Results 1 to 9 of 9

Thread: Adware, Spyware, Who Knows?

  1. #1
    Member
    Join Date
    Jun 2002
    Posts
    95

    Adware, Spyware, Who Knows?

    Hi Guys,

    I'm not sure if this is normal however, when I connect to the interent, my sent bytes in the activity section of the connection dialog is way more than my recieved.

    I have run McAfee AV and Lavasoft Ad-Aware and got ride of all spyware etc i could see, however it is still sending something.

    For example, i have been on the net for 41min my recieved is 7,000,000bytes appox. and my sent is 15,000,000bytes appox.

    I have tried everything I can think of, and i am turning to you guys for help.

    Any help is appricated,

  2. #2
    Junior Member
    Join Date
    Feb 2004
    Location
    Greece
    Posts
    16
    did you see if you have enabled the automatic download of windows update (and sending information about updating)
    try ctrl+alt+del in the processed panel and see anything strange that you dont know (first close any apps like virusscans, irc, firewalls,etc)
    and the last one, check start>run> msconfig in the last panel if you see anything strange in the startup panel.

  3. #3
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    A couple of things you can do, fiirstly run the netstat command to see what connections you have.

    Start>>run>>type "cmd"
    in the command box type "netstat -a

    Look at the list of connections and see what is going on. Google will help you with the results.

    Next download and run Hijack This. From here:http://www.spywareinfo.com/~merijn/downloads.html

    Post the log created here if you do not no what you are about with this tool. Some one will help you out.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  4. #4
    Junior Member
    Join Date
    Jun 2002
    Posts
    24
    I recently had a similar problem with a coworker that was seriously hijacked on her laptop by a music site that she had visited. I noticed her system was always poping up with IE pages and loading search bars and banners on the network. I finally was able to get it all cleared up by using a combination of Zone Alarm, XP task manager and Ad-aware. I found these three to be really usefull as ad-aware would clear out the spyware, then when I rebooted, zonealarm would show me what applications were trying to access the net, and I was able to disable them through task manager, physically delete them, then run adaware, zone, task, and keep the process going till I was finally able to eliminate it all from her system.

    Just a suggestion.
    See dick... see dick hack yahoo...see dick go to jail... dont be a dick.

  5. #5
    Senior Member
    Join Date
    Feb 2004
    Posts
    620
    You should get a personal firewall such as Sygate that will notify you whenever a program on your computer is trying to connect to something else. That way you can filter out which programs you want to allow to connect and the ones you want to disallow.

  6. #6
    Senior Member therenegade's Avatar
    Join Date
    Apr 2003
    Posts
    400
    Amen to the firewall idea..browse around the site to see whch one most people recommend(I'm betting on Sygate but ZA isnt too bad either).Are you running some kind of P2P software?It could explain why you're seeing the abnormal data flow

  7. #7
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    Not that the advice you have received is wrong or bad, but I typically look for the root cause of a problem before blindly throwing firewalls and spyware scanners on my hosts. Each software package you add is another possible vulnerability being introduced to your host. Also, competing software vendors typically don't play nice with eachother when installed together. Also, the more services running (and reg keys, etc) means more white noise you have to sift through before finding the true root issue.

    As someone mentioned, you can do a netstat to get a fast idea of what connections are currently established, however, this is not a realtime view. I would use a sniffer instead. Once you see where the traffic is going, you can determine what will fix it. Also, a process explorer is always a very nice tool to use. You can reference various services on http://www.pestpatrol.com or http://www.liutilities.com/products/...processlibrary

    Non intrusive tools, I have found, are the most helpful way to ferret out problems. Good luck in your quest.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  8. #8
    Senior Member
    Join Date
    Feb 2004
    Posts
    620
    Yeah listen to TH13's advice. He's an all knowing Master-Jedi-Pimps0r

  9. #9
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165
    One thing that you might look at if you're using a dial up connection is to enable hardware error checking, compression and flow control. I've seen people have this exact problem and it's been solved by this.

    Cheers,
    cgkanchi
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •