hardnrg Posted May 5, 2005 Posted May 5, 2005 if anyone can tell me exactly what is going on here (no idle speculation on spyware please) i'd appreciate it very much... just so you know, and don't say "omgzor $py\/\/4R3 pwnz j00!!!" or something equally as daft, i have run: AVG full scan AdAware full scan Spybot S&D full scan MS Spyware Beta full scan all with latest definitions and updates... i'm inclined to think that it isn't a malicious spyware/trojan/virus since there are no external connections, but possible a remnant of such malware in the past has left my ports in a mess? here are a couple of screenshots for you to take a gander at: my A64 main rig - connected to AXP nic#2 via crossover cable using ICS my AXP secondary rig - connected to the halls (like dorms) LAN using nic#1 with ZoneAlarm Share this post Link to post Share on other sites More sharing options...
Dasterdly Posted May 5, 2005 Posted May 5, 2005 use "netstat -an " for me please Looks like normal network traffic between the a64 rig and the xp2500 rig. I assume the 2500 rig goes through the a64 rig for internet and that you have broadband? Share this post Link to post Share on other sites More sharing options...
hardnrg Posted May 5, 2005 Posted May 5, 2005 the connection goes like this: A64 (nic) <==> (nic) AXP (nic) <==> Dorms Ethernet hmm, maybe the difference is because i used to have a switch between rigs and now i just have a crossover? Share this post Link to post Share on other sites More sharing options...
NCC10281982B Posted May 5, 2005 Posted May 5, 2005 Are you running and server apps or IIS? Share this post Link to post Share on other sites More sharing options...
hardnrg Posted May 5, 2005 Posted May 5, 2005 i closed down everything that i could see that used the network and/or internet... i'm not running a server app, but could IIS services be active or something? Share this post Link to post Share on other sites More sharing options...
Ste Posted May 5, 2005 Posted May 5, 2005 dumb but simple, have you tried restarting or restarting connection at Modem. Share this post Link to post Share on other sites More sharing options...
NCC10281982B Posted May 5, 2005 Posted May 5, 2005 Come to think of it alot of those look like loopback connections. The ones to 0.0.0.0 for exanple. Mine looks like this. Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 127.0.0.1:1028 0.0.0.0:0 LISTENING TCP 192.168.1.101:139 0.0.0.0:0 LISTENING TCP 192.168.1.101:1440 134.39.81.34:80 CLOSE_WAIT TCP 192.168.1.101:1441 134.39.81.34:80 CLOSE_WAIT TCP 192.168.1.101:1443 134.39.81.34:80 CLOSE_WAIT TCP 192.168.1.101:1444 134.39.81.34:80 CLOSE_WAIT TCP 192.168.1.101:1445 134.39.81.34:80 CLOSE_WAIT TCP 192.168.1.101:1449 134.39.81.34:80 CLOSE_WAIT TCP 192.168.1.101:1452 134.39.81.34:2304 ESTABLISHED TCP 192.168.1.101:1453 134.39.81.34:80 CLOSE_WAIT TCP 192.168.1.101:1454 134.39.81.34:80 CLOSE_WAIT TCP 192.168.1.101:1583 192.168.1.107:3389 ESTABLISHED Share this post Link to post Share on other sites More sharing options...
hardnrg Posted May 5, 2005 Posted May 5, 2005 dumb but simple, have you tried restarting or restarting connection at Modem. 473056[/snapback] yeah, many times... except i don't have a modem lol... i use ipconfig at the command line to /release and /renew, and then tried stuff like rebooting... blah blah blah dunno, i guess nothing's wrong, like it's not a security problem, just, my pings are sky-high recently so i can't play online games... my pings a bit random on this 500 person LAN (there are that many people staying here, maybe not all with a computer) Share this post Link to post Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now