1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Whats all this about...

Discussion in 'Windows XP' started by josh65665, Oct 13, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. josh65665

    josh65665 Thread Starter

    Joined:
    Jul 20, 2008
    Messages:
    79
    [Windows Xp Pro]


    Ok recently I got a virus because I had turned of my anti virus for a few minutes and I've sorted it all out and every time I scan my pc I scan clean however I have Peer Guardian and can see what connections are being made and certain UDP connections are being made in big amounts.

    for example:

    // bad means I dont think its ok.

    Code:
    Source : port : destination : port
    ***


    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    some other connection
    some other connection
    some other connection
    another weird one // bad
    another weird one // bad
    another weird one // bad
    another weird one // bad
    another weird one // bad
    another weird one // bad
    another weird one // bad
    another weird one // bad
    another weird one // bad
    another weird one // bad
    another weird one // bad
    another weird one // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad
    [10.226.128.1] [the port varies] [my ip] [same as source port] // bad

    ***
    thats just an example

    So how would I go about knowing whats making these connections and how do I stop them because there slowing my pc down.

    By the way If I disconnect from the internet soucre changes to 127.0.0.1

    And I'm no noob so dont stop and explain everything.
     
  2. stressfreesoul

    stressfreesoul

    Joined:
    Mar 12, 2008
    Messages:
    25
    We, here at the Tech Guy Forum, do not provide support for activities pertaining to the use of P2P or torrent clients/software etc.
     
  3. Dan O

    Dan O

    Joined:
    Feb 13, 1999
    Messages:
    8,974
    You need to run MSCONFIG and disable all non Microsoft Startups and Services. Then add back the one you need.
     
  4. josh65665

    josh65665 Thread Starter

    Joined:
    Jul 20, 2008
    Messages:
    79
    Ok Dan I'll try that as for [​IMG] I hAtEmIcRoSoFt Peer Guardian Is not just for p2p though many people use it for that. Also for people that use p2p, p2p is legal when not downloading copyrighted software and Peer Guardian keeps your data from certain people that dont need to know about said data.
     
  5. josh65665

    josh65665 Thread Starter

    Joined:
    Jul 20, 2008
    Messages:
    79
    Ok I tried that it didnt work.
     
  6. josh65665

    josh65665 Thread Starter

    Joined:
    Jul 20, 2008
    Messages:
    79
    So could this be the work of a virus?
     
  7. TheOutcaste

    TheOutcaste

    Joined:
    Aug 7, 2007
    Messages:
    9,028
    netstat -b -o -p udp will list all UDP connections with the executable that started the connection and the Process ID (PID, as shown in Task Manager) of the owner of the connection. Might help you track down what process(es) is(are) doing this.

    And yes it could be a virus.

    HTH

    Jerry
     
  8. josh65665

    josh65665 Thread Starter

    Joined:
    Jul 20, 2008
    Messages:
    79
    Ok tried that and to my surprise as I thought that would work though UDP connections were being made the netstat failed to show them.
     
  9. nessyguin

    nessyguin

    Joined:
    Oct 19, 2006
    Messages:
    720
    It wouldnt do any harm to run a scan with malwarebyte's anti-malware . After running the installer allow it to check for updates and then scan your machine . The free version is very good and will remove anything it finds but only at your direction . It will at least confirm or refute to a large degree your suspicions .
     
  10. josh65665

    josh65665 Thread Starter

    Joined:
    Jul 20, 2008
    Messages:
    79
    Ok did that and it didnt find anything.
     
  11. TheOutcaste

    TheOutcaste

    Joined:
    Aug 7, 2007
    Messages:
    9,028
    try netstat -b -o without specifying the protocol, just in case it's UDPv6, or not quite what Netstat recognizes as UDP.

    Jerry
     
  12. josh65665

    josh65665 Thread Starter

    Joined:
    Jul 20, 2008
    Messages:
    79
    Yes I had tried that and I got nothing.
     
  13. josh65665

    josh65665 Thread Starter

    Joined:
    Jul 20, 2008
    Messages:
    79
    Mabey someone could suggest a program that could show me what app and connections its making.
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/758819

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice