| Home | Register | Members | Search | Links |
 |
| Thread Tools | Display Modes |
|
Guest
Posts: n/a
|
|
|
|
||
|
|
| |
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
Guest
Posts: n/a
|
"Tx2" <(E-Mail Removed)> wrote in message news:(E-Mail Removed) T... > In article <(E-Mail Removed)>, MikeB > of (E-Mail Removed), felt we'd be interested in the following... > > >> Tx2 wrote: >> > In article <XS_Gh.29419$(E-Mail Removed)>, Gordy >> > of (E-Mail Removed), felt we'd be interested in the >> > following... >> > >> > >> >> Been recently having loads of problems with my Virgin Broadband (old >> >> NTL) >> >> and whilst poking about noticed that i have traffiic coming and going >> >> when >> >> it should be dead as things like bitcomet and messenger are off. >> >> >> >> Usually when this is the case and looking at Local Area Connection >> >> Status >> >> window there will be no incoming or outgoing packets. >> >> >> >> Now there seems to be quite a lot of both and its bugging me whats >> >> causing >> >> it. >> >> >> >> It pretty sure its no background task downloading updates. >> >> >> >> Is there a way i can find out with files are sending and recieving >> >> information? >> >> >> >> Ive given the pc 2 full virus scans with AVG and and the free online >> >> Trend >> >> Micro scanner both of which come up clean. >> >> >> >> Any ideas how to identify the traffic source? >> > >> > Install a software firewall that doesn't auto-include what it thinks >> > can >> > be allowed, and see what is trying to get out. >> > >> > I use Sygate 5.6 >> > >> > >> You don't by any chance have either Sky by Broadband, or 4oD installed, >> do you? > > No, I don't. > > -- > My reply address is invalid. > Please post replies to the group. > Messages sent via Google Groups are 'auto-ignored' > XPS M1710 / 2.16 GHz dual core / 2Gb DDR2 / nVidia GeForce 7950GTX Ive tried a few firewalls and made them stop absolutly everything and it still sending packets lol. Heres a screenshot of Sniffem, i seem to be contacting dozens of random IPs yet cant find anything doing it! http://homepage.ntlworld.com/gordon_ash/sniff.JPG Thanks for the help so far  Gordy |
|
|
|
|
|||
|
Guest
Posts: n/a
|
Gordy wrote:
> "Tx2" <(E-Mail Removed)> wrote in message > news:(E-Mail Removed) T... >> In article <(E-Mail Removed)>, MikeB >> of (E-Mail Removed), felt we'd be interested in the following... >> >> >>> Tx2 wrote: >>>> In article <XS_Gh.29419$(E-Mail Removed)>, Gordy >>>> of (E-Mail Removed), felt we'd be interested in the >>>> following... >>>> >>>> >>>>> Been recently having loads of problems with my Virgin Broadband (old >>>>> NTL) >>>>> and whilst poking about noticed that i have traffiic coming and going >>>>> when >>>>> it should be dead as things like bitcomet and messenger are off. >>>>> >>>>> Usually when this is the case and looking at Local Area Connection >>>>> Status >>>>> window there will be no incoming or outgoing packets. >>>>> >>>>> Now there seems to be quite a lot of both and its bugging me whats >>>>> causing >>>>> it. >>>>> >>>>> It pretty sure its no background task downloading updates. >>>>> >>>>> Is there a way i can find out with files are sending and recieving >>>>> information? >>>>> >>>>> Ive given the pc 2 full virus scans with AVG and and the free online >>>>> Trend >>>>> Micro scanner both of which come up clean. >>>>> >>>>> Any ideas how to identify the traffic source? >>>> Install a software firewall that doesn't auto-include what it thinks >>>> can >>>> be allowed, and see what is trying to get out. >>>> >>>> I use Sygate 