Help under attack!

Good evening! I'm have problems w/ my computer it keeps telling I've been attacked by outside intruder. I have down loaded sygate firewall,window washer 5, anti-virus(AVWINSFX.EXE avup.de) and spy sweeper and I still get message that a port is open. Do I need to download a new firewall or what?
Please give me some advise in simple engish I'm new at this.

glen001

 

don't panic. Many ports are open on your machine otherwise you wouldn't be on the net.
what is the whole scenario including any messages you are getting.

What people don't know is that they get 1000's of scans daily.

 

Well the message comes up intruder scans. Then the internet explorer shuts down. When I go to sign back on earthlink my whole homepage changes and as I go into majorgeeks website it kicks me off like someone else is in control of my computer. glen001.

 

Glenn. see here please
http://forums.majorgeeks.com/showthread.php?t=35407
READ ME FIRST: Basic Spyware, Trojan And Virus Removal

 

I'm writing this for Glen who is my brother. He has been kicked off the internet
again and can't read the "READ ME FIRST" post.
Any suggestions on how he cant fight this thing offline?
It seems to kick him off every time he goes to majorgeeks or for any help.

 

can you copy and paste the text and email it to him?

additionally if he having problems getting the programs here, have him try this one first. 15 day free trial. Perhaps it will get rid of most of his problems such that he can return to MajorGeeks to complete the tutorial

http://www.giantcompany.com/p_antispyware.aspx

on the bottom right is the link to the trial. see if it works

 

i just saw that glen001 was on 10/24/04 @ 1:54 CST. just thought i would post, so maybe his brother could ask if he tried to get on that time, then he could determine if someone had taken over his machine.

eric

 

Thanks for all your help, seems to have solved his problems.

When I sent him an e-mail text from your site the e-mail would be blank. It took him a few days to finally get back to your site to download Giant AntiSpyware, he was getting blank pages everytime he went to the GiantCompany site but it finally worked. He downloaed after many times trying and was able to use it,then he did the READ ME FIRST(basic spyware removal).

Computer seems to be working fine, even has more speed.
Thanks, you guys are great!

Giant Anti-spyware is very useful tool. It work so well, I got it
myself.

Again thanks from my brother and myself.
Be blessed.

 

That was him on 10/24/04, he finally got everything fixed @ 9:30 CST of 10/24/04.

 

great news.. but just to make sure, can you have him run through this so we can take a peek at his HJT log?

http://forums.majorgeeks.com/showthread.php?t=38752
Hijack This Tutorial And How To Post Your Log File

 

Remember we are new to this.
I'm helping him, but it's like the blind leading the blind and we both might fall into the ditch

Does he have to download HJT and install it?
How would he do this?
Please give simple direction on how to put HJT in special folder and where to find it on his computer.

Tutorial states it's for advanced users, we're still babes crawling, so
need lots of help with this.
OLD DOGS TRYING TO LEARN NEW TRICKS.

 

the file is in a zip archive. He'll have to download it to someplace on his computer and remember that location and then unzip the contents into a directory(folder) of his choice. At that time he should find the folder and run the HiJackThis.exe located in it. There is no installation required.

you can download HiJackThis from here
http://www.majorgeeks.com/download3155.html

 

How would he direct it to the right folder as the tutorial says (C:\Program Files\HJT)?
I've read some threads where people have put into the wrong folder.

Babies Crawling

 

you make a folder anywhere you want.. the easiest would be to make the folder right in the root of the c: drive such that the path would be C:\HJT.

paste the zip file into that directory that you just made (C:\HJT) and then unzip it right there.

It would help me better if you told me what program you're using as a ZIP program..

 

Glen downloaded Hijack this,it would't open , yesterday.
This morning his computer was acting strange, he tried to get on the net,
his screen went black then (666) came on sceen then PC wounldn't
obey commands.
He got the net finally and is doing the Giant AntiSpyware again
and was going thru the READ THIS FIRST (basic spyware removal)
again. This time when he tried to run Kill2me, CWShredder, and Spybot when clicked I think he said, would not open and give the message "run time memory not available."

Heeelp

 

When Glen tried to run again Kill2me, a window opens and says "Rundll32 has an
error in KERNEL32.dll, also when tried to run CW Shredder and Hijack This a
window opens and says "Explorer has caused an error in the KERNEL32.dll"
then it says, "Explorer will now close restart computer" then it knocked out his desktop.

He has restarted his PC over and over, same results.

He also has tried over and over to download these tools again and again.
He had the Blank sceen and 666 before when his PC first began to act up.
Seems to have come back again with a black screen.
Need some lite
Help!

 

Waiting for help.
Won't let him stay on net for any length of time,
but still trying.
He said, he might call a technician.
Is this necessary?

 

I think we can safley say thats a virus.

If you boot the machine into safe mode (I hope you know the Administrator password), and run AV scans, spyware scans etc. from there, chances are you'll be able to take out the virus(es) without a problem.

 

Does this mean turn off Avast anti-virus and the firewall too when you say close all programs as well as get off the net?

 

Well since the reply in question was AFTER post #4, I presumed the person hadn't gone through it or hasn't done it properly.

If its not a virus that needs removing .....

 

giant antispyware is junk has no site support and give multiple false hits. try adaware,spybot and spysweeper also spywareblaster.