Yesterday, someone hacked into my aol account, changed my password, and sent over 6,000 porn e-mails from my sn called "what would teens do for drugs." After this, i decided to take no chances, reformated, and re-installed win xp. however, i am curious what virus this could have been because i was running norton anti-virus, and i had several trojan removers, and none of them could detect this pest. I was just wondering if someone knew what type of virus this was because i am curious. Thanks.

hi matt, you probably had a trojan, as to the name of it can't tell. it was probably a trojan key logger with a remote access exe. for more info go to www.thepublicworks.com and click on the Simovits Consulting link (on action), the Dalantec link and Trojan Ports by Black Ice. Then go the pcflank.com link and get a free trojan and port scan. this will tell you if you still have any residue trojan files and what if any ports are open. if you don't use a firewall you can download any of the free firewalls on thepublicworks.com site. in the event that this event reproduces itself again download RegProt (a free registry monitor from Diamond, Promon, and TDImon from Sysinternals, free process monitor and port monitor. another good idea would be to download a free 30 day trial of Trojan Hunter and do a re-scan of your computer. you can access this AT from Wilders.org as to the name of the trojan there are many to consider, you can start with Back Office, Sub Seven, Matrix, Net Bus, Keylogger, Bionet, to name a few all the best, and cheers, murve

thanks a lot murve

Also, don't know what operating system u have but try this next time u r online. Click start/programs/accessories/Dos and enter. At the c:\Windows prompt type: Netstat and enter. Your firewall will ask for permission, grant it same. And it will tell u if anyone is connected to you, it works similar to X-netstat but this is I believe supposed to be with windows as a norm, I found it on accident while doing some research. Also you can type these commands and they will give u different things with the program: netstat -s netstat -p netstat -e netstat -a netstat -r netstat -n U can hear a humming noise if they are in your computer, make sure your shares are off. No plug N Play, go to grc.com for plugnplay and see if u are broadcasting unwantingly.

I was also wondering whether it was normal for the Generic Host Process for Win32 Processes to be using ports TCP:3003, 3002, and UCP:2234. Thanks.

hi matt, Here'a some info on ports 3001, 3002, 3003, 2234: 2234 UDP Direct Play Server 2234 TCP Direct Play Server 3001 UDP Redwood Broker 3004 TCP Csoft Agent 3003 TCP CGMS 3002 TCP RemoteWare Server/EXLM Agent There are no trojans associated with these ports. for more info go to www.thepublicworks.com and click on Tantalo Ports for more info. cheers, murve

USE TDS-3 (Trojan Denfense Suite 3). It has a utility that runs a scan on all "trojan ports" when you are online. VERY helpful tool