Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

virus/worms etc. question - something connects to the internet but I don't know what

Posted on 2004-04-07
8
Medium Priority
?
144 Views
Last Modified: 2010-04-13
Hi,

I seem to have something running on my Win2000 box which is connecting to the internet. I can clearly see on the network-icon (the two computers in the icontray) that there is some communication going on (I am sitting on a cablemodem) but I have no idea what.

I used Antivir for checking my system: it found some sadbot-**** which was deleted now. I even re-checked my system twice after rebooting.

I checked the TaskManager for running processed: seems all right

I checked registry for the /run etc. entries if something is automatically started when booting up my computer: nothing


And still some bastard is sitting on my computer and connecting to the internet, I am 100% sure. THERE IS COMMUNICATION GOING ON but I have not the slightest idea what!!!!

can anyone help?


Can anyone tell me the name of a good, free and easy to use realtime packet/IP sniffer so I can check out which apps (.exes etc.) are using internet connections? I tried multiple packet sniffers now but they are just worthless.

I just need to find out which bastard-app is using my internet-connection.
0
Comment
Question by:delphiheaven
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
8 Comments
 
LVL 32

Accepted Solution

by:
LucF earned 200 total points
ID: 10772916
Hi delphiheaven,

Use this tool to check what process is connected to each port. If you're not sure about one, let us know the process name.
http://www.sysinternals.com/ntw2k/source/tcpview.shtml

Greetings,

LucF
0
 
LVL 6

Expert Comment

by:jthow
ID: 10773332
Time to get a firewall?

Zone Alarm do a free one:-

http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp

I find Norton Personal Firewall easier to manage, but you have to buy that one.

(Usual disclaimers.)

JohnT
0
 

Author Comment

by:delphiheaven
ID: 10773470
I already have ZoneAlarm.

I also tried the IPMonitor from sysinternals, but I can't see nothing theree... everything seems to be normal.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 6

Expert Comment

by:jthow
ID: 10773690
How about malware?  AdAware from:-

http://www.lavasoft.de

?

JohnT
0
 

Author Comment

by:delphiheaven
ID: 10774006
I also tried this, some stuff was detected and removed. But stillI got plenty of traffic in/out, strange...
0
 
LVL 32

Expert Comment

by:LucF
ID: 10774051
Have you checked tcpview yet?

Otherwise, use this tool and post the logfile:
http://209.133.47.200/~merijn/files/HijackThis.exe
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11997598
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup topic area:
    Accept: LucF {http:#10772916}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

jdeclue
EE Cleanup Volunteer
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question