Results 1 to 8 of 8

Thread: Big Pr0blem0

  1. #1
    Poster
    Join Date
    Aug 2003
    Location
    Burmoda triangle, right behind you!
    Posts
    564
    I have noticed that my computer,internet connection in specific is super slow the last few days(Internet connection normal, but traffic is NOT). I checked everything concerning the service and sp33d of connection and nothing was wrong. I also checked with my ISP and nothing was wrong...
    I also noticed that the Hosts file in win sys. dir is CHANGED. The ip address that was supposed to be 127.0.0.1 is always changes when I change it back to 127.0.01.

    Note the IPs change only for these sites for some reason:

    Code:
    127.0.0.1 easymusicdownload.com
    127.0.0.1 ikazaa.net
    127.0.0.1 kazaagold.com
    127.0.0.1 kazaa-plus.net
    127.0.0.1 music-download-world.com
    127.0.0.1 song-download-world.com
    127.0.0.1 www.download-doctor.com
    127.0.0.1 www.easymusicdownload.com
    127.0.0.1 www.edonkey.com
    127.0.0.1 www.flixs.net
    127.0.0.1 www.ishareit.com
    127.0.0.1 www.ishareit.net
    127.0.0.1 www.kazaa-download.de
    127.0.0.1 www.kazaa-file-sharing-downloads.com
    127.0.0.1 www.kazaagold.com
    127.0.0.1 www.kazaaplatinum.com
    127.0.0.1 www.kazaa-plus.com
    127.0.0.1 www.kazaa-plus.net
    127.0.0.1 www.k-lite.com
    127.0.0.1 www.madeformusic.com
    127.0.0.1 www.monstershare.com
    127.0.0.1 www.mp3downloadhq.com
    127.0.0.1 www.mp3madeeasy.com
    127.0.0.1 www.mp3specialty.com
    127.0.0.1 www.mp3u.com
    127.0.0.1 avmailserverlocal
    I also noticed that there are alot of email veruses that are coming out these days.

    Anyways, I'm not that stupid not to have any protection. I have Sygate PF pro. With H+BEDV antivir workstation(I update everyday).

    I used different antiviruses to try to find that "thing", by uninstalling an AV and installing the other, and using online scan.

    I used MSDOS(C prompt) to netstat and found that the computer is connecting to LOCAL HOST (itself) from different ports for some reason. I also noticed many connections when using the internet, which indicates that there is something connecting wihout my knowledge.

    I also use adaware and spybot and other shit to try to find that "thing" but there is not hope. I know it's there, may be a virus or a trojan or something, but nothing can find it.

    I also recieve emails from my sister's and other's hotmail and yahoo accounts, where my sis is actually living in the same house and not using the internet. I also changed all my pa$$words, beause I know that there is something going on. The emails contain viruses and worms and such stuff. Of course I am not stupiid enough to open these attachments, but I know that I have a virus that is not...

    I check almost every single program for h!jurking and if these programs are doing something stupid, but no hope.
    PLEEEEAAAAAAASE HELP ME. Why can't I find this Virus/worm or whatever?Did I miss something?Is is just me?


    Specs and PC info:
    A PIIIE computer runing on 1.00GHz
    with WinXp pro with no SPs
    Using ADSL that is setup and running properly
    No router(s)
    standalone(no netwok)
    Click the longhorn icon to visit my website.
    <span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>

    ::::::::::::::::::::::::::::::::::::::::

  2. Software & Hardware   -   #2
    peat moss's Avatar Software Farmer BT Rep: +15BT Rep +15BT Rep +15
    Join Date
    May 2003
    Location
    Delta B.C. Canada
    Posts
    10,547
    Sonic you sound like you have all base&#39;s coverd Slow ISP or mabey they have a problem? On a hub? or router?

    What p2p you using? Kazza gold? Host file is probly a good start to check

  3. Software & Hardware   -   #3
    Poster
    Join Date
    Oct 2003
    Location
    fucking smurfland y'idjit
    Posts
    756
    127.0.01 isn&#39;t a valid ip.
    127.0.0.1 is.
    Why are you changing it?
    if your font size is this small i'll add you to my ignore list because you're wasting my time, OK?

