This doesn't sound too good. If you have bytes flowing rapidly and you run
no applications you are aware of (for example Windows update) then something
suspicious is going on. If the flow is not rapid, e.g. a packet every 5
seconds, then you are golden, but otherwise you might want to look deeper
into the task scheduler. Some applications will be hidden from you and worms
are not quite so transparent.
Roy
"tarquinlinbin" <fleagle@myrealbox.com> wrote in message
news:nn0930lgliqsejuvq6g45p5dgcak52ru62@4ax.com...
> I have xp pro and have all the security patches except sp1.
>
> I also have a fully subscribed and updated norton internet security
> subscription.
>
> Despite this i recently had to manually winkle out an incidence of
> what appeared to be W32.Protoride.worm (symantec) and NAV recently
> flagged up an item called backdoor.smother which is says it deleted.
>
> I am prepared to accept that backdoor.smother might have been a false
> trigger alert.
>
> I have done full scans on my pc via the onboard virus/trojan scanner
> from Norton internet security and i also checked remotely using
> symantec's web based scanner. All proved negative..
>
> When i suspected the protoride worm ,it was confirmed by the presence
> of msupdate.exe in my running processes list. This is now sorted and
> there appears nothing else suspicious in my running processes list. A
> scan at www.grc.com confirms all ports stealthed.
>
> My concern now though is that i have BB cable via NTL and i note than
> even with no data programs running eg internet explorer etc and no
> apparent traffic running,when i open my network connection there are
> bytes flowing both ways and the tx/rx lamps are flickering in my
> network connection icon. Is this just normal network traffic or should
> nothing at all be flowing??
>
> Also does anyone know how to enter specific ports to block in NIS ?
>
> I have now switched to pegasus as a mail client in view of securit
> problems. I can only think that if i am having pproblems with all my
> measures in place,others who are far less careful must be very
> vulnerable/compromised.
>
> joe
>
|