Quote:
Originally posted by beeboy
"Also, I had what appeared to be a trojan of some sort recently."
"The only thing these picked up were stuff PC-Cillin had already previously found and quarantined."
What was the trojan and what files were quarantined?
|
The trojan that prevented me from opening Task Manager etc was never detected. I did a little research online and found it and removed it by hand. It was most likely some sort of spyware. It was an exe in \system32\ that started up with windows.
The stuff PC Cillin quarantined is months old. They were mostly spyware files and javascript BS.
I posted my problem on another forum, and received the following reply:
Quote:
There is a major vulnerability in the RPC service (on by default, can't be turned off) of all NT-based versions of Windows. There are at least 5 or 6 different exploits out there, though I haven't heard of an automated worm, yet.
[edit]
Here's one message regarding the behavior of one of the first "proof of concept" exploits that seems relevant. The interesting thing there is that the exploit, having spawned a shell, incidentally makes the RPC service crash when the connection drops, like yours did when you /released.
You may still be ok, assuming you patch up, because the exploits out there don't themselves install any persistent backdoors or anything, but it's possible that whoever was connected to you could've done so manually.
|
I installed the MS patch and I guess I will leave my computer on for a while and see if I get any of the same problems.