uapconsole
Jan 2 2007, 09:01 AM
| | Hello everyone. I have a dell desktop running windows xp home edition. AVG virus checker found an exploit in Firefox's application database in My Documents.
I moved it to the "vault" in AVG. I have several clients to check the safety of my computer and it seems like my machine is secure, however, there is one problem.
My DHCP-cable modem is directly hooked to my computer. However, even when the computer is idle, the "Send/recieve" LED's (lights) constantly blink. Do I still have the exploit or somehow I can't catch the "Trojan" the exploit installed?
I run a home business and security is #1, so this makes me very concerned. I'd be grateful for all feedback.
Thank you and happy new years.
- Demirelli |
Reply
Mark420
Jan 2 2007, 10:54 AM
Sounds like you need a firewall as well as some virus protection..what firewall are you using? the winxp built in one? if so get rid of it and get something like Zonelabs or Black Ice.. Also I would do a deep scan with something like Adaware just to check whats eben left behind if anything by the exploit..my guess is that AVG has done its job because its one of the best anti virus on the market.
Reply
Probably there are no trojans there. First look at the connection status. Are there any sent/received bytes? My best recommendation to you is to hook all the connections (TCP/IP). To do this you should download a tool named CPorts (or CurrPorts). You can download it from www.nirsoft.net . So what does this tool do ? It shows all the TCP/IP connections, the ports TCP/UDP and all open ports. By this tool you can view what kind of applications are making connections. So then you can find which of your application (or any running process) is connected to somewhere else. By the connection you can find the IP adress of the host that application is connecting to. If that IP address belongs to untrusted "X" host then you can kill that application (process). But before killing that proces i recommend to capture for data on that connection. By capturing you can exactly know what kind of informations are uploading/downloading. So in order to capture i recommend you to download a tool named SmartSniff from www.nirsoft.net. SmartSniff captures all the TCP/IP packets that pass through your network adapter. After that probably you will be sure that "x" process is doing "x" things. Or there maybe some another things ... It's up to your reply.  Happy New Year!
Reply
uapconsole
Jan 2 2007, 07:07 PM
Thank you for replying, guys. I have a desktop dell and gateway laptop on a wireless network. Router New Linksys/Cisco powered wireless router/switch. My WAN/ISP connection is standard 384kbs DHCP-cable modem from Charter communications. Both machines run windows xp home edit. they run AVG for virus scanning and Zone Alarm for firewall. AVG did find an exploit in my documents/firefox/...application data/... I placed this file in the "virus vault" of avg agent. Now, there are no reports of exploits. However I am still a bit paranoid about these LEDs flashing on the cable modem. The Receive Led "flickers" even if both machines are idle. I even turned both machines off completely and the lights continued to blink. This leads me to conclude that perhaps there is a trojan client trying to shake hands with Trojan server that might be installed on one of my nodes. I hope I am being too paranoid, but its good to be on the safe side. I will try the TCP monitor you suggested, Neo, Happy New Years .
Reply
FirefoxRocks
Jan 2 2007, 09:50 PM
The lights on my cable modem blinks even when my computers are off. It is just an occasional message that your ISP sends you in order to test your connection and stuff like that. It isn't a harmful data packet that is going through (I hope). Anyways, I wish you best of luck to figure out what it is. And hopefully it isn't something malicious attempting to connect. :|
Reply
tansqrx
Jan 3 2007, 08:18 PM
There is a lot of garbage that passes through an unfiltered cable connection. One possibility is of course your ISP sending its routine maintenance packets. On my particular network, the raw stream is filled with ARP packets from everyone on my node. I live in a fairly rural area so that could be many square miles. In the end, think of your cable modem as a miniature computer. It has its own memory, processor, and operating system. Even if your main computer is off, this small computer is still running in the background receiving packets from the Internet. Depending on the model, even if nothing is attached the modem, it can still send ping relies and you can possibly remotely connect to the modem. Some networks are not internally switched so you are actually seeing every conversation on your node. Add to that the fact that just about every IP gets scanned several times a day (possibly 100s) by automated port scanners. In the end, there are a lot of raw packets hitting your cable modem. A more valid reporting mechanism would be to look at the modem link light. These are the packets that are actually forwarded to your network (in this case you computer). Not every packet hits your computer and this should be a better indication of how much traffic you are receiving. Another monitoring tool is WireShark (formally Ethereal) located at http://www.wireshark.org/. It’s free and all you have to do is open a listener and see what is actually hitting you computer. I’m on the paranoid side so I actually listen to my traffic several times a month just to make sure nothing nasty has gotten in and is trying to phone home. In most cases you should have a very quiet wire as long as you are not surfing the net and avoid the occasional antivirus update. I think the best solution for you is to get a hardware firewall or even a NAT router. This will stop 99% of the traffic from getting to you computer. I make this a recommendation to everyone who has a computer and just not in your case.
Reply
Lewisthemusician
Jan 5 2007, 11:13 PM
download more anti-virus's and search for virus's I sugguest Spy Bot Search & Destroy
Reply
FirefoxRocks
Feb 2 2007, 04:45 AM
Multiple Antivirus and Firewall will NOT help. They can cause compatibility issues and will interfere with each other. Multiple anti-spyware software WILL help because sometimes one doesn't catch all of them. I once had up to 7 anti-spyware programs on my computer. I still have the installation files, just that they can't be installed because Shaw Secure won't allow me to. SpyBot S&D, Ad-Aware Personal Edition, Yahoo! Toolbar with Anti-Spy are all good software to use to defend yourself from spyware.
Reply
Grafitti
Feb 3 2007, 05:26 AM
ZoneAlarm's new firewall is pretty tough on rules. I would suggest you try that. When it's running, select "Lock all internet activity" and then see if the lights on the modem still blink. If they do, then that's just the modem checking in, possibly rejecting pings, whatever. then again, any decent firewall should have that option, so probably whatever you're running has it too. For the paranoid, I haven't found anything yet that beats Kaspersky. I don't use it because it slows down the computer somewhat in its realtime scanning mode, but i don't know how much more secure you can get than that.
Reply
Recent Queries:--
virus found exploit - 323.49 hr back. (1)
Similar Topics
Keywords : windows, xp, exploit
- Why Still Windows But Ubuntu Linux
Why still Windows but Ubuntu Linux (3)
How To Improve Windows.
(7) Lets face facts Windows is currently the most used operating system in the world. That said, let us
also admit that Windows is not the greatest OS out there either. (that would be Unix) So ignoring
completely ones opinions of Windows let's imagine we had the power to chance Windows completely
and were able to disregard previous Windows implementations (if you so choose ie the start menu) and
Microsoft marketing techniques. How would you change Windows to make it better? For me the most
fundamental change would be to make it more like Linux or OS X and have the kern....
What Do You Guys Think Of Windows 7?
The 'WoW' Starts 'NoW' (10) What do you guys think of windows 7? Screenshots Have been posted on wikipedia
(www.wikipedia.org/wiki/Windows_7) and I Must admit Im Not really Impressed, Looks Like a dumbed
down version of vista...? what are your Opinions?....
How To Enable User Login Security On Windows Vista
NOT User Account Control (0) How to enable User Secure Login on Windows Vista You may have worked in a business,
educational or other network that uses Windows to log in. With or without being on a domain, most
business environments "require" you to press the key combination of CTRL + ALT + DELETE prior to the
log on prompt (the username, password and domain box). This is supposed to enhance login security to
verify the authenticity of the login box (so that no other malicious software makes a similar box).
This tutorial will show you how to enable this functionality on Windows XP Home Ed....
Repairing Your Windows Environment
(0) You have already seen people fully desperate because their Windows system cannot boot. Of course,
they could bring their PC back to the shop and ask for a complete re-install, but they will loose
their data. There is a way avoiding that. Of course they will still have to go back to the shop and
have the thing repaired. But they can, before that, save their files. There are Windows LiveCD
distros, you can boot on a CD which has an embedded Windows. Because you boot off the CD-rom, the
hard disk is not embedded. And as you boot off a CD, there is no virus problem, at least....
How To Change Your Windows User Environment Variables
a step-by-step guideline (5) 1. INTRODUCTION. Most of Microsoft very basic users are satisfied when the Windows installer
installs each new software, automatically putting each file in the right place and making each
Windows registry change. However, some new incoming software environment, mainly the ones from the
open world, let you do some changes manually. For instance, if you install the java development
software on your pc, you have to manually tell windows where the java binaries are. That means, if
you type “javac” in a command shell window, Microsoft Windows has to know that javac.ex....
Windows Xp, How To Re-enable Show All Possible Color
(6) Few days before, I have used the power toys to rebuild my system icons. After that, all icons
showed on the screen only with 256 color. Prior Windows XP, Windows 2000 have an option on the
display applet that let me show all possible colors. Hmm..., Is there any way to restore the
ability ? Thanks, P.S. If I switched to another resolution. It is fine. But once back, it lower
the color to 256.....
How To Make Both Windows Look Like Active At Same Time
(9) Hi, I'am creating some UI that will have some floating windows like the code below. But by
default, when one window was active, the other will lost focus and became gray in color. How can I
made both look like active. Much like some graphics apps such as photoshop tool window. Thanks,
CODE /** * * **/ using System; using System.Windows.Forms; using System.Drawing; public
class Program { public static void Main(string args) { form1 AppMain = new form1();
Application.Run(AppMain); } } public class form1 : System.Windows.F....
Windows Mobile 6.1 Games Folder
(0) My games folder on my HTC Touch Diamond has 'disappeared'. Actually it shows on start menu
but does not open original folder.Other games installed all show on the folder but the windows
original games, eg teeter, cannot be seen anywhere. Opening the games folder from the program files
is ok but the original games not there, opening games folder from start up menu(which cannot be
removed either) does not open anything.Any solutions please??!!!!!....
Windows Black Edition
(11) Which version of windows is microsoft releasing after Vista?I heard that it is releasing microsoft
windows black /. Does anybody know about it?....
Windows 7
(12) when will microsoft release windows7? does it have any cool features or new feature? can anyone tell
me more about this ? thanks.......
Image Problems With Windows 2000
(10) Hi, since a while i got two problems related with images files in my Windows 2000 machine, both are
very closely related because them happen with Windows Explorer and with Internet Explorer 6. The
problems are: Windows Explorer Thumbnails Preview : The problem with this option of the View menu
is that it doesn't show any thumbnail preview of any image in my hole computer, i verify this
problem for jpg, jpeg, gif, png or bmp files, but it works fine and generate the thumbnail previews
for html files. IE Save as... dialog and JPG files extension : Every time that....
Why I May Be Installing Windows Xp Sp3 Again
(10) This is a sad tale of a man and his machine that would not start again. The story continues with a
sorted affair between two operating systems and a battle to win the love of this man’s heart. My
problems began last weekend when I started my computer after it had been off from the previous
night. Everything went normally throughout the POST but once Windows XP started I heard the dreaded
clicking from the hard drive. After several reboots and a Spinrite diagnostic I gave up and called
the time of death around three in the afternoon. This is not all bad because I had....
Extremely Slow Hdd Operations On Windows Xp
(9) On the first of this month I benchmarked my system running on Win XP using FreshDiagnose. The Hard
Disk Benchmark showed 32 MB/s Write Speed & 40 MB/s Read Speed for my first Hard Drive & 35 MB/s by
51 MB/s for the second. Since yesterday all the operations on the first HDD (360 GB) have become
extremely slow. A ~700 MB file copy operation on the same drive which used to take less than a
minute, now requires 7-10 minutes. I tried re-fitting the SATA & power cables for the drives but
that didn't help. The other drive (80 GB) is working fine. A dying drive is out of th....
How To Install Ubuntu On Windows
(5) QUOTE So, you are a Windows user and you've heard about Ubuntu everywhere and now you want
to install it on your computer (just to see if what you've heard about it is true or not) and
you don't know how to do it? Look no further, here’s your help! This guide will teach you
how to install the latest version of Ubuntu (7.04 codename Feisty Fawn) on your PC in no more than
10 minutes (depending on your computer specs). Are you ready? Let's start! First things first,
you need to download the Ubuntu 7.04 i386 ISO image from here. This will take som....
Help! Usb Flash Drive
windows doesn't recognize it anymore... (12) So my uncle asks me to format his computer and install windows and stuff. So I did like I do with my
PC every six months. No problems at all, everything was working. So I proceeded to install drivers,
which I had already on my flash drive, a 2GB PNY flash drive. But, for some reason, the usb drive
was not recognized by windows XP on my uncle's PC, and I tried again on another port. No luck. I
was thinking maybe all the usb ports were broken or something... but then I went to my desktop and
proceeded to connect my usb drive to burn the drivers on to a CD. And what&#....
Windows Or Mac?
(31) Which do you prefer? Windows or Mac?....
100 Reasons To Use Windows Vista
No, really?? (13) Recently, I have received an "Exploring Windows" email from Microsoft, which led me to an
interesting link called 100 Reasons You'll be speechless. Thought it was related to Windows
Vista, and it was. Here are some of my opinions: 1. It makes using your PC a breeze, if Windows is
responding most of the time. Also, many users have complained about User Account Control, which say
that it makes using the PC not a breeze. I haven't tried it yet, but from others' point of
view, it seems to be intrusive and annoying. 2. Your music may be a click away from your re....
How To Add Administrator Account In Logon Screen
Windows XP (4) If you've created an account in addition to the Administrator account in Windows XP, the
administrator account will not be shown in the Logon Scree, this tutorial explains you how to add
the Administrator account to the logon screen. If you are using Windows XP Pro follow these steps,
1. In the Start Menu, select Run. 2. In the Run dialog, type 'regedit' without quotes, to
start the registry editor. 3. Navigate to the key, HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \
Windows NT \ CurrentVersion \Winlogon \SpecialAccounts \UserList 4. In the right pane, ri....
Deleting A Corrupt File
Cannot delete a corrupt file on Windows XP... (26) I was upgrading some software and came across a corrupt file that halted the installation process. I
went to see what was wrong with the file, and failed to manually delete it. I tried moving
(cut&paste) it to another location, and the installation succeeded. However, the file is still on my
drive, taking up a KB of space. I know that's not a lot, but where am I supposed to put it? In a
folder created especially for all the corrupt files on my computer? /blink.gif"
style="vertical-align:middle" emoid=":blink:" border="0" alt="blink.gif" /> I've heard
something....
Blue Screen - irql_not_less_or_equal
computer OS Windows problem booting (35) Hi , My computer AMD64 256mb RAM / 80GB HDD / Windows XP Professional recently started showing a
blue screen while starting .. QUOTE A problem has been detected and windows has been shut down
to prevent further damage to your computer . IRQL_NOT_LESS_OR_EQUAL (blah blah blah ... )
Technical Information: *** STOP: 0x0000000A (oxFB07D354, ox000000FF, ox00000001, ox804E2E41)
Initially, if I restarted it would not come the next time. It used to come only randomly. But
later it started coming more often, and now it did not start for quite a few times con....
Using Same Serial # On Multiple Copies Of Windows
(18) I heard it is possible to run more than one computers on the same serial of Windows. I also heard
that it can be registered and use all the functions of any legal copy of Windows. Lets say I have 4
computers in my house and don't want to pay $800 for windows on each one if I build them all
myself. I can just put same serial on all of them. But I heard this is also breaking the EULA
agreement with Microsoft which redeems this being illegal or improper use of windows. I would like
to hear your sides on this, or the whole truth behind this. If so does this mean somebody....
How Can I Delete Old Files In Windows Xp ?
HELP!!! (22) I've just reinstall my system. But I can't delete old profiles in C:\Documents and Settings
. I have the Admin right, of course. But... the system don't allow me to delete the files.
I need to free up some space on my hard disk. (That folder's size is up to 12GB)....
Custom Windows Boot Screen
how (11) could someone write a tutorial on how to make your own windows boot screen and how to impliment it
please i know i could google this but it will only make the forum better :D ....
Where Does Windows Xp Store Its Passwords ?
(11) Is thre a file where password information is kept in windows XP? If so what is it's name and
where is it located?....
A Note To All Illegal Windows Xp Owners
(50) Hi, all illegal Windows XP users WILL NOT be able to download any updates or software from Microsoft
website. Automatic Updates will no longer work, because Microsoft will have to ask for your Software
identification.....
How To Make Your Windows Look Like A Mac
Windows Xp only (24) Ok Fans of macs I have done my reserch and checked it twice and I now present my tutorial on how to
make your windows XP desktop look like a Mac operating system. For those who think its really hard
your wrong and without any more jiber jaber lets get started. Step 1: The Downloads Ok for this
to work your going to need some items to make it work. The first one is the skin to make your
windows look like a mac. Its called Panther you can download it here . Second your gonna need a doc
for your programs. The best free one out there is Yz's dock and you can download....
Anyone Know Of Any Good Image Editing Software?
for windows. (24) so.. does anyone know of any good image editing software? something similar to photoshop i guess or
psp? that has a lot of options and things to do ......
How To Increase Windows Shutdown Speed
when you enabled “clear Page File at shu (40) How to increase Windows shutdown speed when you enabled “clear Page File at shutdown”? /blink.gif'
border='0' style='vertical-align:middle' alt='blink.gif' /> Note that making incorrectly changes
to the registry may damage your system; please back up any valued data on your computer. 1) Go to
Start menu > Run > and type regedit and click OK. 2) Find following address: HKEY_LOCAL_MACHINE \
SYSTEM \ CurrentControlSet \ Control \Session Manager \ Memory Management 3) In right side right
click on “ClearPageFileAtShutdown”, select Modify and make value of “1”, and Exit ....
What Is The Use Of Service Packs For Windows?
(18) Hi there. Who of you has service packs and what are they good for? Does it worth the huuuuuge
download (keep in mind I have a 56k connection)? I said I wasn't going to update it but I got a
video editing program and it asks me to have Service Pack 1 installed and that made me reconsider my
choice... Thanks.....
Looking for windows, xp, exploit
|
*SIMILAR VIDEOS*
Searching Video's for windows, xp, exploit
|
advertisement
|
|
