Results 1 to 7 of 7
  1. #1
    Lounger
    Join Date
    Dec 2009
    Location
    South Africa
    Posts
    49
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have an adsl connection and using netmeter I see constant but very slow activity with both incomming and outgoing data amounting to more that 20 mb or more daily. My firewall shows connections to various ip addresses and looking these numbers up I see connections to Russia, Slovakia, US, and various other countries. I suspect a bot is active, using my computer to distribute spam ? but it is also downloading data !. MS Security Essentials does not find anything, nor does "rubotted". I've tried the cmd netstat -nr command but this doesn't show the ip's that my firewall shows. The only way I can stop this is to block all traffic via the firewall (COMODO) when I'm not using the computer. Is there some way to find what data it is downloading and sending out ? Or some application to stop all this ?

    Please help !

    Errol

  2. #2
    Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,654
    Thanks
    7
    Thanked 113 Times in 97 Posts
    Errol, give the free edition of Malwarebytes Antimalware a try.

    You can also obtain a downloadable copy of Microsoft's Malicious Software Removal Tool described in this PC World article . Also see the BotHunter article linked in the PC World article. BotHunter can be downloaded here .

    SUPERantispyware Free edition is also a good one, very thorough.

    There are other possibilities, and other loungers have some great suggestions on how to deal with bot infections.
    Deadeye81

    "We make a living by what we get, we make a life by what we give." Sir Winston Churchill

  3. #3
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Pittsford,NY
    Posts
    874
    Thanks
    517
    Thanked 35 Times in 27 Posts
    I'm a home user, not a network administrator ( a euphemism for saying I'm a dummy about networks), and I'd like to set up and use BotHunter.
    During setup it wants the addresses of networks I want to protect, and my email and dns ip addresses.
    I use Roadrunner; OpenDNS; and Hotmail.

    How do I figure out the entries BotHunter is looking for?

    Thanks,
    Dick

  4. #4
    Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,654
    Thanks
    7
    Thanked 113 Times in 97 Posts
    Hi Dick,

    This is assuming you have Windows 7. Go to the Start orb, type cmd in the search box. When the command prompt comes up, type in ipconfig /all and (be sure to include the space between ipconfig and the /) press enter. Your computer will be the first to come up showing your computer name. Next will be the active network adapter you are using, either wireless or Ethernet. Look to the end of this entry to find your DNS server IP addresses. Since you are using OpenDNS, there will be two IP addresses. You should find an entry for each computer or other network device that is connected to your home network with the active network adapter and IP address listing for each one.

    If you use XP, click the Start button, click Run and type in cmd and continue with the instructions above.

    If BotHunter wants your Workgroup name, you can find it in either OS by going to System in the Control Panel.

    I have not installed BotHunter yet.
    Deadeye81

    "We make a living by what we get, we make a life by what we give." Sir Winston Churchill

  5. #5
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,592
    Thanks
    5
    Thanked 1,059 Times in 928 Posts
    See Download details: Microsoft Network Monitor 3.4. It allows you to capture network traffic, view and analyze it.

    Joe
    Joe

  6. #6
    5 Star Lounger
    Join Date
    Dec 2003
    Location
    Burrton, KS, USA
    Posts
    833
    Thanks
    0
    Thanked 2 Times in 2 Posts
    have you looked at your OpenDNS dashboard? They do a very good job of report BOT activity from your network..

  7. #7
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Pittsford,NY
    Posts
    874
    Thanks
    517
    Thanked 35 Times in 27 Posts
    Gerald, JoeP, Mercyh:

    Thank you for your helpful responses.

    Dick

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •