I have Norton Internet Security Professional as my firewall and virus protection, along with AVG. In the past week, I have noted a huge spike in the # of attempts to get past my firewall. Yesterday alonethere were at least 6 attempts. I have been averaging about 3 a day since the end of March. Has anyone else noticed similar attemts by these types of attacks to gain access to your machines? Thankfully they have all been blocked. Hopefully, you all have firewalls up.

<center>
http://www.chaoticconcepts.com/randomizer/random.php?uid=8 </center>


<center><B>My Thanks to Just Jon, Reefdwella, ADF, Monsterone and Katylina for the sig-pic help and creation!</B></center>
<marquee behavior=alternate><font size=1>( o Y o )</marquee>

This usually happened to me in the past; after I'd either;

-download some new program; no matter how legit...

-visit some new website

you might wanna backtrack and see if anything like the above fits. I know 'visit new website' is something I might do 20 times a day. But usually it's a 'deep' site; one where I just dont look at the front page; I go in and explore.

And yes, I occasionally visit sites that arent all porn.

I'm guessing you know of adaware and spybot to clean out anything that might be telling whoever is attacking you, 'hey, here we are, we installed ourselves, and now someones using the ISP address for attacks'

I'm sorry thats all I got. I'm not from India. [computer; credit card; local cable/bank customer service/tech support humor, folks. These days? Yer almost always calling India, and speaking with, say, someone who can speak Hindi, and then switch to being 'Frank' with a wonderful 'American' accent.]



<IMG SRC="http://members.aol.com/miketeachr/newsig">

Well, you might be right about that in a way, I did have to reinstall the Norton 2 Fridays ago, maybe thats it, plus I have it set to alert me whan it happens. It always blocks the trojan, but I a little alarmed at its frequency. These werent popping up when I was going to websites, they would happen if I was here, or just reading news on yahoo or google or whatever. I imagine that if people didnt have firwalls set up, there would be a lot of hacking going on.

<center>
http://www.chaoticconcepts.com/randomizer/random.php?uid=8 </center>


<center><B>My Thanks to Just Jon, Reefdwella, ADF, Monsterone and Katylina for the sig-pic help and creation!</B></center>
<marquee behavior=alternate><font size=1>( o Y o )</marquee>

ask trojan man he would know...

<img src="http://images.satcam.aboho.com/jesusbuddy.jpg"

Does Norton tell you that it's a Backdoor Subseven Trojan? That's what mine always says.



"Excuse me, excuse me I believe you have my stapler"

people ping computers constantly looking for open ports to get in. Just make sure your firewall is up and you should be reasonably safe.

<IMG SRC="http://img1.photobucket.com/albums/0903/dfaz11779/3e855bc7.gif">
UEFA Cup Quarter Final
Newcastle 3 PSV Eindhoven 2 (aggregate)

hellllllllo buddays.

so i've been having trouble with this one trojan:

res://mshp.dll/index#37049(and variations of)

quite a pain in the ass. undedected by spybot and adaware, but fucks w/ your homepage, google, bandwith and floods you with popups.

the solution, CWShredder and HijackThis, both freeware. the trojan will try to block you from downloading them, but right click and save target as as soon as possible. anyone with the same problem, email me and i'll send you the sw(which might be easiest).

<center><img border=1 src="http://scripts.cgispy.com/image.cgi?u=monsterone01"><br></center>

<center>
<font color=black size=2>don't blame the jews, the italians killed christ</font>
<font color=white>moe & horde king, come back soon</font>


</center>
[color=White]

Anyone with a cable modem and a router goto grc.com. run the test called shields up. It shows you which ports or open, closed, or stealthed on your router. this is how someone from the outside could possibly see your computer. Hopefully all will be stealthed. If you have a linksys router i think port 113 will be open. It is the ident. port and needs to be stealthed. If you need help, PM me and I can walk you through closing it.

http://home.comcast.net/~nickcontardo/jpm_sig.jpg
Thanks to Monsterone for my first sig.

thanks buddy. you just helped me tackle my next problem when i get home for the weekend. shit you just saved me 1/2 hr with tech support.

