Trojans and DCOM/LSASS exploits - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 03-03-2005, 03:30 AM   #1 (permalink)
purveyor of fine cheeses
 
Join Date: Apr 2004
Posts: 323
Unhappy Trojans and DCOM/LSASS exploits

Hi,

I'd like some help with some random computer issues that I have been having. It seems that sometimes when I turn my computer on it tries to automatically dial the internet. Which I stop. It doesn't dial any toll call numbers as far as I can see, the dialog box still displays my normal ISP number.

Also I have avast! running on my laptop and it is frequently saying that there is a trojan, which I move to the chest, but it seems to come back. Scans do nothing apparently. Also, avast! keeps displaying the fact that it is preventing a DCOM exploit and LSASS exploit from accessing the net, or me, or something. This happens frequently.

Is there something I can do to fix this? Can DCOM and LSASS just be deleted?
__________________

__________________
<img src=\"http://img.photobucket.com/albums/v208/knowledgelifeguard/homer21.gif\" alt=\"Image hosted by Photobucket.com\" width=\"125\" height=\"104.8\"> <font size=\"1\"><i>\"I like these real Saturdays, not like that fake one that almost got me fired.\"</font></i>
SupremeRuler99 is offline  
Old 03-03-2005, 05:16 AM   #2 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

You need to run the spyware programs in my sig, sounds like your system has been over run with spyware. Go to start, run, type msconfig, go to startup, click disable all, dont reboot yet, delete your cookies and tifs, delete the prefetch folder, run the adaware programs once, then reboot, and run the programs again and see if that helps. Got to you internet options and delete the dial up properties that you did not make.
__________________

__________________
Osiris is offline  
Old 03-03-2005, 12:29 PM   #3 (permalink)
purveyor of fine cheeses
 
Join Date: Apr 2004
Posts: 323
Default

what's the prefetch folder?
__________________
<img src=\"http://img.photobucket.com/albums/v208/knowledgelifeguard/homer21.gif\" alt=\"Image hosted by Photobucket.com\" width=\"125\" height=\"104.8\"> <font size=\"1\"><i>\"I like these real Saturdays, not like that fake one that almost got me fired.\"</font></i>
SupremeRuler99 is offline  
Old 03-03-2005, 12:48 PM   #4 (permalink)
Monster Techie
 
Join Date: Nov 2004
Posts: 1,343
Send a message via AIM to southernlady Send a message via Yahoo to southernlady
Default

There is a thread on dialers and how you can't see them but how they will still be in your system and how to get rid of them in this thread on another forum: http://forums.techguy.org/t224491.html It is WAY too long for me to dig thru and copy the needed information...I'm gonna let you do that cause it will help you see how you got infected as well...it can happen so innocently.

Once you get that infection out, running the other programs that Warez Monster mentioned again will help even more. Liz
__________________
<font size=\"1\"><a href=\"http://www.prioritycomputers.net/\" target=\"_blank\">Priority Computers</a> | <a href=\"http://www.majorgeeks.com/download506.html\" target=\"_blank\">AdAware SE</a> | <a href=\"http://www.majorgeeks.com/download2471.html\" target=\"_blank\">SpyBot-Search & Destroy</a> | <a href=\"http://www.majorgeeks.com/download2859.html\" target=\"_blank\">SpywareBlaster</a> | <a href=\"http://www.majorgeeks.com/download3045.html\" target=\"_blank\">SpywareGuard</a> | <a href=\"http://www.majorgeeks.com/download3155.html\" target=\"_blank\">HijackThis</a> | <font color=\"red\"> <a href=\"http://www.stealingisillegal.com/\" target=\"_blank\">Stealing is illegal</font></a> <form action=\"http://www.theriddlehouse.com/random/tfsearch.php\" method=\"get\"><br />
<input type=\"text\" name=\"search\"> <input type=\"submit\" name=\"submit\" value=\"Search Tech-Forums!\"></form><font size=\"1\"><i>Powered by Emily!</i></font><br />
<br />
southernlady is offline  
Old 03-03-2005, 06:03 PM   #5 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Quote:
Originally posted by SupremeRuler99
what's the prefetch folder?


This is an unique technique for WinXP. We know that it is necessary to wash registry and TEMP files for Win9X/ME/2000 periodly. Prefetch is a new and very useful technique in Windows XP. However, after using XP some time, the prefetch folder can get full of rarely used or obsolete links which can slow down your computer noticeably. My suggestion is: open C(system drive):/windows/prefetch, delete all files (or at least those more than 3 weeks old), reboot. I recommended that you do this every month.
__________________
Osiris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 01:21 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.