|
-
April 22nd, 2005, 03:34 AM
#21
Greeting's
Assuming that you have already run an online scan mentioned by XTC46 and looking at your Hijackthis log I can see that your windows is patched up. And because you are still facing the problem I think you might want to give a try to Rootkit revealer
Get more information at :
http://www.sysinternals.com/ntw2k/fr...itreveal.shtml
Try using it if you find anything out of the ordinary tell us or simply post the log. Like hijackthis is used for finding adware and spyware use this for finding Rootkit's
Sience you are new in computer security field try reading this http://en.wikipedia.org/wiki/Rootkit
edit :
One more idea i can give you is running a sniffer for sometime. Try ethreal
download it from http://www.ethereal.com/
Let is run for some time, save its log BUT SAVE IT AFTER YOU SANITISE YOUR LOG'S (SEARCH FOR A TUTORIAL BY TIGER SHARK ON THIS SITE.)
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD* 
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
April 22nd, 2005, 04:39 AM
#22
Junior Member
OK, I ran the rootkit revealer, and it only came up with 2 things. the first was HKLM/software/classes/ and the other was HKLM/software/installer/... Does that mean anything? They were altered both on 7/11/2004.
Thanks for the help, everyone. I really appreciate it.
-
April 22nd, 2005, 04:45 AM
#23
I wipe my hands of the thread:
I think we are chasing a ghost..
While idle.. a machine will recieve more packets than it will send..
internet noise and legitmate handshaking client to server and browser to certain websites
if we have a trojan.. WOULD IT NOT BE SENDING as much as recieved if not more that rx...?
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
April 22nd, 2005, 04:52 AM
#24
Greeting's
Run a sniffer and post the log (AGAIN AFTER YOU SANITISE IT). Except that Ill go with Und3ertak3r I think everything on your pc is okay. Also give the exact registry keys.
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
April 22nd, 2005, 08:52 AM
#25
Undies has put all ten in the "x-ring"........(bet he used a Sportco as well!)
If you are just browsing the web you are DOWNLOADING pages? this is in response to your relatively short UPLOAD request?
So, in a normal situation you must expect far more incoming volume than outgoing?
I fell into the trap of thinking that there was a real problem, and that the OP had just got it the wrong way round......../my bad
All I have done today since I fired up this box is log onto AO.......I am running about 8 in to 2 out.....that is what I would expect, as when I look at a new topic, I look at a new page, which has to be downloaded?
Good man undies!
-
April 22nd, 2005, 02:45 PM
#26
Junior Member
OK, and thanks for your help everyone.
It's good to hear that my comp isn't doing something it shouldn't. At least now I know where to come to learn about this stuff. Thanks again!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
