Thanks, Jackie. That's a great help.
George.
-----Original Message-----
From: blind-sysadmins-bounces@lists.hodgsonfamily.org
[mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of
Jackie McBride
Sent: 26 April 2011 13:42
To: Blind sysadmins list
Subject: Re: [Blind-sysadmins] Malware taking over PC's
George, dc it from the network, then download hijackthis from
www.trendmicro.com It's under downloads > free tools >cleanup. U can
put it on a flash drive & xfer it to the infected machine.
Please note that this program lists both good & bad stuff, some of
which, if u delete it, will kill your machine, so having a trained
person look at it is recommended. It also does not find stuff like
rootkits, for which u should likely use something like process
explorer. What it does do is list those parts of the registry where
malware can be run from, &, as such, is an excelent starting point for
ferroting out the baddies.
Also netstat /B (note the uppercase b) from the command line can give
u an idea of active connections. U will want to run that b4 u kill the
network connection, obviously. Piping the command to a file so u can
look at it later would probly b helpful.
Let me know if u need more help, though, having said thus, I'll be out
most of the day.
On 4/26/11, George Bell
I'm looking for advice and suggestions on software tracking down malware which appears to be using a PC to perform massive downloads.
To describe the issue, Virgin are claiming that a system has downloaded over 700 GIGA bytes on a 50 GB cable connection. The machine is never left on overnight or for extended periods of non-use.
Sadly, Virgin a not being very helpful.
Any ideas?
George.
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins
-- Blame the computer--why not? It can't defend itself & occasionally might even be the culprit Jackie McBride Jaws Scripting training materials: www.screenreaderscripting.com homePage: www.abletec.serverheaven.net _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins