Sign in with
Sign up | Sign in
Your question

Possible trojan? or spying?

Last response: in Networking
Share
July 9, 2010 3:02:08 PM

so i have my desktop on and this is whats going on randomly:

1) no internet related programs are running in background
2) blank desktop
3) the send and recieve lights never stop (when u look at the lan icon on taskbar).. always running packets to and from bogus IP addresses
4) blocks access to 90% of regular websites
5) ^starts up usually after i go to the first time boot of internet explorer.
6) called cox to see if there was a lock
7) swapped modems and router
8) ran a quick virus scan
9) ip logs show ALOT of traffic to and from many bogon/hijacked IPs


anyone kno whats going on as to why my internet is more or less being used on my desktop while idling? u think its a trojan?


thanks!

More about : trojan spying

July 9, 2010 6:08:44 PM

possibility you said you check logs and see traffic going a certain IP, If that so your computer can be part of bot net.


What you can do is look to see what services are running find the file location and registry keys, boot in safe mode and delete those files and uninstall any software you don't want or unsure of.

Also if run a virus scan in safe mode as well spy sweeper (good ones are spybot and avast for free ones that is) Also combofix (freeware) works really well epically on XP machines it works on vista and haven't tried it on win7

Another thing you can do is boot with a boot disk and delete files as well run virus and spy sweeper (i think nod32 has boot disk)


And lastly you can format your whole machine but i know that's a pain and probably have allot of files and such

~Note~
you can follow services through ProcessExplorer or ProcessMonitor also autoruns is neat tool as well all free by microsoft

Let me know how you make out
July 9, 2010 8:10:14 PM

It is normal to get lots of broadcast traffic from your ISP segment, so that alone is not alarming. What is the error message you see when your webpage is blocked?

Also, what IP Logs are you looking at, and can you post a sample of one that is listed as bogon/hijacked?
!