Re: my computer is sending a lot of data out but I am not uploading?

From: Duane Arnold (notme_at_notme.com)
Date: 08/03/04

Next message: B. Peg: "Re: my computer is sending a lot of data out but I am not uploading?"

Previous message: Steevo_at_my-deja.com: "Re: my computer is sending a lot of data out but I am not uploading?"
In reply to: dennis quinn: "my computer is sending a lot of data out but I am not uploading?"
Next in thread: B. Peg: "Re: my computer is sending a lot of data out but I am not uploading?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 03 Aug 2004 01:58:55 GMT

djquinn@bne.catholic.edu.au (dennis quinn) wrote in
news:1ef7575b.0408021634.653414d9@posting.google.com:

> I have an xp machine. I have a dial-up connection
>
> I am using tiny firewall 6.0 I have nod32 and it's up to date. I use
> adaware and spybot, hackthis and cwsshredder. I have shut port 135
> 445 and dcom is turn off. I have also turned off the spam messages in
> messenger and the upnp is closed.
>
> After about 2 hours the amount of outbound traffic starts to increase
> and by the morning it tells me it has sent eg 345,987,765bytes. So,
> it ticks over like crazy even when there is no visible traffic.
> Everything that I can close is closed.
>
> I have used tcpview, commview and part of tfp 6.0 to monitor it. I
> can't see what or who is sending the data out. I am about to try cable
> nut.
>
> I am coming to end of what I know. I have scanned and probed to the
> best of my ability. I am also coming to end of my rope. I am also
> seriously considering reimaging my drive, just to put an end to it.
>
> I am hoping that someone can help, because I would dearly love to know
> waht's going on.
>
> Thanks in advance. Please feel free to eamil me directly if you
> want.

Active Ports and Process Explorer are some tools you can use.

http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and_R
ootkit_Tools_in_a_Windows_Environment.html

Duane :)

Next message: B. Peg: "Re: my computer is sending a lot of data out but I am not uploading?"

Previous message: Steevo_at_my-deja.com: "Re: my computer is sending a lot of data out but I am not uploading?"
In reply to: dennis quinn: "my computer is sending a lot of data out but I am not uploading?"
Next in thread: B. Peg: "Re: my computer is sending a lot of data out but I am not uploading?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: my computer is sending a lot of data out but I am not uploading?
... >adaware and spybot, hackthis and cwsshredder. ... >445 and dcom is turn off. ... I have also turned off the spam messages in ... Shut port 25 please. ...
(comp.security.firewalls)
Re: [Full-Disclosure] RPC DCOM footprints
... There are two categories of DCom exploit in the wild that I know of, ... not crash the SVCHOST thread. ... returning to the SVCHOST thread without crashing ... The other category binds a cmd.exe shell to a listening port, ...
(Full-Disclosure)
Re: svchost.exe | exe.tsohcvs
... tiny downloads that will allow you to stop/start the Messenger service ' ... Shoot the Messenger' and also the Plug n Play port 'UnplugNPray'. ... This has something to do with DCOM. ... I always go to windows updates and do ...
(microsoft.public.windowsxp.security_admin)
Re: COM+ acessing databases
... allow as many port ranges open as you want. ... You can expect that in many scenarios, DCOM will provide a higher throughput ... ports on firewalls for communication with the database unless the database ... > I only recommend using DCOM within a security zone, ...
(microsoft.public.dotnet.framework.component_services)
Re: DCOM
... Well, for home users, blocking port 135 via a firewall is as secure as ... stealthing it. ... And DCOM is only one of the vulnerabilities that can be reached via TCP 135. ...
(microsoft.public.windowsxp.security_admin)