Re: Should my PC be sending and receiving data onto/from the internet on its own?



admyc wrote:
Hello,

I think I might have some sort of mal-ware on my computer. The reason
for this is that my anti-virus software (AVG free 7) has recently
found and deleted (I think) some viruses all of which had 'Trojan
horse downloader' in part of their name and since then my MSIE6
browser has been slightly odd, for example when I click on its icon to
launch MSIE6 and my computer connects to the internet over its dial-up
connection the MSIE browser window takes a lot longer to appear then
it used to.

But my real concern and question is that I have noticed, when I look
at my Internet connection status dialogue box, that data is being sent
even though I have only one web-page up and it has long since finished
downloading, is this a sign of mal-ware that is sending info and or
files from my computer to another computer over my internet connection
or could it be some innocent process going on in the background?

Any help very much appreciated.

AM

It depends on how many sites it's connected to and what the sites are. When you access a web page, you are not just accessing that server, but any servers that provide information to that page. For example, you may be on www.website.com, but there are other servers that are providing images, advertisements, etc. One example is Download.com. If you look at your connections, you are not only accessing Download.com, but also adlog.com.com, cnet.com, webware.com, and others. In turn, you will show multiple connections to all of these servers, no matter which browser you are using. At the same time, you might want to run some Whois checks on the sites shown to make sure who is is you are connected to, especially if there is data being sent back and forth. I would also suggest doing some scans with some other products (such as Superantispyware, online Kaspersky scan, online Panda scan, etc) to see if they find any malware on your system. Also, if the IP's are in the following ranges, you might have reason for concern: 210.0.0.0-221.255.255.255, 58.0.0.0 - 61.255.255.255 - many of these are hacker/crack/spam sites and could be a sign of a compromised system.

--
Posted via a free Usenet account from http://www.teranews.com

.