 |
|
|
|
Next: Ad-Aware SE
|
| Author |
Message |
External
Since: Feb 03, 2008
Posts: 5
|
(Msg. 1) Posted: Sun Feb 03, 2008 4:53 pm
Post subject: Just 12 minutes
Archived from groups: alt>comp>anti-virus (more info?)
|
|
|
I'm sure many here are very familiar with the notion that there is "a
50% chance of being infected by an internet worm in just 12 minutes of
being online using an unprotected, unpatched Windows PC." As many of you
know, this is a direct quote from a Sophos press release from July 1,
2005:
http://www.sophos.com/pressoffice/news/articles/2005/07/pr_uk_midyearr...dup2005
Sophos got a lot of mileage from this press release. An interesting side
effect I've seen is newsgroup posts warning users of the dangers of
going online to patch an older, pre-SP2 version of Windows XP because it
will take more than 12 minutes, leaving many vulnerable to malware
infestation. Obviously, there are ways around this: download the entire
service pack (using another PC) and burning a disk so that SP2 may be
applied while the PC is offline and safe. Or users may get the
equivalent disk from Microsoft for a nominal fee.
But this begs the question: For the majority of people who choose to
obtain SP2 through automatic updates, *how* vulnerable are they exactly?
Of course, for those running SP1 or Gold, Messenger Service (which is on
by default) can be manually turned off. But again, for the majority of
people who have performed a clean installation without knowing to turn
off specific services, how vulnerable are their PCs?
I'm sure the study referenced in the press release talks about averages
and includes people who don't patch their systems and don't practice
other modes of safe hex. Messenger spam arriving informing a gullible
person that they have spyware or registry problems has happened many,
many times. People clicking on links in e-mails when they shouldn't be
doing so... well, you get the picture.
But what about a PC on the Internet that is not doing anything but
sitting there? Without the benefit of a firewall, hackers/bots can
attempt to do damage, for sure. But without any user input, is this
12-minute figure reasonable? Or is it more a case of marketing hype?
Specifically, what specifically can happen to an unpatched system,
assuming there is no user input (clicking on links, OK buttons in pop-up
windows, etc.)? Are there worms that can do damage this way, and if so,
what are they and what is the mechanism by which they infect a PC? How
common is real-time hacking in this sort of situation? |
|
| Back to top |
|
 | |
External
Since: Jul 04, 2003
Posts: 1735
|
(Msg. 2) Posted: Sun Feb 03, 2008 10:15 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
From: "Daave" <dcwashNOSPAM.TakeThisOut@myrealboxXYZ.invalid>
| I'm sure many here are very familiar with the notion that there is "a
| 50% chance of being infected by an internet worm in just 12 minutes of
| being online using an unprotected, unpatched Windows PC." As many of you
| know, this is a direct quote from a Sophos press release from July 1,
| 2005:
|
| http://www.sophos.com/pressoffice/news/articles/2005/07/pr_uk_midyearr...dup2005
|
| Sophos got a lot of mileage from this press release. An interesting side
| effect I've seen is newsgroup posts warning users of the dangers of
| going online to patch an older, pre-SP2 version of Windows XP because it
| will take more than 12 minutes, leaving many vulnerable to malware
| infestation. Obviously, there are ways around this: download the entire
| service pack (using another PC) and burning a disk so that SP2 may be
| applied while the PC is offline and safe. Or users may get the
| equivalent disk from Microsoft for a nominal fee.
|
| But this begs the question: For the majority of people who choose to
| obtain SP2 through automatic updates, *how* vulnerable are they exactly?
| Of course, for those running SP1 or Gold, Messenger Service (which is on
| by default) can be manually turned off. But again, for the majority of
| people who have performed a clean installation without knowing to turn
| off specific services, how vulnerable are their PCs?
|
| I'm sure the study referenced in the press release talks about averages
| and includes people who don't patch their systems and don't practice
| other modes of safe hex. Messenger spam arriving informing a gullible
| person that they have spyware or registry problems has happened many,
| many times. People clicking on links in e-mails when they shouldn't be
| doing so... well, you get the picture.
|
| But what about a PC on the Internet that is not doing anything but
| sitting there? Without the benefit of a firewall, hackers/bots can
| attempt to do damage, for sure. But without any user input, is this
| 12-minute figure reasonable? Or is it more a case of marketing hype?
| Specifically, what specifically can happen to an unpatched system,
| assuming there is no user input (clicking on links, OK buttons in pop-up
| windows, etc.)? Are there worms that can do damage this way, and if so,
| what are they and what is the mechanism by which they infect a PC? How
| common is real-time hacking in this sort of situation?
