To register for an Internet.com membership to receive newsletters and white papers, use the Register button ABOVE.
To participate in the message forums BELOW, click here
I noticed yesterday that my connection was communicating like mad without me doing it. I look for a process that was causing it, but did not find it. I ran spybot search and destory, Hijackthis and Housecall free online scan. I have AVG installed so don't think it is a virus. I had this computer on as DMZ so the firewall was off.
I have got the firewall on now, but is there a program that I can use to see who or what is accessing my computer?
__________________
Two wrongs don't make a right, but, three rights make a left!!!!!
Running "netstat" at a command prompt will show you active connections. If you have XP SP2, "netstat -o" will add a PID (process ID) column which you can match up using Task Manager (View | Select Columns to show PIDs).
__________________
Safe computing is a habit, not a toolkit.
Your system is sending a hell of a lot of email -- those aren't incoming connections, they're outgoing. You're infected with some sort of virus or trojan, and given stuff didn't pick it up, it's probably pretty new.
You might also try something like RootkitRevealer or Blacklight, in case whatever you're infected with is cloaking itself.
__________________
Safe computing is a habit, not a toolkit.
Does your firewall monitor outgoing connections or only incoming? ZoneAlarm will do both, while I think the Windows one only does incoming. Seeing what is asking for outgoing permission might be helpful.
I agree with Tuttle, you are running boocoo email services/clients/connections! What AntiVirus and AntiSpyware are you running on your PC? Finally got my first cup of Coffee, reread your post, your running AVG, I'd recommend doing an online scan, makes sure you don't have a Virus running, go here and try this, I use this site to verify PC is virus free,
I got AVG and have Spybot Search and Destroy which found nothing. Have went online to Trend Micro's free online scan and it found nothing. The Rootkit Revealer found nothing. I find nothing in the window process listings. I use Thunderbird for e-mail and IE and Firefox for web surfing.
__________________
Two wrongs don't make a right, but, three rights make a left!!!!!
I think I found the problem files. Winsvcup.exe, Winupsvx.exe, and Mswinup.exe. The all were the exact same size and were installed on the same day at almost the same time. I installed the free Zone alarm and it poped up after a few minutes with one of them wanting access. I think I will keep ZoneAlarm...
I just deleted the files from the system 32 directory. I have still not found a program that would find them. They are listed as malware/spyware.
__________________
Two wrongs don't make a right, but, three rights make a left!!!!!
Last edited by ajm100; September 29th, 2006 at 08:41 AM.
I think I found the problem files. Winsvcup.exe, Winupsvx.exe, and Mswinup.exe. The all were the exact same size and were installed on the same day at almost the same time. I installed the free Zone alarm and it poped up after a few minutes with one of them wanting access. I think I will keep ZoneAlarm...
I just deleted the files from the system 32 directory. I have still not found a program that would find them. They are listed as malware/spyware.
You may find that they magically regenerate when you reboot. When you run your various cleaners, be sure to do it while you are running in Safe Mode-that will improve your odds of catching and eliminating them.
Linear Mode
