anyone can give me some info with this?
take alook and tell me if you can help.
-
TheSolutionBase
- Regular Member
- Posts: 131
- Joined: Fri Aug 31, 2001 1:03 pm
take alook and tell me if you can help.
anyone can give me some info with this?
-
TheSolutionBase
- Regular Member
- Posts: 131
- Joined: Fri Aug 31, 2001 1:03 pm
Name: Psyber Stream Server - PSS
Aliases: N/A
Ports: 1170, 1024-4000 (1170-1509 ?)
Files: Pss.zip - 202,731 bytes Pss10.zip - 498,622 bytes Pss-client.exe - 80,384 bytes Help.exe - 25,600 bytes Wave.exe - 38,400 bytes Wavserv.exe - 235,674 bytes Wave.dll - 27,648 bytes Nmocod.dll - 240,640 bytes Nmoremu.dll - 66,560 bytes Nmsckn.dll - 48,128 bytes Ocx.reg - 2,592 bytes Winsck.ocx - 141,312 bytes
Created: June 1999
Requires: N/A
Actions: Remote Access / Eavesdropper
Sends streaming recorded audio.
Versions: 1.0,
Registers: Does not register.
Notes: Works on Windows.
Country: N/A
Program: N/A
how can i rid this or close the port.
Aliases: N/A
Ports: 1170, 1024-4000 (1170-1509 ?)
Files: Pss.zip - 202,731 bytes Pss10.zip - 498,622 bytes Pss-client.exe - 80,384 bytes Help.exe - 25,600 bytes Wave.exe - 38,400 bytes Wavserv.exe - 235,674 bytes Wave.dll - 27,648 bytes Nmocod.dll - 240,640 bytes Nmoremu.dll - 66,560 bytes Nmsckn.dll - 48,128 bytes Ocx.reg - 2,592 bytes Winsck.ocx - 141,312 bytes
Created: June 1999
Requires: N/A
Actions: Remote Access / Eavesdropper
Sends streaming recorded audio.
Versions: 1.0,
Registers: Does not register.
Notes: Works on Windows.
Country: N/A
Program: N/A
how can i rid this or close the port.
-
mercman2000
Re: Take a look ...
Sorry to hear about your troubles. I really don't know how to close those ports, but what you can do is break the file so it can't run. Each file, especially executables, have a header, a piece of information identifying it as a particular type of file. If that is gone, it has lost it's identity. So, break those files. I would make backups, then go into edit.com (in a pure-dos setting, not MS-DOS Prompt), and edit the files. Find them using Windows find, and write down the directories they are in. Next, boot using a EBD (Emergency Boot Disk), or similiar disc, just boot so Windows isn't running at all. Safe mode doesn't count. Now, edit the files. You see the MZ at the beginning at each of them? Turn on overwrite mode by pressing the insert key, and just space over the MZ, and a few more random characters while you are at it. Save that file. Continue on doing this until all of them are edited. It kind of sounds like a trojan, what you have, and those must be loaded. If the file is removed, the trojan will replenish itself somehow, but if it's broken, it can't be run, and since it's not removed, it won't rebuild itself. I hope I'm making sense. Good luck! After all is said and done, I'd get some anti-virus software on your system, just to be on the safe side.
-Adam
-Adam