<center><img border=1 src="http://scripts.cgispy.com/image.cgi?u=monsterone01"><br></center>

<center>
<font color=black size=2>don't blame the jews, the italians killed christ</font>
<font color=white>moe & horde king, come back soon</font>


</center>
[color=White]

no prob man, PM me with any problems.

http://home.comcast.net/~nickcontardo/jpm_sig.jpg
Thanks to Monsterone for my first sig.

I've been having trouble with a blue toolbar that will not leave my internet explorer. Spybot and adware do not detect it and I want it dead.

<marquee>
"To insist on strength is not war-mongering. It is peace-mongering." -Senator Barry M. Goldwater "If gold should rust, what will iron do?" -Geoffrey Chaucer "Worship him, I beg you, in a way that is worthy of thinking beings.-Romans 12:1</marquee>
<img src=http://members.aol.com/cityhawk80/images/nydragonssig.bmp?mtbrand=AOL_US>

I've been noticing this also....My Norton told me a few times that a trojan virus was detected and deleted automatically..I went to that grc.com site and ran the test...this is what it said...

Your Internet port 139 does not appear to exist!
One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

[center]<IMG SRC=http://thereisnogod.faithweb.com/sigpics/mrbadtouch.gif>
[center] I KNOW KARATE...VOODOO TOO!!!
Thanks to ADF!!

i thought this thread was going to be about condoms booo!!

<marquee>I am woman hear me roar, bitch, and whine.</marquee>
<center>
<IMG SRC="http://publish.hometown.aol.com/vampchick7586/myhomepage/murdersig.gif?">
</center>

<marquee behavior=alternate scrolldelay=30>Vampire girls suck....</marquee>
Good girls are bad girls that dont get caught.
Life's a bitch.....then you strangle one.

Does Norton tell you that it's a Backdoor Subseven Trojan? That's what mine always says.


Yes! It seems on weekends it happens far more than during the week.
Monster, that one you referred to; res://mshp.dll/index#37049(and variations of)
Did those programs you mention help? I have adaware and spybot. I dont have any homepage or popups problems though (except the ones that are on certain sites), which I just close, and later run the spybot/adaware on later before I make any online purchases, plus deleting cookies and emptying temporary internet files and offline content. Ive been wary about having too many similar programs running at once, since I had a problem with AVG and Norton fighting for bragging rights on my antivirus protection. I had to reinstall the Norton because it had gotten corrupted.

<center>
http://www.chaoticconcepts.com/randomizer/random.php?uid=8 </center>


<center><B>My Thanks to Just Jon, Reefdwella, ADF, Yerdaddy,Monsterone and Katylina for the sig-pic help and creation!</B></center>
<marquee behavior=alternate><font size=1>( o Y o )</marquee>

This message was edited by sr71blackbird on 4-20-04 @ 8:18 AM

Did those programs you mention help?


spybot & adaware or good, but unable to detect Coolwebsearch, which hijacks ie. Coolwebsearch really fcks with your internet connection.

CWShredder and HijackThis cleared up any problems, but i still have to run shields up,, since i got the network back up.

a word of adice, you can get hijacked by warez site and by those how aren't that internet savy in looking for porn (my problem). so refer your friends to safe sites , etc... or the same can happen to you machine.

<center><img border=1 src="http://scripts.cgispy.com/image.cgi?u=monsterone01"><br></center>

<center>
<font color=black size=2>don't blame the jews, the italians killed christ</font>
<font color=white>moe & horde king, come back soon</font>


</center>
[color=White]

pybot & adaware or good, but unable to detect Coolwebsearch, which hijacks ie. Coolwebsearch really fcks with your internet connection. CWShredder and HijackThis cleared up any problems, but i still have to run shields up,, since i got the network back up. a word of adice, you can get hijacked by warez site and by those how aren't that internet savy in looking for porn (my problem). so refer your friends to safe sites , etc... or the same can happen to you machine.


I didn't realize that you were a recent immigrant to whom English was a fourth language!!!!!

[center]<IMG SRC=http://hometown.aol.com/bonedaddy5/images/puppet.jpg>
[center] I KNOW KARATE...VOODOO TOO!!!
Thanks to YERDADDY!!

Coolwebsearch, which hijacks ie. Coolwebsearch really fcks with your internet connection.

Coolwebsearch was the most irritating god damned thing. i seriously almost through my old fucking computer out the damn window because that thing just drove me crazy and infuriated the fucking shit out of me.

http://img18.photobucket.com/albums/v53/monster6sixty6/guests/sV2_sig.jpg
Monsterone is the king.
Not doing drugs, and handing out hugs.

Is there a way to detect coolwebsearch without the addition of those programs? Is it visible in the program files? Currently I have spybot and ad-aware. So I have to get 2 more and keep them updated and run them every few days too?
On a side not, Im thinking about people who dont do any of this stuff. my niece never ran a norton update or scanned for viruses, even though she has norton on her system. She never ran a Windows update (which I did 2 days ago and it was huge! For XP, critical updates--had to reboot)
and her computer while less than a year old still functions, though it must be absolutly clogged with spys, viruses, and god knows what. I bet the number of people who dont do anything like this must be in the 70% range or people who own computers. Liek my niece, she just cant "bothered".

<center>
http://www.chaoticconcepts.com/randomizer/random.php?uid=8 </center>


<center><B>My Thanks to Just Jon, Reefdwella, ADF, Yerdaddy,Monsterone and Katylina for the sig-pic help and creation!</B></center>
<marquee behavior=alternate><font size=1>( o Y o )</marquee>

Is there a way to detect coolwebsearch without the addition of those programs?

Oh, if you have it, you'll know.

Coolwebsearch was the most irritating god damned thing. i seriously almost through my old fucking computer out the damn window because that thing just drove me crazy and infuriated the fucking shit out of me.


This fucking site got on my work computer. I called the company and demanded that they tell me what to do to get rid of it. They said they did, but every morning it pops up asking if I want to install it. God damn internet savvy fucks!!!!!!!!!!!!!!

"Excuse me, excuse me I believe you have my stapler"

pybot & adaware or good, but unable to detect Coolwebsearch, which hijacks ie. Coolwebsearch really fcks with your internet connection. CWShredder and HijackThis cleared up any problems, but i still have to run shields up,, since i got the network back up. a word of adice, you can get hijacked by warez site and by those how aren't that internet savy in looking for porn (my problem). so refer your friends to safe sites , etc... or the same can happen to you machine.


I didn't realize that you were a recent immigrant to whom English was a fourth language!!!!!

[center]<IMG SRC=http://hometown.aol.com/bonedaddy5/images/puppet.jpg>
[center] I KNOW KARATE...VOODOO TOO!!!
Thanks to YERDADDY!!


ehhhh.... how do you say in you're country? ehhhh... fuck off. ;p


and qwenny, that's how you write drunk, 3 sheets to the wind, fucked up. take notes.

and after re-reading my post reesh is right on. basically, Coolwebsearch is a more sophisticated gator/weatherbug.

you can delete the .dll file, but it will still replicate itself. those 2 programs are specific to Coolwebsearch and ipdate themselves to keep your comp safe.

and spybot & adaware miss it completely.

<center><img border=1 src="http://scripts.cgispy.com/image.cgi?u=monsterone01"><br></center>

<center>
<font color=black size=2>don't blame the jews, the italians killed christ</font>
<font color=white>moe & horde king, come back soon</font>


</center>
[color=White]

I'm running AVG now.

<center>
http://www.chaoticconcepts.com/randomizer/random.php?uid=8 </center>


<center><B>My Thanks to Just Jon, Reefdwella, ADF, Yerdaddy,Monsterone and Katylina for the sig-pic help and creation!</B></center>
<marquee behavior=alternate><font size=1>( o Y o )</marquee>