  4. Software & Hardware   -   #4
    Poster
    Join Date
    Aug 2003
    Location
    Burmoda triangle, right behind you!
    Posts
    564
    First off I mentioned that I checked with the ISP and nothing is really wrong, according to my measurements, because the traffic is going grazy that is what makes me worry. 2nd of all, the local host is 127.0.0.1 (was a typo in my post)
    I change it from for ex 65.xx.xx.xxx back to local host (127.0.0.1) and some "thing" changes it back to that ha#ker&#39;s or maleware website IPs. Does that make sense?
    No, no routers no nothing. I use the ol&#39; klite 2.4.3e and Shareaza. BTW: I check these applications and figured out that they are not causing the problem.
    The speed of the internet connection is like usual, BUT there is more traffic than usual. For ex. Ddos attacks and that scares me
    Click the longhorn icon to visit my website.
    <span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>

    ::::::::::::::::::::::::::::::::::::::::

  5. Software & Hardware   -   #5
    h1
    Guest
    Have you locked down your HOSTS file with SpyBot-S&D?

  6. Software & Hardware   -   #6
    Poster
    Join Date
    Aug 2003
    Location
    Burmoda triangle, right behind you!
    Posts
    564
    No&#33; how do I do that? btw: my goal is to FIND that sh&#33;t , not only blocking the HOSTS, whch is a temp. solution.
    Click the longhorn icon to visit my website.
    <span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>

    ::::::::::::::::::::::::::::::::::::::::

  7. Software & Hardware   -   #7
    Poster
    Join Date
    Oct 2003
    Location
    fucking smurfland y'idjit
    Posts
    756
    Originally posted by supersonic@21 February 2004 - 06:42
    First off I mentioned that I checked with the ISP and nothing is really wrong, according to my measurements, because the traffic is going grazy that is what makes me worry. 2nd of all, the local host is 127.0.0.1 (was a typo in my post)
    I change it from for ex 65.xx.xx.xxx back to local host (127.0.0.1) and some "thing" changes it back to that ha#ker&#39;s or maleware website IPs. Does that make sense?
    No, no routers no nothing. I use the ol&#39; klite 2.4.3e and Shareaza. BTW: I check these applications and figured out that they are not causing the problem.
    The speed of the internet connection is like usual, BUT there is more traffic than usual. For ex. Ddos attacks and that scares me
    OK. Sorry, I misunderstood the problem, thinking you&#39;d changed the ips to 127.0.01 and they were being corrected.

    Anyway... When do you notice the change happening? If it&#39;s after a reboot then you&#39;ve got very little chance of finding what&#39;s doing it but if it&#39;s happening during a windows session you should be able to track down the culprit.
    Change the ips you want then save and close the file, but keep it&#39;s directory open viewing in detail mode, then sort by name and scroll to the bottom of the window.
    Leaving that window open, start opening suspected applications until you see the hosts file appear at the bottom of the list. When a file&#39;s properties are changed, it&#39;s removed from the list and added again, which makes it appear at the end of a list in an open window.
    if your font size is this small i'll add you to my ignore list because you're wasting my time, OK?

  8. Software & Hardware   -   #8
    Poster
    Join Date
    Aug 2003
    Location
    Burmoda triangle, right behind you!
    Posts
    564
    I actually did that. I tested every lil application I have, but nothing happened, so I think it is happening during a reboot. I dont have many apps in my comp. They are just eh pop. essensials, like sygate pf,AV,IE,Photoshop,Msn,Klite,Shareaza,Download accelerator and acrobat reader.
    Click the longhorn icon to visit my website.
    <span style='color:blue'><span style='font-size:8pt;line-height:100%'> You try Everything in my/our post(s) at YOUR own risk. I/we do not take responsibily for damages, caused by the post(s). Clicking on/or modifying anything in here is not permitted. Whoever edits my sig is a pussy.</span></span>

    ::::::::::::::::::::::::::::::::::::::::

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •