Upgraded Norton Virus

Discussion in 'Computers & Website Forum' started by SueLyn, Dec 5, 2002.

  1. SueLyn

    SueLyn
    Expand Collapse
    New Member

    Joined:
    Aug 23, 2001
    Messages:
    617
    Likes Received:
    0
    Recently, I upgraded my virus protection to Norton 2003 Internet Security, the whole enchilada, it cost around $50. Ever since I did this, I get these messages every time I'm online, that my computer has just been attacked but my firewall blocked it, they are always about the same, sub seven back door Trojan horse, or something like that. And with this newer program I can trace where these attacks came from, so I do that, almost 90% of them come from Virginia! But what I'm thinking, my old virus protection didn't have as much, I never got all these messages about being attacked. So, it's almost like Norton is sending out messages like this so that I will think, "wow, I'm really being protected now". I mean it just doesn't seem like I should be getting all these attacks all of a sudden, it is usually anywhere from 3 to 5 attacks every time I'm on the Internet. Sort of like a conspiracy theory, my brother is always changing his ISP, he is very hard to please. His latest ISP told him for a charge of two dollars more, they could keep him from getting a lot of spam mail. He turned it down, and now he gets around 200 spam mail every day, he thinks the ISP is sending the spam in an effort to get him to pay the extra couple of bucks. That just sounds goofy to me. Anyway, I want to know if these attacks are real, and if the answer is yes, then was I getting them before and just didn't know it?
    Sue
     
  2. InHim2002

    InHim2002
    Expand Collapse
    New Member

    Joined:
    May 26, 2002
    Messages:
    899
    Likes Received:
    0
    the likely answers are yes and yes
     
  3. jcrowe

    jcrowe
    Expand Collapse
    New Member

    Joined:
    Jan 28, 2002
    Messages:
    93
    Likes Received:
    0
    Yes the attachs are real. However....

    Sub seven is a trojan, meaning that it requires you to have a hidden program running on your computer in order for it to harm you. If you do not have that program running on your computer then the attack can't hurt you regardless of what (if any) antivirus software you have on your computer.

    The fact that someone in virginia keeps trying to connect to you is reason enough to check your computer for the trojan.

    Norton should tell you the ip address of the attacker (an IP address is four sets of three numbers eg. 132.121.1.123) with this address you can tell who they get their internet from & inform their service provider. If you need any help with this just post the ip address & I will check for you.

    Jason
     
  4. SueLyn

    SueLyn
    Expand Collapse
    New Member

    Joined:
    Aug 23, 2001
    Messages:
    617
    Likes Received:
    0
    Wow, thanks Jason, I do get the IP address but I had no clue that I should do something with it. I run a scan for viruses twice a week, so far there has been no viruses found, I also get automatic updates. Several of these attacks have AOL as the ISP, so I just sent an email with all the info from this attack to AOL? Or MSN? Or whoever the IP may be? I can do that!
    Thanks for your help.
    Sue
     
  5. Eladar

    Eladar
    Expand Collapse
    New Member

    Joined:
    Aug 6, 2001
    Messages:
    3,012
    Likes Received:
    0
    I just got a Backdoor/Sub seven attack:

    Remote Address: 24.88.47.53: 1204
    Local Address: hppav (172.144.169.78):27374
    A remote computer(24.88.47.53)

    Time 7:28 PM on 12/9/2002
     
  6. Eladar

    Eladar
    Expand Collapse
    New Member

    Joined:
    Aug 6, 2001
    Messages:
    3,012
    Likes Received:
    0
    Another one tonight!

    Netbus Trojan horse

    At 9:09 PM on 10/10/2002

    Protocal: TCP(Inbound)
    Remote Address: 172.170.151.117: 2865
    Local Address: hppav(172.170.151.183):NetBus(12345)

    If nothing else, this is a nice way to log the attacks. ;)
     
  7. jcrowe

    jcrowe
    Expand Collapse
    New Member

    Joined:
    Jan 28, 2002
    Messages:
    93
    Likes Received:
    0
    This on if from somebody who uses the same isp as you. call them and let them know what's happening. The attacker possibly doesn't even know that it is happening.
     
  8. Eladar

    Eladar
    Expand Collapse
    New Member

    Joined:
    Aug 6, 2001
    Messages:
    3,012
    Likes Received:
    0
    Thank you jcrow. I'm assuming that what you gave me was an e-mail address.

    I have AOL. Am I to call AOL and let them know about the other one?
     
  9. jcrowe

    jcrowe
    Expand Collapse
    New Member

    Joined:
    Jan 28, 2002
    Messages:
    93
    Likes Received:
    0
    Yea. call them.
     

Share This Page

Loading...