Dodged a PC wipe and reload! Picked up a nasty Trojan virus called NAPSTAT.EXE. It had a whole slew of things running, not the least of which was a key logger! Doh!! It was bogging the PC down terribly. The Task Manager would show the PC pegged at 100% CPU time (i5 quad-core) and the RAM would be maxxed out. A run of NETSTAT on the command prompt showed that multiple connections were being made by the hundreds on ports 49000 and above. They were opening incrementally at six and ten at a time. They just kept opening such that the NETSTAT command would not terminate. It was a good one. I think I got rid of it. How? I modified the Windows Firewall by disabling ALL rules both inbound and outbound. Created new rule that blocked all ports 49000-65535 on both TCP and UDP protocols for all domains. I also changed the Firewall Policy to a block by default/allow by exception footing both inbound and outbound. Now, if something wants out to the Internet, Ill have to create a rule for it. No problem, I can do that. What I would REALLY like to do is find the scumbag that CREATED the Trojan and hang him up by his wrists naked. Oh, and by the way, there would be a riding crop involved, too. Didnt I mention that...?
Posted on: Sat, 27 Dec 2014 21:59:12 +0000
Trending Topics
Recently Viewed Topics
© 2015