I’ve got a Dell machine in our office that’s running Windows XP Pro with all available updates and everytime it connected to the internet, pop-ups would appear like crazy. I’ve got CSE, Norton AV 2005, MS Anti-Spyware, Ad-Aware, SpyBot S&D. I’ve even installed HijackThis and fixed what I thought needed to be fixed. This computer did run IE as the default web browser until last week. I installed FireFox and that seemed to help Norton AV detect the popups but I’m certain this machine is infected with SpyWare. I just can’t seem to pick it up with my scanners.
Everytime this machine connects to the internet via IE or FireFox now, I get a message box in the bottom right corner that says, “Norton Internet Worm Protection has detected and blocked an intrusion attempt. And everytime I refresh my browser or go to another page that message box pops up in the bottom right corner again.
When I click on the More Info link in the message box, I get this:
Intrusion: HTTP Apropos Ad Activity
Intruder:
Risk Level: Medium
Protocol: TCP
Attacked IP: adchannel.contextplus.net(64.127.103.41)
Attacked Port: http (80)
Even though Norton detects the intrusion attempt, I can’t seem to get Norton to find the attacker in a virus scan.
Any help would be much appreciated
