Having a problem, might just be paranoia, help, PLEASE!

[Bannik]

Hi all!

Been away for a while, but I'm back now and I'm experiencing something odd with my computers.

Here's what I've got:

My laptop: Windows Vista 32-bit Home Premium SP1.
My desktop: Windows Vista 64-bit Home Premium SP1.

I have a feeling that something is wrong, I don't actually have any evidence, but I like to be as secure as possible.

I have downloaded and installed the following.

Ad-Aware 2008 free.
Avast! Antivirus free.
AVG 8 free.
Avira Antivir free.

I have run full and complete scans with all of the above on both computers using the latest definitions and administrative privileges (where possible) and none of them can detect anything wrong what so ever. Nothing suspicious, nothing malicious, nothing even remotely harmful.

However, I can't shake this feeling, the feeling comes from the fact that whenever I open a folder on my computer (doesn't matter which one) the network light on my router blinks 3 times, no matter which folder I open, 3 blinks, everytime without fail (both computers).

It may be normal for Vista, I don't know, if all of the above programs can find nothing wrong, I'm at a loss, I cannot explain it, can anyone here?

I would really appreciate help with this guys and girls!

Thanks.

Bannik.

[cas]

Which router are u using and did u try verifying ur doubt with the router tech support?

[Bannik]

I'm using a Netgear Router from Sky, which is my Broadband provider, I haven't checked with tech support, don't even know if they have one, the router is functioning properly though, wouldn't be here if it wasn't.

What I'm concerned about is the fact that whenever I open a folder, Vista is transmitting something, I should point out, that it is only transmitting over the network, not over the Internet (I think).

Chances are it's been doing it all the time, I've just started to notice it.

What would you suggest? Are there any other anti-virus, anti-spyware programs that are free that you can suggest?

Good to see you again Cas!

[cas]

Quote:

Originally Posted by Bannik

I'm using a Netgear Router from Sky, which is my Broadband provider, I haven't checked with tech support, don't even know if they have one, the router is functioning properly though, wouldn't be here if it wasn't.

What I'm concerned about is the fact that whenever I open a folder, Vista is transmitting something, I should point out, that it is only transmitting over the network, not over the Internet (I think).

Chances are it's been doing it all the time, I've just started to notice it.

What would you suggest? Are there any other anti-virus, anti-spyware programs that are free that you can suggest?

Good to see you again Cas!

Tbh my dlink router led from the wan, wlan, status and lan has been blinking non stop, the only led which didn't blink is the power led, i assume is normal but not pretty confirm if u ask me

Btw there are a way to verify whether if there's any illegal activties or hacker that log into your network, just by logging into your router config page and check under log tab, the log keep a list of records showing the activties on your router

Alternatively you can call up your local netgear distro or tech support or post a thread on netgear forum, i'm pretty sure someone would be able to answer ur queries and clear ur doubt. Following are the link of netgear forum NETGEAR Forums

As for AV and anti-spyware, all these can only prevent worm, trojan and spyware but not hacker, to stop hacker from intruding your network, you need firewall but then the netgear router has already has a build in firewall, you should be safe if u have set a strong wpa or use MAC address filtering.

Say if u didn't set a strong security or using the default setting of the router, anyone near u would be able to detect your router and logged into the router config page and mess with it

But then you might be just over paranoid or conscious, to be on the safe side, do what i mention above, any doubt just ask

if our long timer friend like gordon or nexus happen to came across this thread, they should be able to assist u as they are expertise on network. Lastly nice seeing u as well, cas

[Bannik]

I am no longer using WI-FI, so MAC filtering and WPA keys are no longer necessary, but I will check the logs on my router, something I've never done before.

Thanks Cas, hopefully this topic will remain open, so others will be able to input and make suggestions.

[Bannik]

OK, so my router wasn't configured to log anything but admin logins and requests sent to and from the ISP, which is Sky.

So I enabled logging for everything. I tested it several times, when I open a folder in Vista, the router light blinks 3 times, but the log records no activity, inbound or outbound, so it looks like that's harmless, unless I'm not aware of something.

What next, the logs are difficult to decypher because they consist only of IP Addresses, I haven't detected any attacks so far and the log is set to show them, but since it hasn't been logging until a few minutes ago, there could have been thousands, perhaps millions.

Can you log into a router from the outside (Internet)? I thought it could only be accessed from the network? Of course, if someone were using my wireless, they would have an ip address and therefore would be able to login, but with the wifi now disabled, not going to happen again.

Now I know though, I think, that the 3 blinks whenever I open a folder is not doing anything over the Internet.

Still, however the feeling won't go away, I'm not a happy bunny today.

[Mr. Chris]

It could just be that when you open a folder, Vista is scanning ports on the PC and scans the Ethernet port. At any rate, 3 blinks, to me, is not really any activity, it's not like something is "dialing home" like a key logger or spyware. And any program that you may have installed that would call out would show a lot more activity.

Don't go crazy looking at router logs, they fill up pages and pages of "DDoS attacks", at least mine does, and the firewall blocks them all. You could get real paranoid real quick.

Why not just unplug the router cable and see if Vista complains? I mean, other than telling you that you have no connectivity. You have Vista's Firewall enabled? Seems like you have done all the scanning that you can to make sure there's not crap installed on your PC.

(put a piece of electrical tape over the light if it keeps you awake at night ) Chris.

[Bannik]

It's annoying, but I know now that the blinking is probably harmless.

This is what happens to you when you go to College with someone who knows a great deal about hacking.

I won't pay too much attention to the router logs, as long as outside attacks are blocked.

I've changed the password on my router anyway, just in case, I've switched to strong passwords, which contain numbers and upper and lower case letters, to prevent most of the possible attacks.

I wasn't concerned for myself, I was concerned for my Dad, as his details can be stolen just as much as mine can.

Seriously though, I've scanned with all the packages above and both computers are completely clean, according to them all.

All I can do is wait and see what happens.

Thanks Chris.

[cas]

Here's a good and highly recommended port scanner, run the test using shields up and it would scan all the port and tell u which is secure and which is at risk. Just click on the link and choose shields up

GRC*|*Gibson Research Corporation Home Page**

[Bannik]

Guys, this is really starting to get worrying now, I have some new things to report.

Firstly, the router blinking 3 times thing, doesn't happen straight away, it happens about 20-30 minutes after I log into the OS, I've checked running processes and nothing new is running that isn't running when the OS first boots up, could still be nothing, but I'm worried.

Secondly, when I log into my router and check the log, only outbound traffic is being logged, I've set my router to block all inbound services, but to log everything, yet nothing is being logged from the outside at all, no DOS attacks, no Port Scans, nothing, how can I not be under attack?

Everyone gets attacked, all the time, but nothing is being logged.

I'm really scared and I don't know what to do, can anyone suggest anything that might help?

Thanks.

Bannik.