Saved Bookmarks
| 1. |
Solve : Can anyone tell me why i have these established connections?? |
|
Answer» Hi guys, im no expert, and was hoping if someone could fill me in on these connections via netstat, a little worried its not nothing. In computing, netstat (network statistics) is a command-line network utility tool that displays network connections for the Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network ...Seldom, if ever, do most users need to use this. When you connect to the Internet, SEVERAL things start to happen. Thee are different services that Windows programs may need for normal use. For example, programs check for updates, security certificates are verified and so on.If you want to look for unusual activity, I would run wireshark and tell it to monitor your NIC. And dont use your computer and see if its broadcasting or receiving connections to an outside IP address. Then perform an IP address lookup to see what the IP matches. Most of the time its nothing, but sometimes you can find issues this way. I for example had a strange network traffic occuring on a system a while back and tracked it down to Pando Media Booster that came with a free game that was turning my system into a seed for a bit torrent that I didnt want happening. So I shut off the seed of my system to others because my upload speed was getting crippled with my system serving up files for others to download. Netstat will show open ports etc, but other than that its not as helpful as trapping packets and looking up as to what the traffic is up to with wireshark. Do you have any odd behavior that has you looking for malware or a hacker etc?Hi thanks. Purpose of me asking is i found software from here installed http://www.hhdsoftware.com/device-monitoring-studio Someone may have installed it as a trial. Do other people have "physical access" to your computer to install stuff such as roommate etc? Someone would have had to have physical access to the system to install this or a virus or malware allow REMOTE admin access to install the trial. Thing is that if your system was hacked, the hacker would have used a keylogger or something that runs as a TSR that is better stealthed from detection. Any hacker using a trial of a tool like this to gain information would be a hacker that isnt very well skilled and likely refers to script kiddie means of hacking. I feel someone with physical access to your system installed this vs a hacker as a greater probability. So uninstall the software and keep others off of your computer and the problem should be solved. Quote License Type:Thank you. I cannot uninstall as i dont have permission, i need permission from trusted installer, who or what that is i dont know. I am using the only admin account.. And personally i suspect someone who is no computer hacker. If im talking rubbish let me know but i feel someone is also adding/edditing webpages i visit with html. if i press right click, source, on the CODE some of the entries are what i consider not legit. ive seen code in a "container"? which i read is a way for something to run without my pc being able to see it? There are these DOMBreak points, event listeners? not to sure what they are but certain sites have a delay on when i enter the url. facebook will always tell me the first login attempt is incorrect. Im no expert about certifcates when visiting websites but every sites certifcate when i VIEW it is "Ensures the identity of a remote computer" "Ensures the identiy of a local computer" followed by a long code underneath The other day after accidently somehow geting on to the source page for the first time ever it told me i was printing 71 pages and it baffled me, but investigating i think it is something which is capturing the html code and being used in something called an aplication gatway. I also have a printer installed set as my default which i have no access to because its denied, ms xms document writer As id been suspecying something for a while i downloaded a program called prtg and afew hours after lookinh around and trying to learn it a new connection apeared under virtual machines under the name of my pc I could be completely wrong but i think that every device on my network is being surveyed remotely. Quote I cannot uninstall as i dont have permission, i need permission from trusted installer, who or what that is i dont know. I am using the only admin account..How are you trying to uninstall it? TrustedInstaller is a built-in used by Windows Installer and Windows Update. Quote if i press right click, source, on the code some of the entries are what i consider not legit. ive seen code in a "container"? which i read is a way for something to run without my pc being able to see it? You are reading Javascript source and pointing at anything remotely related to the problems you are having as a possible culprit. references to "container" DOMBreakpoint's, event listeners, etc are perfectly normal in Javascript. Quote Im no expert about certifcates when visiting websites but every sites certifcate when i view it isIf a certificate failed to pass inspection, you'd know. Quote The other day after accidently somehow geting on to the source page for the first time ever it told me i was printing 71 pages and it baffled meYou accidentally printed it. Quote but investigating i think it is something which is capturing the html code and being used in something called an aplication gatway.No. Every single connection in the netstat is on your local network. There are no remote connections at all.Well thanks for answering, like i said i have not much idea what im looking at. |
|