on
09/30/2003 6:46:31 AM PDT
by
Registered
(Gray Davis won't be baaaaahhck)
To: AppyPappy
I already killed WinMx (of course, even though I thought I killed it, I still keep finding chunks of Kazaa floating around). As far as I know, WinMx was the only file sharer I had left on that box.
To: Chancellor Palpatine
Have you've thought about getting a router after determining that you don't have a virus? It should be part of your firewall.
17
posted on
09/30/2003 6:48:05 AM PDT
by
John123
(No, I certainly haven't forgotten!)
To: Registered
Thats a nicer idea than the one I had this morning - it involved the driveway, that laptop, and my sledgehammer.
To: HEY4QDEMS
To: John123
I had almost gotten a router for it a couple of years ago for that very reason, but got sold on the idea of software only by somebody (and if I ever remember who that somebody was, I'll brain them).
Navigation: use the links below to view more comments.
first 1-20, 21-31 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson