Hello everyone! I am facing the following problem on a Win2K system:
Whenever I'm connected to the Internet, I cannot download a single page. However, if I look at the connection status, I see that I SEND data normaly (about 3k/sec) and RECEIVE some data (0.5K/sec), without downloading any page or file. Is this a case of some kind of hacking or maybe virus? If yes, are there any solutions?

PLEASE HELP!

go to www.sysinternals.com

Download the file monitoring, tdi monitoring utils, and the process viewer utils, look and see what is happening on your system. Use another PC if you have problems and put them on a floppy etc.

Could also be a bad configuration, im assuming you're on a dialup? Try contacting your ISP, see what they say.

BTW i'm pretty sure you don't have a virus. It's normal for there to be some data transfer both ways, it's called handshaking, it keeps the connection alive.

Originally posted by Waldo2k2
Could also be a bad configuration, im assuming you're on a dialup? Try contacting your ISP, see what they say.

BTW i'm pretty sure you don't have a virus. It's normal for there to be some data transfer both ways, it's called handshaking, it keeps the connection alive.

I went download all the stuff as that guy suggested, but I dont understand a thing of how to realize I am being hacked...There are full of request, IP addresses, states etc, Waldo know how to know my computer is being hacked ????? Tell me please, thanks a lot,

Hometown

Dude, why do you think it's a virus? Not everything in this world is a virus.
You do not have a virus, I'm almost sure of it.

If you are really afraid that someone is hacking you, which I'm telling you they're not. Just get some cheap firewall software...I don't remember if w2k has it built in as an option or not, but zonealarm (get it from www.cnet.com) works well.

Quick lesson on TCP/IP (internet protocol). When you dialup to a server, or connect to a server in any way, packets (chunks of data) are constantly sent back and forth so the connection can be kept alive. This can happen anywhere from 1 to several hundred times a second...even 1k times a second if it's a high speed connection...anything above that would be suspicious. So, just becuase something happens that you dont understand, doesn't mean it's automatically a virus and you should run around like a chicken with it's head cut off. It means you should have listened to my first post becuase I told you once already it's not a virus.

I beg to disagree.

If he's sending almost his full bandwidth and his download is slow, it's almost certain to be a worm.

Originally posted by Waldo2k2
Dude, why do you think it's a virus? Not everything in this world is a virus.
You do not have a virus, I'm almost sure of it.

If you are really afraid that someone is hacking you, which I'm telling you they're not. Just get some cheap firewall software...I don't remember if w2k has it built in as an option or not, but zonealarm (get it from www.cnet.com) works well.

Quick lesson on TCP/IP (internet protocol). When you dialup to a server, or connect to a server in any way, packets (chunks of data) are constantly sent back and forth so the connection can be kept alive. This can happen anywhere from 1 to several hundred times a second...even 1k times a second if it's a high speed connection...anything above that would be suspicious. So, just becuase something happens that you dont understand, doesn't mean it's automatically a virus and you should run around like a chicken with it's head cut off. It means you should have listened to my first post becuase I told you once already it's not a virus.

I am not the OP's poster... I am sorry I was coming straight in the middle of the way and made such a question which might irritate you a bit or perhaps it was more than a bit, I just really dont know how to deal with such a problem if it happens, I dont have any links or know where to find out resources about that...

Anyway, an answer to anyone on board like this doesnot give you any trouble, right ?

Thanks alot for the link and explanation though,

Regards,
Hometown

>>If he's sending almost his full bandwidth and his download is slow, it's almost certain to be a worm.

well his post was sort of unclear, but that's not what I gathered from it. I'm still betting it's transient/or ISP conditions. If it's not, then zonealarm would catch unwanted transmission, and even tell him what he had.

Thanx a lot everyone. I figured it out this weekend. Actually it had to do with msblaster. More specifically, it was mslaugh.exe that caused the problem. By the time I removed it, everythink is OK. But to be sure, I got a simple firewall and AtGuard to watch out all network processes.

And something else: Is it better to use ZoneAlarm, or Ad-aware 6.0? Where can I find ZoneAlarm? Thanx

And Waldo2k2, I know that to "keep the connection alive" data has to be transfered both ways. But sending data at 3K for 15 minutes when transfer should be ALMOST idle, is strange enough. And I said that in my thread. And finally, it was a worm as Krd Kane said. Thanx anyway

ok

but some isp's are different, during some idle times I upload that much, just depends on what my isp wants to know....they've been actively pinging their clients a lot lately due to network problems they're trying to work out.