virus/worms etc. question - something connects to the internet but I don't know what

Hi,

I seem to have something running on my Win2000 box which is connecting to the internet. I can clearly see on the network-icon (the two computers in the icontray) that there is some communication going on (I am sitting on a cablemodem) but I have no idea what.

I used Antivir for checking my system: it found some sadbot-**** which was deleted now. I even re-checked my system twice after rebooting.

I checked the TaskManager for running processed: seems all right

I checked registry for the /run etc. entries if something is automatically started when booting up my computer: nothing


And still some bastard is sitting on my computer and connecting to the internet, I am 100% sure. THERE IS COMMUNICATION GOING ON but I have not the slightest idea what!!!!

can anyone help?


Can anyone tell me the name of a good, free and easy to use realtime packet/IP sniffer so I can check out which apps (.exes etc.) are using internet connections? I tried multiple packet sniffers now but they are just worthless.

I just need to find out which bastard-app is using my internet-connection.
delphiheavenAsked:
Who is Participating?
 
LucFConnect With a Mentor EMEA Server EngineerCommented:
Hi delphiheaven,

Use this tool to check what process is connected to each port. If you're not sure about one, let us know the process name.
http://www.sysinternals.com/ntw2k/source/tcpview.shtml

Greetings,

LucF
0
 
jthowCommented:
Time to get a firewall?

Zone Alarm do a free one:-

http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp

I find Norton Personal Firewall easier to manage, but you have to buy that one.

(Usual disclaimers.)

JohnT
0
 
delphiheavenAuthor Commented:
I already have ZoneAlarm.

I also tried the IPMonitor from sysinternals, but I can't see nothing theree... everything seems to be normal.
0
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

 
jthowCommented:
How about malware?  AdAware from:-

http://www.lavasoft.de

?

JohnT
0
 
delphiheavenAuthor Commented:
I also tried this, some stuff was detected and removed. But stillI got plenty of traffic in/out, strange...
0
 
LucFEMEA Server EngineerCommented:
Have you checked tcpview yet?

Otherwise, use this tool and post the logfile:
http://209.133.47.200/~merijn/files/HijackThis.exe
0
 
jdeclueCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup topic area:
    Accept: LucF {http:#10772916}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

jdeclue
EE Cleanup Volunteer
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.