G
Gordon
Hobo said:
He's been told about html for YEARS and the arrogant sod just ignores
everyone.
Plonk him like most others have done...
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
He's been told about html for YEARS and the arrogant sod just ignores
everyone.
Plonk him like most others have done...
N
Nonny
mikeyhsd said:maybe you need to take a break from boozing and read the rules.
You're a bozo.
M
mikeyhsd
like I said you need to give up on the boozing and read the microsoft news group posting rules.
(e-mail address removed)
Haven't figured out how to turn off the html? Maybe you should read the
'rules'!
(e-mail address removed)
Haven't figured out how to turn off the html? Maybe you should read the
'rules'!
maybe you need to take a break from boozing and read the rules.
(e-mail address removed) <mailto:[email protected]>
Yeah, well at least she knows better than to post to newsgroups in html
which is one up on you!
nothing says she is always right.
all she knows how to do is to copy/paste canned replies.
takes no intelligence or real know how.
(e-mail address removed) <mailto:[email protected]>
C
Chuck
To add insult, many of the law enforcement agencies either don't care about
this problem, or don't have the knowledge to deal with it.
If kiddie p is involved, they do get more interested, however the methods
used may be quite disruptive to your business.
this problem, or don't have the knowledge to deal with it.
If kiddie p is involved, they do get more interested, however the methods
used may be quite disruptive to your business.
Charlie Tame said:Internet Explore and Windows Host Process Server on my computer are
attempting to connect multiple times a day (20 or more) to numerous
google.com ip addresses across a wide viriety of ports in the 45000's.
I have been unable to close the processes. The Internet Explorer
process has been running as a seperate program that I am unable to see
and uses 45,000k of ram. It is also not possible for me to shut the
program down. I have nine svchost.exe (windows host process services)
running which are also attempting to communicate with google.com.
These events are of great concern to me as I work for a financial firm
and keep large amounts of proprietary knowledge on my computer. Can
anyone help me determine if in fact I was hacked? If I was hacked, I
am not looking to have this issue repaired, I want evidence to take to
the police so that I do not need to deal with these hassles again.
In the other thread you say the computer was recently "Hacked" and you had
it reformatted. This implies you did not reinstall Vista yourself so who
did? Did they investigate at all or just do as you asked and reinstall? In
other words what confirmation do you have that the original install was
actually hacked?
On my machine there are currently 12 instances of scvhost running and on
explorer.exe that cannot be shut down because it is the desktop. Internet
Explorer is IExplore.exe not explorer.exe.
Often when legitimate processes try to communicate and are blocked they
will repeatedly try again and sometimes use a different port. The fact
that your new "Firewall" is blocking things might in fact be making things
look worse than they are. Software firewalls are sometimes useful but that
depends on what you do with them, they can also be considered "Snake Oil".
Probably the best solution for a firewall is to use a router, even if you
only have a single machine.
You can use this utility
http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx
or go start>run?type in cmd and hit enter.
In the window type netstat -af [enter]
Either should show active connections, many of which will be your machine
talking (or at least listening) to itself.
The utility offered at the technet site is somewhat the better one.
If you have Google toolbar or update manager installed then random
connections to google will happen, otherwise I am not sure what the
connection would be between google and some alleged hacker. Can you list
what security / antivirus / antispyware / search software you have
installed if any? I may not be able to get back here before tomorrow but
that information may help someone get a better idea of what is going on.
Getting proof of this type of thing can be difficult, it is one thing to
prove that an IP address did something, quite another to establish who was
using the machine at that time, so "If" something is happening it is best
to stop the offender getting in rather than have it continue while
investigation takes place.
C
Charlie Tame
Agreed, much easier to wait until you go over 35 mph and write a citation.
I mean first the offending machine could be compromised or "Zombied".
Second, the user may not be identifiable even if the machine is. It is
an awful lot of work for very uncertain gains, especially when the
evidence is not clear.
I mean first the offending machine could be compromised or "Zombied".
Second, the user may not be identifiable even if the machine is. It is
an awful lot of work for very uncertain gains, especially when the
evidence is not clear.
To add insult, many of the law enforcement agencies either don't care about
this problem, or don't have the knowledge to deal with it.
If kiddie p is involved, they do get more interested, however the methods
used may be quite disruptive to your business.
Charlie Tame said:Internet Explore and Windows Host Process Server on my computer are
attempting to connect multiple times a day (20 or more) to numerous
google.com ip addresses across a wide viriety of ports in the 45000's.
I have been unable to close the processes. The Internet Explorer
process has been running as a seperate program that I am unable to see
and uses 45,000k of ram. It is also not possible for me to shut the
program down. I have nine svchost.exe (windows host process services)
running which are also attempting to communicate with google.com.
These events are of great concern to me as I work for a financial firm
and keep large amounts of proprietary knowledge on my computer. Can
anyone help me determine if in fact I was hacked? If I was hacked, I
am not looking to have this issue repaired, I want evidence to take to
the police so that I do not need to deal with these hassles again.
In the other thread you say the computer was recently "Hacked" and you had
it reformatted. This implies you did not reinstall Vista yourself so who
did? Did they investigate at all or just do as you asked and reinstall? In
other words what confirmation do you have that the original install was
actually hacked?
On my machine there are currently 12 instances of scvhost running and on
explorer.exe that cannot be shut down because it is the desktop. Internet
Explorer is IExplore.exe not explorer.exe.
Often when legitimate processes try to communicate and are blocked they
will repeatedly try again and sometimes use a different port. The fact
that your new "Firewall" is blocking things might in fact be making things
look worse than they are. Software firewalls are sometimes useful but that
depends on what you do with them, they can also be considered "Snake Oil".
Probably the best solution for a firewall is to use a router, even if you
only have a single machine.
You can use this utility
http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx
or go start>run?type in cmd and hit enter.
In the window type netstat -af [enter]
Either should show active connections, many of which will be your machine
talking (or at least listening) to itself.
The utility offered at the technet site is somewhat the better one.
If you have Google toolbar or update manager installed then random
connections to google will happen, otherwise I am not sure what the
connection would be between google and some alleged hacker. Can you list
what security / antivirus / antispyware / search software you have
installed if any? I may not be able to get back here before tomorrow but
that information may help someone get a better idea of what is going on.
Getting proof of this type of thing can be difficult, it is one thing to
prove that an IP address did something, quite another to establish who was
using the machine at that time, so "If" something is happening it is best
to stop the offender getting in rather than have it continue while
investigation takes place.
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.