I guess malware. How to find which file

  • Thread starter Thread starter Trish
  • Start date Start date
T

Trish

Guest
For almost 10 years I have been using `Naviscope' as my filtering (& many
more) localhost proxy software for net surfing. Yesterday I came to know
(thru Naviscope's Resource bars) that some trojan or malware, I suppose,
trying to connect to www.google-analytics.com. Immediately I took the url
copy paste of the link which is pasted below.

www.google-analytics.com:80/__utm.g...mccn=(direct)|utmcsr=(direct)|utmcmd=(none);+


How to know which file/program is trying to connect to this site through
Naviscope. Tcpview did not help in this regard.
I am running XP Pro sp2, Avast AV/Comodo Firewall/Adaware with latest
definition nothing
found.

Thanks for all the replies

Trish
 
Re: I guess malware. How to find which file

"Trish" <Nobodyknowsabcdef@unknown.com> wrote in message
news:OPhf$MlkIHA.1164@TK2MSFTNGP02.phx.gbl...
> For almost 10 years I have been using `Naviscope' as my filtering (& many
> more) localhost proxy software for net surfing. Yesterday I came to know
> (thru Naviscope's Resource bars) that some trojan or malware, I suppose,
> trying to connect to www.google-analytics.com. Immediately I took the url
> copy paste of the link which is pasted below.
>
> www.google-analytics.com:80/__utm.g...mccn=(direct)|utmcsr=(direct)|utmcmd=(none);+
>
>
> How to know which file/program is trying to connect to this site through
> Naviscope. Tcpview did not help in this regard.
> I am running XP Pro sp2, Avast AV/Comodo Firewall/Adaware with latest
> definition nothing
> found.
>
> Thanks for all the replies
>
> Trish
>

Do a thorough check for malware, following all of the steps at one of these
Web pages.
Help with malware:
All MS-MVP Sites.
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://www.elephantboycomputers.com/page2.html#Removing_Malware
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/darnit.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm

Unexplained computer behavior may be caused by deceptive software.
http://support.microsoft.com/kb/827315

So How Did I Get Infected Anyway?
For quite a few people it's by installing programs like Messenger Plus,
whose ads for malware don't identify the malware as such and try to convince
you that you owe it to the author. See also:
http://www.wilderssecurity.com/showthread.php?t=27971
Don't ever do a "default" install of anything. Always choose Custom and see
what else is being carried along. Don't install any extras you're not sure
of.

--
Frank Saunders MS-MVP IE,OE/WM
www.fjsmjs.com
Do not reply with email
 
Back
Top