1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Why is this happening? Computer Attacks!

Discussion in 'Virus & Other Malware Removal' started by MastiffShack, Jan 29, 2005.

Thread Status:
Not open for further replies.
  1. MastiffShack

    MastiffShack Thread Starter

    Jul 13, 2003
    Here is an interesting delima.

    1) My primary system is configured for three users (separate user ids, separate passwords, etc.) four if you count the Administrator's profile.
    2) One id is used exclusively to play games (pogo, yahoo, etc.)
    3) Another profile is for my son to do things he can't on his PC (i.e. licensed software where we only have one license).
    4) Primary (i.e. administrator level) profile where I log into work, perform routine system tasks, etc.

    I have Norton Internet Firewall installed. It is configured and does a reasonably fine job of protecting my system. This is how I know the IP addresses of the attackers, and when one attacks.

    Here is the interesting part:
    1) The game profile rarely gets any "attacks" from outside systems.
    2) My son's profile may never have receive any "attacks".
    3) Mine receives a whole lot! :mad: On the average of 1 ever 5-10 minutes.

    Now the question:

    1) I've scanned my profile for any objects that may have been put there, and don't recognize abnormal ones.
    2) I've run SpyBot and Ad-aware until I'm blue in the face. :confused:
    3) I've examined HiJackThis reports just as often as SpyBot and Ad-aware.
    4) I've used CyberScrub to clear out known areas of my profile that track internet usage.
    5) I've run Norton AV frequently.
    6) Norton AV scans all inbound/outbound email.
    7) Norton Firewall as all the features turned on: Spam; Parental Control; Ad Blocking; Privacy Control.
    8) I've even deleted the profile and all associated files. This option is drastic but apparently works for a time - but eventually over the course of a couple (or 3) months, the attacks resume.

    My conclusion: Something is broadcasting my email address? Something is imbedded in my profile to trigger a notice that I am on-line? Something is spoofing my system? Something has got me in its sights?

    (Also: All the software is up-to-date with current images etc.)

    If someone could tell me what is happening, I would be forever (and I mean forever) grateful! I might even name my next child after you - if I were to ever have one.

  2. telecom69

    telecom69 Gone but never forgotten

    Oct 12, 2001
  3. MastiffShack

    MastiffShack Thread Starter

    Jul 13, 2003
    Thank you telecom69. The TrendMicro product is running now (as I type this). It did find the JAVA BYTEVER.A located in my profile's Java cache area. I'll be running the PandaSoftware product as soon as this one completes. I'll advise when both have been run.

    (FYI: I searched for "BYTEVER.A" - and variations of it - on the Symantec web site, and did not find it listed.)

    Thanks again.
  4. MastiffShack

    MastiffShack Thread Starter

    Jul 13, 2003
    Well, after running both scans (TrendMicro locked up after about 80% complete; but at least it finished my main drive C:); and deleteing the items it identified, PandaSoftware didn't find anything.

    Interesting note: I created another user account, and so far, I've not received a single "attack". It is been connected to the net for over 3 hours.

    I signed back on to my original account, and within 3 min I had hits from IP addresses ranging from 222.x.x.x to 70.x.x.x to 73.x.x.x.

    Very, very weird.

    I wonder if anyone else is experiencing like situation?
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/324743

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice