Why does my computer keep running?

Forum Moderators: phranque

Message Too Old, No Replies

Why does my computer keep running?

rrrrrrrrr

hollyhats

3:47 am on Jan 2, 2003 (gmt 0)

I am going crazy here. I wonder if any of you experts can offer some help. My computer starts running about 1 minute after it sits idle. It will run and grind all night long if you don't shut it down. It works fine as long as you are active in a program or are online. The only thing that I have done differently lately was install MSN 8, which left open ports so bad that Cox Cable picked up on it and totally shut down the cable to my computer. Also, when I go online my home page has turned into PORN! I don't have any firewalls installed. Also, some screen comes up that says "YOU ARE BEING WATCHED"
I know this group is about web design, but I need help before this thing drives me nuts!
Happy New Year everyone!

Brett_Tabke

4:03 am on Jan 2, 2003 (gmt 0)

Get a program called adaware and sweep your system. You have trojans on it. Then get a program called ZoneAlarm (a free firewall) and install it...

lorax

1:55 pm on Jan 2, 2003 (gmt 0)

Sorry holly but I have to agree with Brett - you've been hacked. When you do the sweep, boot from a medium (diskette or CD) that you know is free of viruses. Then run the AV software.

The reason is that many of the trojans & viruses execute TSR (terminate and stay resident) programs which hide in the background as soon as you boot up. They embed themselves within the OS so that they will be started up the next time you turn the computer on.

The only way to ensure an AV program will clean them out is to boot the computer without them - thus the need for a guaranteed clean media boot.

If it's a real nasty - you may need to reformat the drive and start again but this one sounds more like an annoyance.

Goodluck with it.

ikbenhet1

1:59 pm on Jan 2, 2003 (gmt 0)

without a firewall?

I always get several alarms within few seconds after zona alarm is installed on a new system and the alarmmessages always keep comming and then i put the messages 'off'.

There are so many hackers these days using free software to scan ports, it a bit scary, imaging all the people without a firewall.

jackofalltrades

2:15 pm on Jan 2, 2003 (gmt 0)

Just installed and ran adaware - amazing the crap you pick up while surfing! :)

JOAT

Mardi_Gras

2:24 pm on Jan 2, 2003 (gmt 0)

Holly - While I agree with all of the above, I would suggest you find out which trojan(s) you are infected with, then research them on symantec.com or any other quality anti-viru site. Removal is not always simple, and sometimes extra steps need to be taken to prevent immediate re-infection - epecally if you are running a Windows version with System Restore.

By the way, Cox did not shut you down because you had open ports - they shut you down because your computer was scanning for others with open ports (without your knowledge, of course). If you contact them, they can tell you the specific complaint against you (probably from My Night Watchman) which may tell you the major problem you are infected with.

I just worked on two computers connected to Cox that were hacked - one had all his documents deleted. The moral - after fixing this problem, get that firewall installed ASAP.

<<added>> I don't mean to imply that Cox users are somehow more likely to be hacked - just noting that I recently dealt with Cox on these issues.<</added>>

creative craig

2:32 pm on Jan 2, 2003 (gmt 0)

I use Zone alarm as well, the annoying thing is that I have to lower it when ever I want to upload anything which is alot of the time really.

I have tried for ages to get that to work but with no luck, it just shuts down Elite FTP every time :(

Craig

ikbenhet1

2:41 pm on Jan 2, 2003 (gmt 0)

You can use the browser's ftp or ws_ftp with zone alarm runnig high security. both will work.
Wel they work from here without lower the security.

Ps. You can always check for a update.

curlykarl

9:25 am on Jan 3, 2003 (gmt 0)

"I use Zone alarm as well, the annoying thing is that I have to lower it when ever I want to upload anything which is alot of the time really"

Same here, I have two machines set up exactly the same, on one of them I have to turn zone alarm off to upload, its weird :)

I gave up trying to figure it out

[edited by: oilman at 11:15 pm (utc) on Jan. 3, 2003]

txbakers

5:28 pm on Jan 3, 2003 (gmt 0)

I have a high speed DSL line, but I bought a firewall/router ($99) for the main connection and the PCs are behind that. I only open the ports needed for HTTP, FTP, Mail, and remote admin. I haven't had a virus or trojan since I connected it.

The day I went live though, with the DSL, before I had the router installed I was hit with Code Red. Amazing - within hours of being open to the world I was found and hit.

Either use the zone alarm or get a router/firewall.

dingman

5:51 pm on Jan 3, 2003 (gmt 0)

The day I went live though, with the DSL, before I had the router installed I was hit with Code Red. Amazing - within hours of being open to the world I was found and hit.

I get hit with a few dozen to a few hundred Code Red and simmilar every day. I'm simply astonished that people are still vulnerable. When a hole that allowed a worm to be written with a simillar propagation method was discovered in Apache, I was patched within a day or two even though I had other security measures in place that would have prevented an infection, and I can't have been alone because I don't get any attempts of that sort at all. Apache has twice the market share of IIS according to Netcraft, so it's not as if there just aren't enough Apache servers out there for the worm to have reached critical mass.

anon1

9:02 pm on Jan 4, 2003 (gmt 0)

Hello,

I agree that you need to clean out the nasties and then protect your pc with a firewall (ZoneAlarm).

However, I will highly advise that you use another program other than the AdAware as it is out of date and lacks the needed code to identify newer threats. Just like anti-virus software needs to be updated in order to deal with newer threats, AdAware (and the like) need updating to know what to identify as a trojan/worm/mal-ware/etc.

AdAware has been in limbo for awhile but a program called Spybot Search&Destroy is regularly updated and more up-to-date.

I also prefer the ZoneAlarm over some other popular firewalls because it will alert you to *outbound* connection attempts as well as inbound. So even if something happens to get into your system you should catch it trying to go out and therefore not become an unknowing "zombie" for a DDoS attack.

Another easy thing that can be done to help protect your system, if it is a Windows based pc, is to uninstall the Windows Scripting Host. That is a program on your Windows system that will execute scripts without you knowing. It is a target of malware.

Your issue of the computer running and grinding away might be due to some schduled "maintenance". If it is a newer Windows system than you might try checking the Scheduled Tasks and the Maintenance Wizard in the StartMenu>Programs>Accessories>SystemTools. Some have the Disk Defragmentor scheduled with an option to "speed up frequently used programs" which will defrag the drive and move applications to the beginning of the partition.

Anon1

[edited by: anon1 at 9:11 pm (utc) on Jan. 4, 2003]

sem4u

9:10 pm on Jan 4, 2003 (gmt 0)

I always use Norton for my firewall protection and every day I get attempts to hack into my PC.

Anyone who hasn't got a firewall go out and buy one or download a reputable one from the net, even if you have a dial up ineternet connection.

adamas

2:57 pm on Jan 5, 2003 (gmt 0)

Just to give another option for firewalls - I used to use ZoneAlarm but had problems with some versions on WinXP and moved to Outpost. I find Outpost offers finer control than ZoneAlarm which of course can be a good thing or a bad thing depending on your level of knowledge.

creative craig

12:46 pm on Jan 6, 2003 (gmt 0)

I ran ad-aware yesterday on my laptop for the first time, it deleted so much crap it actualy felt lighter ;)

Craig