Re: OT : Windows machine sending ICMP echo request (ping)

From: Edouard Zorrilla <ezorrilla_at_tsf.com.pe>
Date: Thu, 8 Jul 2010 09:23:41 -0700

Thanks,

I have already run malwarebytes and the only thing that I have found is
Hijack.display.properties, which doesn't seem to be anything weird ....,. Do
you know how to track icmp traffic ?. I would like to see which application
is sending this icmp ping traffic .,

Thanks.,

----- Original Message -----
From: <itguy.pro_at_gmail.com>
To: "Edouard Zorrilla" <ezorrilla_at_tsf.com.pe>; <ccielab_at_groupstudy.com>
Cc: <security_at_groupstudy.com>
Sent: Thursday, July 08, 2010 8:08 AM
Subject: Re: OT : Windows machine sending ICMP echo request (ping)

> Sounds like some worm... Did you run any anti malware software? Try
> malwarebytes.org.
> Sent via BlackBerry from T-Mobile
>
> -----Original Message-----
> From: "Edouard Zorrilla" <ezorrilla_at_tsf.com.pe>
> Sender: nobody_at_groupstudy.com
> Date: Thu, 8 Jul 2010 07:59:04
> To: <ccielab_at_groupstudy.com>
> Reply-To: "Edouard Zorrilla" <ezorrilla_at_tsf.com.pe>
> Cc: <security_at_groupstudy.com>
> Subject: OT : Windows machine sending ICMP echo request (ping)
>
> Hi Guys,
>
> I have a windows machine which keeps sending pings to others. The
> destination
> are random, but valid IP Address (seems it query dns or wins). Do you know
> how
> can I track the .exe which sends that kind of ping packets to the network
> ?. I
> have tried with tcpview but this shows me tcp/udp connections, not icmp
> traffic. I had scan with antivirus/antimalware and all is clean.,
>
> Thanks in advance for your time,
>
> Regads
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu Jul 08 2010 - 09:23:41 ART

This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 19:19:15 ART