Spyware! Heads Up!

[Blyth Spirit]

Just had a box appear on my screen telling me that our chums at Norton had blocked an "attack" on my PC...no action required by me.

There are some naughty people out there!

:|

 

[eneville]

Just had a box appear on my screen telling me that our chums at Norton had blocked an "attack" on my PC...no action required by me.

There are some naughty people out there!

:|

Have you tried this? The "Shields Up" scanner here, <!-- m --><a class="postlink" href="https://www.grc.com/x/ne.dll?bh0bkyd2" onclick="window.open(this.href);return false;">https://www.grc.com/x/ne.dll?bh0bkyd2</a><!-- m -->, it will attempt to connect to your internet facing IP address on all the common service ports (1-1024) so you may get other popups telling you about this but it's for a good reason. Ideally the output will be a page full of green, indicating no open ports.

 

[andyjreid]

Just had a box appear on my screen telling me that our chums at Norton had blocked an "attack" on my PC...no action required by me.

There are some naughty people out there!

:|

Have you tried this? The "Shields Up" scanner here, <!-- m --><a class="postlink" href="https://www.grc.com/x/ne.dll?bh0bkyd2" onclick="window.open(this.href);return false;">https://www.grc.com/x/ne.dll?bh0bkyd2</a><!-- m -->, it will attempt to connect to your internet facing IP address on all the common service ports (1-1024) so you may get other popups telling you about this but it's for a good reason. Ideally the output will be a page full of green, indicating no open ports.

eneville, how would you deal with what you felt to be too many open ports?

 

[eneville]

Just had a box appear on my screen telling me that our chums at Norton had blocked an "attack" on my PC...no action required by me.

There are some naughty people out there!

:|

Have you tried this? The "Shields Up" scanner here, <!-- m --><a class="postlink" href="https://www.grc.com/x/ne.dll?bh0bkyd2" onclick="window.open(this.href);return false;">https://www.grc.com/x/ne.dll?bh0bkyd2</a><!-- m -->, it will attempt to connect to your internet facing IP address on all the common service ports (1-1024) so you may get other popups telling you about this but it's for a good reason. Ideally the output will be a page full of green, indicating no open ports.

eneville, how would you deal with what you felt to be too many open ports?

Simply, a firewall of some sorts.

This could be achieved from simply using a NAT firewall router, since it (shouldn't) by default forward all ports to your desktop.

If you've directly connected the ISP network cable to your computer then you should have a firewall enabled, albeit a software firewall isn't ever going to be as reliable as a hardware (NAT) firewall.

Unless you're running your own network services (web/dns/email) I can't think of any reason why you'd need to have ports forwarding from the NAT device.

The difference between the green and blue boxes is based on how the firewall responds to the inbound connection attempt, green means basically that the firewall has received the pack and done absolutely nothing about it, and blue meeds the attempt has been rejected, which would tell the remote host that a device is online, in my view this is not as good.

There are some free software firewalls available to download and install. Sadly most of the Windows firewalls are a lot bulkier and interfere with your desktop experience too much these days.

I'd start with <!-- m --><a class="postlink" href="http://download.cnet.com/Tiny-Personal-Firewall/3000-10435_4-10266527.html" onclick="window.open(this.href);return false;">http://download.cnet.com/Tiny-Personal- ... 66527.html</a><!-- m --> and run the Shields Up test again to ensure that it's working properly.

 

[quattrojames]

Does this mean it's no longer safe to look at porn?

 

[Sunburyboy93]

Does this mean it's no longer safe to look at porn?

I like to protect myself:

 

[eneville]

LOL quattrojames and especially sunburyboy93

 

[Audiolab]

Haven't read much about this recent outbreak, In work I am behind a 7 layer hardware and software firewall but my company insist on using real IP's internally which is a little dumb. However it is useful for me as I can fix machines to an address and reach them when tunneled from outside the corporate network.

My home router blocks all protocols except 8080 and the usual email ports and only the ones I use. Never open email unless I know who it is from and don't do much else except visit news, shaving and car forums, I open a port if I want to FTP and then close it after. Hopefully this limits my exposure.

What is this one?, a trojan carried in an email attachment or one that only needs to run by visiting a site?

 

[RB73]

I've had the old box pop up a couple of times whilst browsing sites, the one that freezes all actions in the browser until you hit the flashing "OK" or "Download this programme to remove such n' such".

I'll give Norton its due as it has stopped or quarantined anything relating to that as well as sending out update warnings a few weeks ago.

 

[Evvaa]

A number of my friends have managed to aquire this little problem.

After the thrid call to fix a PC I have downloaded all the relevent files needed to fix it to a usb pen drive, turn up at there house boot to safe mode, install and run said progs and whilst its doing its thing go hassle them for a few cans of beer for my time, normally by the time its done we are both a little tipsy as we have forgotten what I there for and just drinking

 

[Audiolab]

If you work in Technical Support this is god news, more work = still in a job. We have a saying that the day they get it right we are out of a job, thankfully in they have not got it right yet.

Never heard of much in the way of people getting this one, am now waiting for the call from my brother with "My computer is not working".

 

[hunnymonster]

Never heard of much in the way of people getting this one, am now waiting for the call from my brother with "My computer is not working".

I cleaned 3 machines of this at the weekend - none of them mine

 

[Evvaa]

had another myself today

 

[Audiolab]

I work on the big iron for a living, mostly clusters, scalable multi node and blade complexes. We tend to not see the viral issues on the servers themselves so mostly it is just family and "friends" PC's that I fix. Server issues are mostly the result of incorrect configuration but some bluffer who flanneled their way in with a CCNA or MCSE....yes it was one of those days :roll: