Tech Support banner

Status
Not open for further replies.
1 - 12 of 12 Posts

·
Registered
Joined
·
25 Posts
Discussion Starter #1
Hi all, my first post.

I have a wierd situation. When I log on to the internet, after a few minutes my system starts uploading and downloading like crazy even though I haven't clicked on anything. This slows my connection absolutely down to a crawl. I've tried "ad-aware" and "spy sweeper" and I still get this problem. I am running Wild Tangent "software/plug in" to play some online games. I don't think this is the cause because I run it just fine on my other system running Win98. Any clues?

AMD MP2000, 512 meg ram, geforce 440mx, Win2000, new US Robotics V.92 External modem.

I did notice this problem after getting and installing the External modem.
 

·
Citizen of the world
Joined
·
51,041 Posts
Install a software firewall, and wait for applications to ask to access the Internet. You'll soon find out which one it is. I suggest ZoneAlarm, the free one is the short stack on the left, but it'll do what you need to find this problem.

I suspect you've installed a peer-to-peer sharing package at some point, and it's still sharing. :)
 

·
Registered
Joined
·
25 Posts
Discussion Starter #4
It worked great, thanks John.

ZoneAlarm worked great. I see alot of IP addresses trying to look into my system and it blocked all of them and the connection is no longer bogged down.

Is this type of thing inherent in Win2000? My Win98 system does not do this at all and I'm not running ZoneAlarm on it. Anyone know what's up with that?

Thanks again John.
 

·
Citizen of the world
Joined
·
51,041 Posts
You have some applications that are sharing your files, my advice is to try to find out what's loaded and kill it off. The applications that ZoneAlarm is blocking should be a clue where to start. :)
 

·
Registered
Joined
·
25 Posts
Discussion Starter #6
Thanks again,

I noticed "DLLHOST.EXE" and a couple others trying to upload something and was caught by ZoneAlarm. I'll check in TaskManager and see what's up.

Could these EXE files belong to WindowsUpdate and trying to log into Microsoft? Maybe I need to check the Registry also?
 

·
Registered
Joined
·
5,955 Posts
DLLhost is a legitimate program, but it should never be seen by your task manager.

A bogus version of DLLHost is associated with both the Blaster and Welchia viruses.

The link below is to a site that I have found very useful in terms of diagnosis and treatment...

http://www.pchell.com/virus/welchia.shtml

I don't know your "tech" level, so if this site isn't comfortable, let me know and I'll post another suggestion.
 

·
Registered
Joined
·
15 Posts
Hey jeepster,

You should look at this page: ShieldsUp!:
https://grc.com/x/ne.dll?bh0bkyd2

It scans your most accessible ports and checks if you're computer is wide open in the internet breeze. With the scan results they give extensive information about what to do about it and how to configure your personall firewall.
This minimizes the chances of some prick cracker comin'in and try to use your internetconnection or CPU...
 

·
Registered
Joined
·
15 Posts
vmail,

quote: "If our analysis has shown that your FTP service port is open, you will definitely want to take some action (if this is not what you intend). As you can see from the list of known FTP-port Trojans at the end of this page, some nasty malware might be responsible for surreptitiously opening this port on your system.(...) Trojan Sightings: Back Construction, Blade Runner, Cattivik FTP Server, CC Invader, Dark FTP, Doly Trojan, Fore, FreddyK, Invisible FTP, Juggernaut 42, Larva, MotIv FTP, Net Administrator, Ramen, RTB 666, Senna Spy FTP server, The Flu, Traitor 21, WebEx, WinCrash."

Since port 21 is the default for any ftp-sever to connect it's clients to, it's a highly favored port to attack by hackers, who just love open ftp's.

So if you're not running an ftp-server, to my opinion you should configure your firewall to stealth port 21 on incoming as well as outgoing directions. If you use an ftp-client to visit ftp-servers, you can allways configure your firewall to grand monopolic access by the specific application..
 

·
Registered
Joined
·
15 Posts
Well, personally I'm not familiar with ZoneAlarm (I'm using Tiny Personall Firewall myself), but it can't be too difficult. Maybe you should check the Manual or some online toturial. I can tell you this to get started and know what to look for:
Configuring your personall is mostly consists of defining rules. Those rules control what access is granted to what port. So when zoneAlarm notifies you that some program is trying to get acces to a port, and you tell it to remeber your choice, it forms a rule according to what choice you made. Of course it's possible to manage those rules manually, and concluding from the fact you ask about it, I assume you don't know how to do this.
Discover how this is Done!!!

Find out how to create and edit your rules, because the safety of your connection depends on it. A badly configured Firewall is only marginably better then no firewall at all! If you have permitted all connections zoneAlarm notified you of thus far, your firewall is probably of no use anymore...

Anyway, if you have discovered you'll know how tot stealth port 21.. I'm not that much of a pro myself, but the site i've mentioned you above helped me getting started pretty good (just last week, i've got my internetconnection for only two weeks now). It's a very extensive site veryone knows.. so just use it. It doesn't scan all of your ports indeed, but there's probably a lot of progs available that do. You should post a new thread or sth about it, coz I'm not familiar with any yet... Getting there myself...
 
1 - 12 of 12 Posts
Status
Not open for further replies.
Top