|
Using a NAT Router will mitigate the BOT/Worm threat as well as hacking attempts.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
|
| Back to top |
|
| |
External
Since: Feb 03, 2008
Posts: 5
|
(Msg. 3) Posted: Sun Feb 03, 2008 10:15 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
David H. Lipman wrote:
> From: "Daave" <dcwashNOSPAM DeleteThis @myrealboxXYZ.invalid>
>
>> I'm sure many here are very familiar with the notion that there is "a
>> 50% chance of being infected by an internet worm in just 12 minutes
>> of
>> being online using an unprotected, unpatched Windows PC." As many of
>> you
>> know, this is a direct quote from a Sophos press release from July 1,
>> 2005:
>>
>>
http://www.sophos.com/pressoffice/news/articles/2005/07/pr_uk_midyearr...dup2005
>>
>> Sophos got a lot of mileage from this press release. An interesting
>> side
>> effect I've seen is newsgroup posts warning users of the dangers of
>> going online to patch an older, pre-SP2 version of Windows XP
>> because it
>> will take more than 12 minutes, leaving many vulnerable to malware
>> infestation. Obviously, there are ways around this: download the
>> entire
>> service pack (using another PC) and burning a disk so that SP2 may be
>> applied while the PC is offline and safe. Or users may get the
>> equivalent disk from Microsoft for a nominal fee.
>>
>> But this begs the question: For the majority of people who choose to
>> obtain SP2 through automatic updates, *how* vulnerable are they
>> exactly?
>> Of course, for those running SP1 or Gold, Messenger Service (which
>> is on
>> by default) can be manually turned off. But again, for the majority
>> of
>> people who have performed a clean installation without knowing to
>> turn
>> off specific services, how vulnerable are their PCs?
>>
>> I'm sure the study referenced in the press release talks about
>> averages
>> and includes people who don't patch their systems and don't practice
>> other modes of safe hex. Messenger spam arriving informing a gullible
>> person that they have spyware or registry problems has happened many,
>> many times. People clicking on links in e-mails when they shouldn't
>> be
>> doing so... well, you get the picture.
>>
>> But what about a PC on the Internet that is not doing anything but
>> sitting there? Without the benefit of a firewall, hackers/bots can
>> attempt to do damage, for sure. But without any user input, is this
>> 12-minute figure reasonable? Or is it more a case of marketing hype?
>> Specifically, what specifically can happen to an unpatched system,
>> assuming there is no user input (clicking on links, OK buttons in
>> pop-up
>> windows, etc.)? Are there worms that can do damage this way, and if
>> so,
>> what are they and what is the mechanism by which they infect a PC?
>> How
>> common is real-time hacking in this sort of situation?
>>
>
> Using a NAT Router will mitigate the BOT/Worm threat as well as
> hacking attempts.
This is certainly true.
Not that I'm advocating that computer users not take proper precautions,
but I'm just curious if someone who has an ordinary modem and is not
running a software firewall, etc. will be in danger of being infected
within 12 minutes as is commonly believed, and if so, what is the
mechanism by which this can happen? In my scenario, the PC is just
sitting idle. Or sitting at Windows Update.  >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Sep 24, 2006
Posts: 22
|
(Msg. 4) Posted: Sun Feb 03, 2008 10:44 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"Daave" <dcwashNOSPAM.TakeThisOut@myrealboxXYZ.invalid> wrote in message
news:L9CdnYQXVsWqpDvanZ2dnUVZ_uevnZ2d@cavtel.net...
> I'm sure many here are very familiar with the notion that there is "a
> 50% chance of being infected by an internet worm in just 12 minutes of
> being online using an unprotected, unpatched Windows PC." As many of you
> know, this is a direct quote from a Sophos press release from July 1,
> 2005:
>
> http://www.sophos.com/pressoffice/news/articles/2005/07/pr_uk_midyearr...dup2005
>
> Sophos got a lot of mileage from this press release. An interesting side
> effect I've seen is newsgroup posts warning users of the dangers of
> going online to patch an older, pre-SP2 version of Windows XP because it
> will take more than 12 minutes, leaving many vulnerable to malware
> infestation. Obviously, there are ways around this: download the entire
> service pack (using another PC) and burning a disk so that SP2 may be
> applied while the PC is offline and safe. Or users may get the
> equivalent disk from Microsoft for a nominal fee.
>
> But this begs the question: For the majority of people who choose to
> obtain SP2 through automatic updates, *how* vulnerable are they exactly?
