So my computer is acting really strange. Or rather, my norton is. When I turned on my computer today, about the first thing that happened was that Norton reported a foiled attempt of someone trying to access my computer through the Nail File trojan horse.
I instantly run ad-aware, spybot, norton, clean my cookies and internet files. I try out online tests to check computer security, all clear. Can't find a single .exe file that looks odd (but as there are so many of those, no guarantee)
But I keep getting the same warning, about 600 times now in about two hours.
What I can do ofcourse, is merely ignore the attempts, but that's hardly a secure way of spending time online.
Is there any way to know for sure if there is a trojan on my computer, or if my computer is properly protected?
Thanks in advance for any info!
·Theme
- Forums
- Cross Site
- Computer Hardware & Troubleshooting
- Trojan horse problems: Nail File:
Trojan horse problems: Nail File:Follow
Quote:
Norton reported a foiled attempt of someone trying to access my computer through the Nail File trojan horse
Infects: Windows 95/98/ME/NT/2000
Autoloads: No
Default port: 4567
Can port be changed: No
Sounds like you're clean (search for 'client.exe' or 'server.exe' - this is identical to that old classic, Sub-Seven), but someone's running a port scan on a range of IP's that you happen to be in, creating a 'hack attack' report from Norton. Chances are it's running on automatic and is looping, creating the multiple attempts you're seeing.
Scan online using housecall at trendmicro.com, if that shows clean then just tell Norton to silently block any further attempts, or if you're using a router, close the port above.
Edited, Jan 12th 2007 1:56pm by Tanq
Quote:
Infects: Windows 95/98/ME/NT/2000
Autoloads: No
Default port: 4567
Can port be changed: No
Sounds like you're clean (search for 'client.exe' or 'server.exe' - this is identical to that old classic, Sub-Seven), but someone's running a port scan on a range of IP's that you happen to be in, creating a 'hack attack' report from Norton. Chances are it's running on automatic and is looping, creating the multiple attempts you're seeing.
Scan online using housecall at trendmicro.com, if that shows clean then just tell Norton to silently block any further attempts, or if you're using a router, close the port above.
Edited, Jan 12th 2007 1:56pm by Tanq
Autoloads: No
Default port: 4567
Can port be changed: No
Sounds like you're clean (search for 'client.exe' or 'server.exe' - this is identical to that old classic, Sub-Seven), but someone's running a port scan on a range of IP's that you happen to be in, creating a 'hack attack' report from Norton. Chances are it's running on automatic and is looping, creating the multiple attempts you're seeing.
Scan online using housecall at trendmicro.com, if that shows clean then just tell Norton to silently block any further attempts, or if you're using a router, close the port above.
Edited, Jan 12th 2007 1:56pm by Tanq
Thanks for the information Tanq!
There were about 700 attempts when I finally logged off, but none so far today. Loads of different ip adresses, alledgedly from all over the world too, but I guess those can easily be faked.
After trying out so many different scanners, I guess I can rest easy and rely on my Norton then.
I have had this happen before. Port scanning is pretty common, and most people don't notice it until your firewall goes nuts. Disconnecting usually causes them to move on to another IP address.
Recent Visitors: 125
All times are in CST
Anonymous Guests (125)
- Forums
- Cross Site
- Computer Hardware & Troubleshooting
- Trojan horse problems: Nail File:
© 2024 Fanbyte LLC