| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 49874 | 2004-10-03 10:39:00 | possible trojan or virus? | tricky1 (6230) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 277939 | 2004-10-03 10:39:00 | Hi everyone, I'm new to this forum and would like your opinion on a potential problem I'm having . Recently after establishing a dial-up connection on my PC, I have noticed the internet connection icon - specifically the received bytes counter - is continually ticking over . It appears as though a lot of data is being downloaded and I have no idea what it is or where it's being downloaded . Would this kind of activity indicate a trojan virus or something sinister? Perhaps its harmless network traffic, but I'm unsure as the received bytes continually increases over for a period of about 5 minutes . Has anyone else encountered this type of behavior before? My virus definitions are always up to date and I use a software based firewall . I haven't received any firewall alerts however am concerned it may be something nasty as I have only noticed this has started occuring recently . Thanks to anyone who can offer their thoughts on the matter . |
tricky1 (6230) | ||
| 277940 | 2004-10-03 10:47:00 | Hi buddy , I note you have a software firewall - does it report anything while this activity is going on [? windows update , musicmatch etc ] . Have you installed , updated and run Spybot 1.3 and Ad Aware SE ? It would be helpful to know a few more details eg OS [? Windows] , what is the firewall you're using , antivirus ... |
KatiMike (242) | ||
| 277941 | 2004-10-03 10:50:00 | are you using XP if you are have you got auto update enabled also if you look towards the the top of this page youll see a FAQ link, in there along with many other helpfull topics you will find a FAQ on this subject number 16 (pressf1.pcworld.co.nz) if I remember correctly and lastly WELCOME |
beama (111) | ||
| 277942 | 2004-10-03 10:52:00 | Tricky, Is it downloading or UP loading? Sending or Recieving? The connection dialogue should tell you. Sending requires VERY urgent attention. D. |
drb1 (4492) | ||
| 277943 | 2004-10-03 11:17:00 | > Hi buddy , I note you have a software firewall - does > it report anything while this activity is going on [? > windows update , musicmatch etc ] . Have you > installed , updated and run Spybot 1 . 3 and Ad Aware > SE ? > It would be helpful to know a few more details eg OS > [? Windows] , what is the firewall you're using , > antivirus . . . Hi thanks for your reply . I am running XP Pro, Norton Internet Security 2003 - anti-virus and firewall . From what I can see no there is no system update being peformed, WindowsUpdate or otherwise . The only strange looking entry in the firewall logs is the following, which is repeated a lot: * An instance of "C:\Program Files\Messenger\msmsgs . exe" is preparing to access the Internet for the first time . This is strange as the rules have been created for windows messenger . Also I have disabled it from starting when XP boots . . . * TCP non-syn/non-ack packet on invalid connection . Packet has been dropped This is the other repeating log entry - but less entries then above . It is repeated for various IP addresses . I have older versions of spybot and ad aware, my next step was to install the latest versions and definition lists . |
tricky1 (6230) | ||
| 277944 | 2004-10-03 11:22:00 | To beama and drb1, thank for your comments. I will check out faq#16, thanks beama. drb1 - as for is it either sending or receiving, it's definately receiving data not sending... phew |
tricky1 (6230) | ||
| 277945 | 2004-10-03 12:27:00 | This program will enable you to see what is connected to your computer, I find it very useful in the circumstances that you are reporting: www.sysinternals.com |
zqwerty (97) | ||
| 277946 | 2004-10-03 20:56:00 | just remember no antivirus software is going to detect 100% of viruses even if it is updated, good idea would be to us the online panda activescan at: www.pandasoftware.com |
Lee76 (6051) | ||
| 1 | |||||