> Of course, for those running SP1 or Gold, Messenger Service (which is on
> by default) can be manually turned off. But again, for the majority of
> people who have performed a clean installation without knowing to turn
> off specific services, how vulnerable are their PCs?
>
> I'm sure the study referenced in the press release talks about averages
> and includes people who don't patch their systems and don't practice
> other modes of safe hex. Messenger spam arriving informing a gullible
> person that they have spyware or registry problems has happened many,
> many times. People clicking on links in e-mails when they shouldn't be
> doing so... well, you get the picture.
>
> But what about a PC on the Internet that is not doing anything but
> sitting there? Without the benefit of a firewall, hackers/bots can
> attempt to do damage, for sure. But without any user input, is this
> 12-minute figure reasonable? Or is it more a case of marketing hype?
> Specifically, what specifically can happen to an unpatched system,
> assuming there is no user input (clicking on links, OK buttons in pop-up
> windows, etc.)? Are there worms that can do damage this way, and if so,
> what are they and what is the mechanism by which they infect a PC? How
> common is real-time hacking in this sort of situation?
>
>
I have seen XP computers infected the during the oobe on first boot.
Technically Windows isn't even installed until the oobe is finished. There
are many worms that will infect an unprotected Windows computer connected
directly to the Internet. Simply inserting a NAT router into the equation
stops them. Most of these types of worms exploit an old LSASS vulnerability
and require no user input to infect a computer.
http://www.google.com/search?hl=en&q=lsass+worm
--
Kerry Brown >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1735
|
(Msg. 5) Posted: Sun Feb 03, 2008 11:00 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
From: "Daave" <dcwashNOSPAM RemoveThis @myrealboxXYZ.invalid>
|
| This is certainly true.
|
| Not that I'm advocating that computer users not take proper precautions,
| but I'm just curious if someone who has an ordinary modem and is not
| running a software firewall, etc. will be in danger of being infected
| within 12 minutes as is commonly believed, and if so, what is the
| mechanism by which this can happen? In my scenario, the PC is just
| sitting idle. Or sitting at Windows Update.
|
Unfortunately -- yes.
There are various mechanisms.
When a Win32 PC is connected to the Internet TCP ports are open for various communication
reasons such as RPC, DCOM, NetBIOS over IP, etc.
When there is an unpatched vulnerability a worm infected PC on the Internet may "test" the
ports for vulnerbilities and then exploit them and thus "worm" their way into the computer.
Such bots as; RBot, SDBot, GAObot use mult-facted infection vectors. That is they won't
try to test one port and one vulnerability but will test a myriad of ports and
vulnerabilities.
Then there is the case of software that was installed on said computer and is loaded
automatically or by a service and the BOTs/worms may test for vulnerabilities in them as
well.
So, an unpatched PC just sitting idle and connected to the Internet will increase the
probability of an infection. Then there is the case of a patched PC that still has
vulnerabilities but a patch has not been release yet.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Feb 03, 2008
Posts: 5
|
(Msg. 6) Posted: Sun Feb 03, 2008 11:19 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
David H. Lipman wrote:
> From: "Daave" <dcwashNOSPAM.DeleteThis@myrealboxXYZ.invalid>
>
>
>>
>> This is certainly true.
>>
>> Not that I'm advocating that computer users not take proper
>> precautions,
>> but I'm just curious if someone who has an ordinary modem and is not
>> running a software firewall, etc. will be in danger of being infected
>> within 12 minutes as is commonly believed, and if so, what is the
>> mechanism by which this can happen? In my scenario, the PC is just
>> sitting idle. Or sitting at Windows Update.
>>
>
> Unfortunately -- yes.
>
> There are various mechanisms.
>
> When a Win32 PC is connected to the Internet TCP ports are open for
> various communication reasons such as RPC, DCOM, NetBIOS over IP, etc.
>
> When there is an unpatched vulnerability a worm infected PC on the
> Internet may "test" the ports for vulnerbilities and then exploit
> them and thus "worm" their way into the computer. Such bots as;
> RBot, SDBot, GAObot use mult-facted infection vectors. That is they
> won't try to test one port and one vulnerability but will test a
> myriad of ports and vulnerabilities.
>
> Then there is the case of software that was installed on said
> computer and is loaded automatically or by a service and the
> BOTs/worms may test for vulnerabilities in them as well.
>
> So, an unpatched PC just sitting idle and connected to the Internet
> will increase the probability of an infection. Then there is the
> case of a patched PC that still has vulnerabilities but a patch has
> not been release yet.
Thanks for the explanation.
Is a PC running with a limited user account just as vulnerable? >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Mar 04, 2006
Posts: 50
|
(Msg. 7) Posted: Mon Feb 04, 2008 1:25 am
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Sun, 03 Feb 2008 23:19:09 -0500, Daave <dcwashNOSPAM DeleteThis @myrealboxxyz.invalid> wrote:
> Is a PC running with a limited user account just as vulnerable?
Yes, because the exploitable processes, are running with admin
privileges. If you want a secure computer, do not run any software
from Microsoft!
Regards, Dave Hodgins
--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.) >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Jan 31, 2004
Posts: 241
|
(Msg. 8) Posted: Mon Feb 04, 2008 1:31 am
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"Daave" wrote:
> but I'm just curious if someone who has an ordinary modem and is not
> running a software firewall, etc. will be in danger of being infected
> within 12 minutes as is commonly believed,
I am that person! When the Swen worm first appeared some years ago I
was infected within seconds of going online. I didn't know about it or
the patch that had been released because I'd been abroad for a while
and hadn't been keeping the system up to date.
> and if so, what is the mechanism by which this can happen?
It happens because in Windows NT, by default, there are certain
network services running with ports open listening for incoming
traffic. This is a very bad idea but as we know, Microsoft have
tended to put ease of use ahead of security. Any vulnerabilities
(bugs) in those services may be exploitable so that code is injected
and run. There are machines (bots) constantly scanning IP address
ranges looking for such opportunities.
I have since closed all ports so that even without a firewall I am no
longer open to these kind of attacks.
> In my scenario, the PC is just sitting idle. Or sitting at Windows
> Update.
I also don't allow automatic updates; in fact I haven't updated past
Win2k SP2 (no longer supported). However, I wouldn't advise this for
most people. >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Feb 03, 2008
Posts: 5
|
(Msg. 9) Posted: Mon Feb 04, 2008 1:31 am
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Ant wrote:
> "Daave" wrote:
>
>> but I'm just curious if someone who has an ordinary modem and is not
>> running a software firewall, etc. will be in danger of being infected
>> within 12 minutes as is commonly believed,
>
> I am that person! When the Swen worm first appeared some years ago I
> was infected within seconds of going online. I didn't know about it or
> the patch that had been released because I'd been abroad for a while
> and hadn't been keeping the system up to date.
>
>> and if so, what is the mechanism by which this can happen?
>
> It happens because in Windows NT, by default, there are certain
> network services running with ports open listening for incoming
> traffic. This is a very bad idea but as we know, Microsoft have
> tended to put ease of use ahead of security. Any vulnerabilities
> (bugs) in those services may be exploitable so that code is injected
> and run. There are machines (bots) constantly scanning IP address
> ranges looking for such opportunities.
>
> I have since closed all ports so that even without a firewall I am no
> longer open to these kind of attacks.
Good idea.
How do you close all ports without a firewall? Don't you need some ports
open if you want to use the Web, e-mail, etc.?
>> In my scenario, the PC is just sitting idle. Or sitting at Windows
>> Update.
>
> I also don't allow automatic updates; in fact I haven't updated past
> Win2k SP2 (no longer supported). However, I wouldn't advise this for
> most people.
Interesting. Windows 2000 is up to SP4, I believe. What is your main
reason for not keeping up-to-date with the patches? >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Jan 31, 2004
Posts: 241
|
(Msg. 10) Posted: Mon Feb 04, 2008 9:03 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"Daave" wrote:
> Ant wrote:
>> I have since closed all ports so that even without a firewall I am no
>> longer open to these kind of attacks.
>
> Good idea.
>
> How do you close all ports without a firewall? Don't you need some ports
> open if you want to use the Web, e-mail, etc.?
Those ports are for out-going data and solicited incoming data on a
temporary basis for the specific requests. The point is to not have
unnecessary services running which are listening for requests on a
specific port.
For example, if you run a web server you need to accept requests for
service from anyone on (usually) port 80, so that port is always open
to receive traffic. If you are browsing the web you are *sending* to
the server's port 80 and receiving the page through a port above 1025
temporarily opended for that purpose.
Likewise, when using email or news, you are sending and receiving data
only when requested -- the ports are only open for the session.
In other words, you should block all incoming traffic unless you
specifically asked for it. If you have nothing listening for it in the
first place then there is nothing to block because another computer
cannot make a connection.
>> I also don't allow automatic updates; in fact I haven't updated past
>> Win2k SP2 (no longer supported). However, I wouldn't advise this for
>> most people.
