On clandestine downloads and how to avoid them and so forth

Page 1 of 1

You cannot start a new topic
You cannot reply to this topic

On clandestine downloads and how to avoid them and so forth

#1 ${lang:macro__useroffline}$ Nuu™™

OGFEWSWCSWOCSUUPOTOFTW

Group: New Member
Posts: 3,278
Joined: 01-June 05

Posted 01 October 2007 - 08:49 AM

Yes, well, sorry for not being around much lately; although, it is not entirely my fault:

You see, there has been a lot of downloads and all that of which I can not account for and as a result my I.S.P. has gone ahead and shaped my Internet. Ergo, I was wondering if there has been some little secret operation going on in the depths of my computer. To discover the true situation, I ask the following:

Is there any way to determine what is coming into one's computer (and what is going out of one's computer, although that is not completely necessary) and by what means it is entering or departing? Some sort of monitor programme or something of that sort?

I have trademarked the symbol: '™'. You fail at display names.

^ Thanks to Nazy for the... thingy ^

Things which you should look at:

SKoA - http://skoa.cspacezone.com/ , if you have any Age of Empires games.

The DS Garden Festival Minigame - Link , whether you play DStorm or not.

The Most Mysterious SSSS - Link For people who don't care about...things.

Like LEGO? Play Blockland!

I may be an Arbiter, but I'll always be a SeeDy little man.™™

#2 ${lang:macro__useroffline}$ Ratty

Bigrat2

${lang:view_blog}$

Group: Super Moderator
Posts: 10,910
Joined: 01-October 03
Location:Meep! Cspace dropped the max characters to 100! *stab*

Posted 01 October 2007 - 09:05 AM

Have you got a wireless router? If you don't have security on it, then it's pretty easy for anyone to be able to connect to it. Other than that, I don't know any programs that monitors what programs use bandwidth, and how much they use up.

You've got a firewall yeah? I mean, that'd stop unallowed activity from going in and out of your computer. Won't change anything if it's other people connected to your wireless though (If you have it.)

Empty sig is empty.

#3 ${lang:macro__useroffline}$ Jake

Senior Member

${lang:view_blog}$

Group: Moderator
Posts: 4,637
Joined: 24-October 04
Location:Meep! Cspace dropped the max characters to 100! *stab*

Posted 01 October 2007 - 02:20 PM

Make sure your wireless password isnt admin. Try using p45Sw0rd instead.

For monitoring traffic theres tons of stuff. Try a packet sniffer or something.

#4 ${lang:macro__useroffline}$ Nuu™™

OGFEWSWCSWOCSUUPOTOFTW

Group: New Member
Posts: 3,278
Joined: 01-June 05

Posted 02 October 2007 - 04:55 AM

QUOTE(Bigrat2 @ Oct 1 2007, 07:05 PM) ${lang:macro__view_post}$

No, I have a D-Link 504G. In any case, the nearest person to my house is an old man who lives on other side of the paddock, and the next nearest would be over a kilometre.

QUOTE(Bigrat2 @ Oct 1 2007, 07:05 PM) ${lang:macro__view_post}$

You've got a firewall yeah? I mean, that'd stop unallowed activity from going in and out of your computer. Won't change anything if it's other people connected to your wireless though (If you have it.)

I've got Norton Internet Security and Windows Defender.

Oh, and what's a packet sniffer?

I have trademarked the symbol: '™'. You fail at display names.

I may be an Arbiter, but I'll always be a SeeDy little man.™™

#5 ${lang:macro__useroffline}$ Troll

Senior Member

Group: Member
Posts: 1,596
Joined: 24-November 05
Location:Meep! Cspace dropped the max characters to 100! *stab*

Posted 02 October 2007 - 10:54 AM

Moniters the packets going in and out of your computer (In other words the stuff) i believe.

#6 ${lang:macro__useroffline}$ Jake

Senior Member

${lang:view_blog}$

Group: Moderator
Posts: 4,637
Joined: 24-October 04
Location:Meep! Cspace dropped the max characters to 100! *stab*

Posted 04 October 2007 - 04:55 AM

What he said.

A packet sniffer (or at least the bootleg one I had) as a pretty useful network traffic monitoring tool.

#7 ${lang:macro__useroffline}$ Nuu™™

OGFEWSWCSWOCSUUPOTOFTW

Group: New Member
Posts: 3,278
Joined: 01-June 05

Posted 06 October 2007 - 12:22 PM

I've been unshaped! Dolĉa liberigo!

But anyway, what packet sniffer in particular would you recommend?

I have trademarked the symbol: '™'. You fail at display names.

I may be an Arbiter, but I'll always be a SeeDy little man.™™

#8 ${lang:macro__useroffline}$ Nuu™™

OGFEWSWCSWOCSUUPOTOFTW

Group: New Member
Posts: 3,278
Joined: 01-June 05

Posted 16 October 2007 - 10:15 AM

*bump*

I have trademarked the symbol: '™'. You fail at display names.

I may be an Arbiter, but I'll always be a SeeDy little man.™™

#9 ${lang:macro__useroffline}$ Ratty

Bigrat2

${lang:view_blog}$

Group: Super Moderator
Posts: 10,910
Joined: 01-October 03
Location:Meep! Cspace dropped the max characters to 100! *stab*

Posted 16 October 2007 - 10:22 AM

Ethereal is really good. But apparently in their new version, they renamed it. Check it out. =P

Empty sig is empty.

#10 ${lang:macro__useroffline}$ Kimojuno

W00T! :D

Group: Global Moderator
Posts: 4,536
Joined: 09-May 04
Location:Meep! Cspace dropped the max characters to 100! *stab*

Posted 24 October 2007 - 04:04 AM

The basic way to check connections in Windows XP is to go to start > run > type 'cmd' > in the command prompt type 'netstat' -- that will show you all connections inbound and outbound. I would also reccomend WinPatrol, as that is a good program that lists all startup programs, active tasks, services, etc.

Jeff.

${lang:macro__view_post}$ Xmadole, on 09 August 2009 - 09:28 AM, said:

i wish i actually read the first post of threads.

#11 ${lang:macro__useroffline}$ Nuu™™

OGFEWSWCSWOCSUUPOTOFTW

Group: New Member
Posts: 3,278
Joined: 01-June 05

Posted 28 December 2007 - 08:28 AM

Hai again! I did the netstat thing, and I got a few unusual results:

http://unam.mx/
http://komando.com/
http://onlinehome.us/
http://akamaitechnologies.net/ - (apparently that has something to do with the F.B.I., which is apparently the U.S. governmental security department. Sounds like bull to me)

I have trademarked the symbol: '™'. You fail at display names.

I may be an Arbiter, but I'll always be a SeeDy little man.™™

#12 ${lang:macro__useroffline}$ Ratty

Bigrat2

${lang:view_blog}$

Group: Super Moderator
Posts: 10,910
Joined: 01-October 03
Location:Meep! Cspace dropped the max characters to 100! *stab*

Posted 28 December 2007 - 08:30 AM

Yeah, that's a little weird. Ever used Hijack This before? If you have, use it, and show us the log (Either post here or PM it to me.)

If you havent, go to http://www.spywarein.../downloads.html, download it, and then do it.

Fairly straight forward.

Empty sig is empty.

#13 ${lang:macro__useroffline}$ x..

I Can't Decide On An Avatar

Group: Moderator
Posts: 6,143
Joined: 05-May 06
Location:Meep! Cspace dropped the max characters to 100! *stab*

Posted 28 December 2007 - 09:34 AM

Done anything that is illegal, Nuu?

Haha, joking.

Yeah, what the Rat said.

#14 ${lang:macro__useroffline}$ Nuu™™

OGFEWSWCSWOCSUUPOTOFTW

Group: New Member
Posts: 3,278
Joined: 01-June 05

Posted 03 January 2008 - 02:00 PM

'Course I have hi-jack this. ^ .^

Voilà:

CODE

Logfile of HijackThis v1.99.1
Scan saved at 1:05:47 AM, on 4/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Documents and Settings\Nick\Desktop\Desktop Things\procexp.exe
C:\Program Files\BOINC\boinc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BOINC\projects\setiathome.berkeley.edu\setiathome_5.27_windows_intelx86.exe
C:\Program Files\BOINC\projects\szdg.lpds.sztaki.hu_szdg\search_2.06_windows_intelx86
C:\Documents and Settings\Nick\Desktop\Desktop Things\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

Xmadole y'ol' spammer.

I have trademarked the symbol: '™'. You fail at display names.

I may be an Arbiter, but I'll always be a SeeDy little man.™™

Page 1 of 1

You cannot start a new topic
You cannot reply to this topic

CurvedSpace Forums: On clandestine downloads and how to avoid them and so forth - CurvedSpace Forums

On clandestine downloads and how to avoid them and so forth

#1 ${lang:macro__useroffline}$ Nuu™™

#2 ${lang:macro__useroffline}$ Ratty

#3 ${lang:macro__useroffline}$ Jake

#4 ${lang:macro__useroffline}$ Nuu™™

#5 ${lang:macro__useroffline}$ Troll

#6 ${lang:macro__useroffline}$ Jake

#7 ${lang:macro__useroffline}$ Nuu™™

#8 ${lang:macro__useroffline}$ Nuu™™

#9 ${lang:macro__useroffline}$ Ratty

#10 ${lang:macro__useroffline}$ Kimojuno

#11 ${lang:macro__useroffline}$ Nuu™™

#12 ${lang:macro__useroffline}$ Ratty

#13 ${lang:macro__useroffline}$ x..

#14 ${lang:macro__useroffline}$ Nuu™™

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users

Skin and Language

Execution Stats

CurvedSpace Forums: On clandestine downloads and how to avoid them and so forth - CurvedSpace Forums

On clandestine downloads and how to avoid them and so forth

1 User(s) are reading this topic 0 members, 1 guests, 0 anonymous users

Skin and Language

Execution Stats

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users