Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Is there a list of BAD device drivers like Nortel or Network Monitor?

Reply
Thread Tools

Is there a list of BAD device drivers like Nortel or Network Monitor?

 
 
Sandra Knight
Guest
Posts: n/a
 
      01-26-2006
How can I tell from this list of devices which (if any) is "listening"
to my keystrokes or network packets?

Some of them sound fishy, eg IPSECSHM, Eacfilt, Network Monitor,
Arrowkey, System Recognizer, etc .

Do you have the SAME devices? I tried to delete the Nortel ones as I
don't use Nortel VPN anymore but they said they could not be deleted
as they were needed for the boot process. Huh?

Should I right click and delete some of those below?

I can I tell which are bad and which are "normal"?

I right clicked on "My Computer", selected "Manage",
then left clicked on "Device Manager", and then
selected "View", "Show hidden devices".

This is the list of Network adapters on the IBM laptop:

Network adapters
- 1394 Net Adapter
- Direct Parallel
- IBM High Rate Wireless LAN MiniPCI Combo Card
- IBM High Rate Wireless LAN MiniPCI Combo Card - Eacfilt Miniport
- Infrared Port
- Intel(R) PRO/100 VE Network Connection
- Intel(R) PRO/100 VE Network Connection - Eacfilt Miniport
- Nortel IPSECSHM Adapter
- Nortel IPSECSHM Adapter - Eacfilt Miniport
- WAN Miniport (IP)
- WAN Miniport (IP) - Eacfilt Miniport
- WAN Miniport (L2TP)
- WAN Miniport (Network Monitor)
- WAN Miniport (Network Monitor) - Eacfilt Miniport
- WAN Miniport (PPOE)
- WAN Miniport (PPTP)

This the list of other related devices.

Non-Plug and Play Drivers
- 1394 ARP Client Protocol
- AFD Networking Support Environment
- Arrowkey Device Acess
- Aspi32
- aswRdr
- ATM ARP Client Protocol
- Beep
- dmboot
- dmload
- Fips
- Generic Packet Classifier
- HTTP
- IBM eGatherer Diagnostics
- IP Network Address Translator
- IPSEC driver
- IrDA Protocol
- ksecdd
- mnmdd
- mountmgr
- NDIS System Driver
- NDIS Usermode I/O protocol
- NDProy
- NetBios over Tcpip
- Network Monitor Driver
- Nortel Etranet Access Protocol
- Null
- PartMgr
- ParVdm
- PGPdisk
- procguard
- RDPCDD
- RDPWD
- Remote Access Auto Connection Driver
- Remote Access IP ARP Driver
- Remote Access NDIS TAPI Driver
- Secdrv
- sptd
- TCP/IP Protocol Driver
- TDTCP
- Teefer for NT
- TPHKDRV
- VET File and Macro Monitor
- VET File System Filter
- VET File System Recognizer
- VgaSave
- VolSnap
- vsdatant
- Windows Socket 2.0 Non-IFS Service Provider Support Environment
- wpsdrvnt
 
Reply With Quote
 
 
 
 
CiscoHeadsetAdapter.com
Guest
Posts: n/a
 
      01-26-2006
Use any Spyware Detection software to check your computer for malicius
software. There is a free online spyware detector available at
www.spywareinfo.com/xscan.php Pretty good.

If you are wondered about any driver or service you have on your computer -
use Google with the driver, file, or service name to do a research.

Good luck,

Mike
www.ciscoheadsetadapter.com


"Sandra Knight" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> How can I tell from this list of devices which (if any) is "listening"
> to my keystrokes or network packets?
>
> Some of them sound fishy, eg IPSECSHM, Eacfilt, Network Monitor,
> Arrowkey, System Recognizer, etc .
>
> Do you have the SAME devices? I tried to delete the Nortel ones as I
> don't use Nortel VPN anymore but they said they could not be deleted
> as they were needed for the boot process. Huh?
>
> Should I right click and delete some of those below?
>
> I can I tell which are bad and which are "normal"?
>
> I right clicked on "My Computer", selected "Manage",
> then left clicked on "Device Manager", and then
> selected "View", "Show hidden devices".
>
> This is the list of Network adapters on the IBM laptop:
>
> Network adapters
> - 1394 Net Adapter
> - Direct Parallel
> - IBM High Rate Wireless LAN MiniPCI Combo Card
> - IBM High Rate Wireless LAN MiniPCI Combo Card - Eacfilt Miniport
> - Infrared Port
> - Intel(R) PRO/100 VE Network Connection
> - Intel(R) PRO/100 VE Network Connection - Eacfilt Miniport
> - Nortel IPSECSHM Adapter
> - Nortel IPSECSHM Adapter - Eacfilt Miniport
> - WAN Miniport (IP)
> - WAN Miniport (IP) - Eacfilt Miniport
> - WAN Miniport (L2TP)
> - WAN Miniport (Network Monitor)
> - WAN Miniport (Network Monitor) - Eacfilt Miniport
> - WAN Miniport (PPOE)
> - WAN Miniport (PPTP)
>
> This the list of other related devices.
>
> Non-Plug and Play Drivers
> - 1394 ARP Client Protocol
> - AFD Networking Support Environment
> - Arrowkey Device Acess
> - Aspi32
> - aswRdr
> - ATM ARP Client Protocol
> - Beep
> - dmboot
> - dmload
> - Fips
> - Generic Packet Classifier
> - HTTP
> - IBM eGatherer Diagnostics
> - IP Network Address Translator
> - IPSEC driver
> - IrDA Protocol
> - ksecdd
> - mnmdd
> - mountmgr
> - NDIS System Driver
> - NDIS Usermode I/O protocol
> - NDProy
> - NetBios over Tcpip
> - Network Monitor Driver
> - Nortel Etranet Access Protocol
> - Null
> - PartMgr
> - ParVdm
> - PGPdisk
> - procguard
> - RDPCDD
> - RDPWD
> - Remote Access Auto Connection Driver
> - Remote Access IP ARP Driver
> - Remote Access NDIS TAPI Driver
> - Secdrv
> - sptd
> - TCP/IP Protocol Driver
> - TDTCP
> - Teefer for NT
> - TPHKDRV
> - VET File and Macro Monitor
> - VET File System Filter
> - VET File System Recognizer
> - VgaSave
> - VolSnap
> - vsdatant
> - Windows Socket 2.0 Non-IFS Service Provider Support Environment
> - wpsdrvnt



 
Reply With Quote
 
 
 
 
lgr_joly@yahoo.com
Guest
Posts: n/a
 
      01-26-2006
Consider the drivers one by one. Identify the file, manufacturer and
version, and get the same driver from a trusted source. Compare.

If you believe the machine is compromised stop using it except for
investigations. Put it on a test network. Inspect traffic to figure out
if some data is sent. Try to do this in a silent or busy networking
environment. This might take several days to see something.

Ludovic Joly

 
Reply With Quote
 
Steven L Umbach
Guest
Posts: n/a
 
      01-26-2006
Don't go trying to delete things just because you are unsure of what they
are. What you can do is to go into add and remove programs and from there
remove applications that you no longer need. Beyond that you should rely on
your malware and spyware detection and removal programs to try to identify
and remove any malicious process and you also want to scan in Safe Mode with
those also being sure to use the latest definitions for any malware/spyware
program as they can change daily. You can use free tools from SysInternals
such as Process Explorer, Autoruns, TCPView, and Autoruns to show what
processes are being used on your computer, the associated executable, the
publisher name and if the file is signed [verified], and associated services
and port use. If the associated executable does not show a publisher in
Process Explorer that could [but not always] indicate a malicious
ocess. --- Steve

http://www.sysinternals.com/Utilitie...sExplorer.html -- Process
Explorer and link to SysInternals.

"Sandra Knight" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> How can I tell from this list of devices which (if any) is "listening"
> to my keystrokes or network packets?
>
> Some of them sound fishy, eg IPSECSHM, Eacfilt, Network Monitor,
> Arrowkey, System Recognizer, etc .
>
> Do you have the SAME devices? I tried to delete the Nortel ones as I
> don't use Nortel VPN anymore but they said they could not be deleted
> as they were needed for the boot process. Huh?
>
> Should I right click and delete some of those below?
>
> I can I tell which are bad and which are "normal"?
>
> I right clicked on "My Computer", selected "Manage",
> then left clicked on "Device Manager", and then
> selected "View", "Show hidden devices".
>
> This is the list of Network adapters on the IBM laptop:
>
> Network adapters
> - 1394 Net Adapter
> - Direct Parallel
> - IBM High Rate Wireless LAN MiniPCI Combo Card
> - IBM High Rate Wireless LAN MiniPCI Combo Card - Eacfilt Miniport
> - Infrared Port
> - Intel(R) PRO/100 VE Network Connection
> - Intel(R) PRO/100 VE Network Connection - Eacfilt Miniport
> - Nortel IPSECSHM Adapter
> - Nortel IPSECSHM Adapter - Eacfilt Miniport
> - WAN Miniport (IP)
> - WAN Miniport (IP) - Eacfilt Miniport
> - WAN Miniport (L2TP)
> - WAN Miniport (Network Monitor)
> - WAN Miniport (Network Monitor) - Eacfilt Miniport
> - WAN Miniport (PPOE)
> - WAN Miniport (PPTP)
>
> This the list of other related devices.
>
> Non-Plug and Play Drivers
> - 1394 ARP Client Protocol
> - AFD Networking Support Environment
> - Arrowkey Device Acess
> - Aspi32
> - aswRdr
> - ATM ARP Client Protocol
> - Beep
> - dmboot
> - dmload
> - Fips
> - Generic Packet Classifier
> - HTTP
> - IBM eGatherer Diagnostics
> - IP Network Address Translator
> - IPSEC driver
> - IrDA Protocol
> - ksecdd
> - mnmdd
> - mountmgr
> - NDIS System Driver
> - NDIS Usermode I/O protocol
> - NDProy
> - NetBios over Tcpip
> - Network Monitor Driver
> - Nortel Etranet Access Protocol
> - Null
> - PartMgr
> - ParVdm
> - PGPdisk
> - procguard
> - RDPCDD
> - RDPWD
> - Remote Access Auto Connection Driver
> - Remote Access IP ARP Driver
> - Remote Access NDIS TAPI Driver
> - Secdrv
> - sptd
> - TCP/IP Protocol Driver
> - TDTCP
> - Teefer for NT
> - TPHKDRV
> - VET File and Macro Monitor
> - VET File System Filter
> - VET File System Recognizer
> - VgaSave
> - VolSnap
> - vsdatant
> - Windows Socket 2.0 Non-IFS Service Provider Support Environment
> - wpsdrvnt



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
We are buying: Cisco ADC Nortel Nokia Nortel Fujitsu Lucent Keane1 Cisco 0 11-10-2009 09:05 PM
Is there a list of BAD device drivers like Nortel or Network Monitor? Sandra Knight Computer Security 4 05-15-2008 10:02 PM
connecting a Nortel Contivity VPN device to a Cisco PIX Firewall in IPSEC tunnel mode Ken Gallagher Cisco 2 08-07-2006 02:51 PM
ActiveX apologetic Larry Seltzer... "Sun paid for malicious ActiveX code, and Firefox is bad, bad bad baad. please use ActiveX, it's secure and nice!" (ok, the last part is irony on my part) fernando.cassia@gmail.com Java 0 04-16-2005 10:05 PM
24 Season 3 Bad Bad Bad (Spoiler) nospam@nospam.com DVD Video 12 02-23-2005 03:28 AM



Advertisments