>
> Interesting. Windows 2000 is up to SP4, I believe. What is your main
> reason for not keeping up-to-date with the patches?
There are various reasons which I've explained here before. However,
the main one now is that I can't be bothered with it, especially on a
dialup connection. My system is basic and configured well enough that
I don't have to worry about exploits. The more Windows advances, the
more bloat, fluff, complexity and bugs are added. I know exactly what
is running with my setup, why and what faults exit. If anything did
get through I'd spot it straight away and know how to deal with it.
Dissecting malware every day and knowing how Windows works at a low-
level helps a bit. >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Feb 04, 2008
Posts: 29
|
(Msg. 11) Posted: Mon Feb 04, 2008 9:12 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
On Sun, 3 Feb 2008 23:16:51 -0500, Daave wrote:
>
> How do you close all ports without a firewall? Don't you need some ports
> open if you want to use the Web, e-mail, etc.?
>
Use Windows Firewall in conjunction with:
Seconfig XP 1.0
http://seconfig.sytes.net/
Seconfig XP is able configure Windows not to use TCP/IP as transport
protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139
and 445 (the most exploited Windows networking weak point) closed.)
OR
Configuring NT-services much more secure.
http://www.ntsvcfg.de/ntsvcfg_eng.html
Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Hundreds Click on 'Click Here to Get Infected' Ad
http://www.eweek.com/article2/0,1895,2132447,00.asp >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Feb 03, 2008
Posts: 5
|
(Msg. 12) Posted: Mon Feb 04, 2008 9:12 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"Kayman" <kaymanDeleteThis RemoveThis @operamail.com> wrote in message
news:fo76fv$fbd$1@aioe.org...
> On Sun, 3 Feb 2008 23:16:51 -0500, Daave wrote:
>
>>
>> How do you close all ports without a firewall? Don't you need some
>> ports
>> open if you want to use the Web, e-mail, etc.?
>>
> Use Windows Firewall in conjunction with:
> Seconfig XP 1.0
> http://seconfig.sytes.net/
> Seconfig XP is able configure Windows not to use TCP/IP as transport
> protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135,
> 137-139
> and 445 (the most exploited Windows networking weak point) closed.)
> OR
> Configuring NT-services much more secure.
> http://www.ntsvcfg.de/ntsvcfg_eng.html
>
> Routinely practice Safe-Hex.
> http://www.claymania.com/safe-hex.html
> Hundreds Click on 'Click Here to Get Infected' Ad
> http://www.eweek.com/article2/0,1895,2132447,00.asp
Thanks for the info, Kayman! >> Stay informed about: Just 12 minutes |
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1735
|
(Msg. 13) Posted: Mon Feb 04, 2008 9:18 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
|
|
| Back to top |
|
| |
External
Since: Jul 04, 2003
Posts: 1735
|
(Msg. 14) Posted: Mon Feb 04, 2008 9:25 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
|
|
| Back to top |
|
| |
External
Since: Jun 06, 2006
Posts: 166
|
(Msg. 15) Posted: Mon Feb 04, 2008 11:09 pm
Post subject: Re: Just 12 minutes [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
|
|
| Back to top |
|
| |
| Related Topics: | Traffic ceases after 15 minutes. - I have been receiving several phone calls about customers having this problem. They connect to us (DSL or Dial-up), their service only lasts for about 15 minutes. Then all traffic stops, and they must restart the machine to restore the connection. ..
Internet Connectivity lost after 15 minutes. - I have been receiving several phone calls about customers having this problem. They connect to us (DSL or Dial-up), their service only lasts for about 15 minutes. Then all traffic stops, and they must restart the machine to restore the connection. ..
It is normal to get intrusion attempts every 10 minutes? - I am running Norton internet security software and so far my computer has not been infected, however I am always getting intrusion alerts. I t was only a year ago all you had to do is not open email with a suspicious attachment. What has happened betwee...
Virus killing my browser connection every 10 minutes - nee.. - All, almost a week ago my computer browser connection stopped working - and the only way I could get it to work again was by rebooting. "Ping" still works, my Yahoo IM still works - just the browser fails. I've tried running hijackthis, kill...
Netspy trogan - Hi all, new here and I think I got a problem? My Norton firewall reports a trogan and here is the information: Netspy Trogan Horse program: windows.exe protocol: TCP inbound remote address 127.0.0.1:3012 Local address: all local adapters:1024 I don't.... |
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
|
|
|
FAQ
Profile
Private Messages
Log in
