This is more of a help for other people,, but I still need some assistance to know im no longer at risk
today i was downloading images and 5 that i downloaded didnt have the typical .jpeg filename (they didnt have a file name at all)
when i right clicked on one only 5 options appeared in the right click menu,,
when i click on them all i got the delete option and properties.
I couldnt move these files, I couldnt edit these files, i dare not open the bleepers and I couldnt delete them (I cyber scrubbed them but all that did was delete they folder they were in, sending them to a temp folder.. which i couldnt erase)
in the properties menu their boxes had all been checked (encrypt for file security, ready for archiving, hidden, read only) after unselecting all the boxes and hitting ok,, they became re checkd ( so i suppose they were encrypted)
ok so far your thinking ok... so...
after they laned on my computer i began getting IP intrusion alerts from zone alarm (blocking it thankfully)
I got about 5 hits in 4 or so minutes,, and looking at the zone alarm logs, my computer was sending transmissions out to various ip's ( 88.xxx.xxx.xxx and a few x7x.xxx.xxx.xxx address before each hit ( i did an ip trace later of the outgoing but came up with a dead address..)
I managed to trace the incoming to xtra.co.nz and nic@gateway ( what eva that is)
and I managed to delete the encrypted files by using dos (all hail dos)
i got a few incoming hits the first time i rebooted after deleting those files, so i sent a few emails to the ISP's owning the incoming IP's and havent recieved any hits since. (zone alarm hasnt detected any unwanted incoming or outgoing)
My question is... Am I still being hit (or sending data out) but its not being detected ?
and would the dos deletion have successfully killed those files, not just sent them into hiding?
I dont think my problem is too common, but i noticed a microsoft update that talks about protecting a computer from intrusions due to trojans being mistaken as jepg due to some imaging error.
Edited by Papakid, 04 May 2007 - 08:36 AM.