5.6 >>>> >>>> >>> You don't by any chance have either Sky by Broadband, or 4oD installed, >>> do you? >> No, I don't. >> >> -- >> My reply address is invalid. >> Please post replies to the group. >> Messages sent via Google Groups are 'auto-ignored' >> XPS M1710 / 2.16 GHz dual core / 2Gb DDR2 / nVidia GeForce 7950GTX > > Ive tried a few firewalls and made them stop absolutly everything and it > still sending packets lol. > > Heres a screenshot of Sniffem, i seem to be contacting dozens of random IPs > yet cant find anything doing it! > > http://homepage.ntlworld.com/gordon_ash/sniff.JPG > > Thanks for the help so far > > Gordy > > Pop over to sysinternals and download tcpview: http://www.microsoft.com/technet/sys...utilities.mspx Might show you wassup. (Process Explorer is also useful) |
|
|
|
|
|||
|
Guest
Posts: n/a
|
"Linker3000" <(E-Mail Removed)> wrote in message news:45ecae1f$0$2452$(E-Mail Removed)... > Gordy wrote: >> "Tx2" <(E-Mail Removed)> wrote in message >> news:(E-Mail Removed) T... >>> In article <(E-Mail Removed)>, MikeB >>> of (E-Mail Removed), felt we'd be interested in the following... >>> >>> >>>> Tx2 wrote: >>>>> In article <XS_Gh.29419$(E-Mail Removed)>, Gordy >>>>> of (E-Mail Removed), felt we'd be interested in the >>>>> following... >>>>> >>>>> >>>>>> Been recently having loads of problems with my Virgin Broadband (old >>>>>> NTL) >>>>>> and whilst poking about noticed that i have traffiic coming and going >>>>>> when >>>>>> it should be dead as things like bitcomet and messenger are off. >>>>>> >>>>>> Usually when this is the case and looking at Local Area Connection >>>>>> Status >>>>>> window there will be no incoming or outgoing packets. >>>>>> >>>>>> Now there seems to be quite a lot of both and its bugging me whats >>>>>> causing >>>>>> it. >>>>>> >>>>>> It pretty sure its no background task downloading updates. >>>>>> >>>>>> Is there a way i can find out with files are sending and recieving >>>>>> information? >>>>>> >>>>>> Ive given the pc 2 full virus scans with AVG and and the free online >>>>>> Trend >>>>>> Micro scanner both of which come up clean. >>>>>> >>>>>> Any ideas how to identify the traffic source? >>>>> Install a software firewall that doesn't auto-include what it thinks >>>>> can >>>>> be allowed, and see what is trying to get out. >>>>> >>>>> I use Sygate 5.6 >>>>> >>>>> >>>> You don't by any chance have either Sky by Broadband, or 4oD >>>> installed, >>>> do you? >>> No, I don't. >>> >>> -- >>> My reply address is invalid. >>> Please post replies to the group. >>> Messages sent via Google Groups are 'auto-ignored' >>> XPS M1710 / 2.16 GHz dual core / 2Gb DDR2 / nVidia GeForce 7950GTX >> >> Ive tried a few firewalls and made them stop absolutly everything and it >> still sending packets lol. >> >> Heres a screenshot of Sniffem, i seem to be contacting dozens of random >> IPs yet cant find anything doing it! >> >> http://homepage.ntlworld.com/gordon_ash/sniff.JPG >> >> Thanks for the help so far >> >> Gordy > Pop over to sysinternals and download tcpview: > > http://www.microsoft.com/technet/sys...utilities.mspx > > Might show you wassup. > > (Process Explorer is also useful) > Thanks, great tool. Unfortunatly it just says System Process:0 for all the events so i cant find a specific culprit. Im far from an expert but it looks like im exchanging data with a few dozen pc's across the globe at a time! its madness that no firewall of virus killer can pick this up! Im just going to give Process Explorer a bash.... |
|
|
|
|
|||
|
Guest
Posts: n/a
|
Gordy wrote:
> "Linker3000" <(E-Mail Removed)> wrote in message > news:45ecae1f$0$2452$(E-Mail Removed)... >> Gordy wrote: >>> "Tx2" <(E-Mail Removed)> wrote in message >>> news:(E-Mail Removed) T... >>>> In article <(E-Mail Removed)>, MikeB >>>> of (E-Mail Removed), felt we'd be interested in the following... >>>> >>>> >>>>> Tx2 wrote: >>>>>> In article <XS_Gh.29419$(E-Mail Removed)>, Gordy >>>>>> of (E-Mail Removed), felt we'd be interested in the >>>>>> following... >>>>>> >>>>>> >>>>>>> Been recently having loads of problems with my Virgin Broadband (old >>>>>>> NTL) >>>>>>> and whilst poking about noticed that i have traffiic coming and going >>>>>>> when >>>>>>> it should be dead as things like bitcomet and messenger are off. >>>>>>> >>>>>>> Usually when this is the case and looking at Local Area Connection >>>>>>> Status >>>>>>> window there will be no incoming or outgoing packets. >>>>>>> >>>>>>> Now there seems to be quite a lot of both and its bugging me whats >>>>>>> causing >>>>>>> it. >>>>>>> >>>>>>> It pretty sure its no background task downloading updates. >>>>>>> >>>>>>> Is there a way i can find out with files are sending and recieving >>>>>>> information? >>>>>>> >>>>>>> Ive given the pc 2 full virus scans with AVG and and the free online >>>>>>> Trend >>>>>>> Micro scanner both of which come up clean. >>>>>>> >>>>>>> Any ideas how to identify the traffic source? >>>>>> Install a software firewall that doesn't auto-include what it thinks >>>>>> can >>>>>> be allowed, and see what is trying to get out. >>>>>> >>>>>> I use Sygate 5.6 >>>>>> >>>>>> >>>>> You don't by any chance have either Sky by Broadband, or 4oD >>>>> installed, >>>>> do you? >>>> No, I don't. >>>> >>>> -- >>>> My reply address is invalid. >>>> Please post replies to the group. >>>> Messages sent via Google Groups are 'auto-ignored' >>>> XPS M1710 / 2.16 GHz dual core / 2Gb DDR2 / nVidia GeForce 7950GTX >>> Ive tried a few firewalls and made them stop absolutly everything and it >>> still sending packets lol. >>> >>> Heres a screenshot of Sniffem, i seem to be contacting dozens of random >>> IPs yet cant find anything doing it! >>> >>> http://homepage.ntlworld.com/gordon_ash/sniff.JPG >>> >>> Thanks for the help so far >>> >>> Gordy >> Pop over to sysinternals and download tcpview: >> >> http://www.microsoft.com/technet/sys...utilities.mspx >> >> Might show you wassup. >> >> (Process Explorer is also useful) >> > > Thanks, great tool. Unfortunatly it just says System Process:0 for all the > events so i cant find a specific culprit. > > Im far from an expert but it looks like im exchanging data with a few dozen > pc's across the globe at a time! its madness that no firewall of virus > killer can pick this up! > > Im just going to give Process Explorer a bash.... > > Sounds like you either have a rootkit or something that's starting up and hooking in at the system level - one thing worth a try is to start up Internet Explorer and point it to safety.live.com and do a full scan - it's not necessarily the best but it catches a few nasties and it's free! After that, make your way over to www.trojanhunter.com and make use of the 30-day demo. |
|
|
|
|
|||
|
Guest
Posts: n/a
|
"Linker3000" <(E-Mail Removed)> wrote in message news:45ecb514$0$28978$(E-Mail Removed)... > Gordy wrote: >> "Linker3000" <(E-Mail Removed)> wrote in message >> news:45ecae1f$0$2452$(E-Mail Removed)... >>> Gordy wrote: >>>> "Tx2" <(E-Mail Removed)> wrote in message >>>> news:(E-Mail Removed) T... >>>>> In article <(E-Mail Removed)>, MikeB >>>>> of (E-Mail Removed), felt we'd be interested in the following... >>>>> >>>>> >>>>>> Tx2 wrote: >>>>>>> In article <XS_Gh.29419$(E-Mail Removed)>, Gordy >>>>>>> of (E-Mail Removed), felt we'd be interested in the >>>>>>> following... >>>>>>> >>>>>>> >>>>>>>> Been recently having loads of problems with my Virgin Broadband >>>>>>>> (old NTL) >>>>>>>> and whilst poking about noticed that i have traffiic coming and >>>>>>>> going when >>>>>>>> it should be dead as things like bitcomet and messenger are off. >>>>>>>> >>>>>>>> Usually when this is the case and looking at Local Area Connection >>>>>>>> Status >>>>>>>> window there will be no incoming or outgoing packets. >>>>>>>> >>>>>>>> Now there seems to be quite a lot of both and its bugging me whats >>>>>>>> causing >>>>>>>> it. >>>>>>>> >>>>>>>> It pretty sure its no background task downloading updates. >>>>>>>> >>>>>>>> Is there a way i can find out with files are sending and recieving >>>>>>>> information? >>>>>>>> >>>>>>>> Ive given the pc 2 full virus scans with AVG and and the free >>>>>>>> online Trend >>>>>>>> Micro scanner both of which come up clean. >>>>>>>> >>>>>>>> Any ideas how to identify the traffic source? >>>>>>> Install a software firewall that doesn't auto-include what it thinks >>>>>>> can >>>>>>> be allowed, and see what is trying to get out. >>>>>>> >>>>>>> I use Sygate 5.6 >>>>>>> >>>>>>> >>>>>> You don't by any chance have either Sky by Broadband, or 4oD >>>>>> installed, >>>>>> do you? >>>>> No, I don't. >>>>> >>>>> -- >>>>> My reply address is invalid. >>>>> Please post replies to the group. >>>>> Messages sent via Google Groups are 'auto-ignored' >>>>> XPS M1710 / 2.16 GHz dual core / 2Gb DDR2 / nVidia GeForce 7950GTX >>>> Ive tried a few firewalls and made them stop absolutly everything and >>>> it still sending packets lol. >>>> >>>> Heres a screenshot of Sniffem, i seem to be contacting dozens of random >>>> IPs yet cant find anything doing it! >>>> >>>> http://homepage.ntlworld.com/gordon_ash/sniff.JPG >>>> >>>> Thanks for the help so far >>>> >>>> Gordy >>> Pop over to sysinternals and download tcpview: >>> >>> http://www.microsoft.com/technet/sys...utilities.mspx >>> >>> Might show you wassup. >>> >>> (Process Explorer is also useful) >>> >> >> Thanks, great tool. Unfortunatly it just says System Process:0 for all >> the events so i cant find a specific culprit. >> >> Im far from an expert but it looks like im exchanging data with a few >> dozen pc's across the globe at a time! its madness that no firewall of >> virus killer can pick this up! >> >> Im just going to give Process Explorer a bash.... > Sounds like you either have a rootkit or something that's starting up and > hooking in at the system level - one thing worth a try is to start up > Internet Explorer and point it to safety.live.com and do a full scan - > it's not necessarily the best but it catches a few nasties and it's free! > > After that, make your way over to www.trojanhunter.com and make use of the > 30-day demo. > Just finished a complete scan with trojan hunter and all it found was my radmin, i let it quarentine it anyway but still im sending and reciving packets  Im right in thinking its deffinitly malicious because its contacting lots of different ips yes? id imagine if it was something legit it would be contacting just the one server. Im really puzzled :/ Gordy |
|
|
|
|
|||
|
Guest
Posts: n/a
|
|
|
|
|
||
|
|
| |
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| How to log wireless networktraffic without actually connecting ? | Ron | Wireless Internet | 2 | 05-31-2004 11:27 PM |
Linear Mode
