Results 1 to 5 of 5
  1. #1
    2 Star Lounger
    Join Date
    Feb 2009
    Location
    Tucson, AZ, USA
    Posts
    131
    Thanks
    3
    Thanked 3 Times in 3 Posts

    I think I'm a zombie and need BIG help

    I am concerned that my computer has been compromised and is now a zombie. I put NetWorx on my machine yesterday to monitor the bandwidth use and 632 Gb was uploaded in 13 hours, more data than I have on my primary drive (and I’m a photographer). NetWorx does not tell me where it went. I run a remote backup, BackBlaze, but only about 1.3 Gb went there.

    This morning while I was out walking and the computer was just adding heat to my Tucson house, 7.5 Gb was uploaded and 5 Gb downloaded. I know, a lot of stuff happens in the background but this much???

    Can anybody recommend an inexpensive network monitor that will analyze this traffic and let me know where it is going? Finding the malware will be another issue.

    I’m running Win 7 pro 64 bit on an Intel Core i5 CPU H655 @ 3.2 Ghz with 16 G of ram.
    Dan Lynch
    The stonecherub

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    5,404
    Thanks
    128
    Thanked 488 Times in 449 Posts
    TCPView from Windows Sysinternals coupled with Process Explorer and Autoruns will do the job nicely.

    But if you are truely compromised do a full format and clean install, especially if you cannot ascertain the exact etiology of the compromise with the above tools, and an adequate search engine.
    Last edited by CLiNT; 2012-06-19 at 11:27.

  4. #3
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    10,207
    Thanks
    129
    Thanked 1,145 Times in 1,054 Posts
    A firewall such as Online Armor (you could run the free version or use the pro version in trial mode), can not only tell you what is connection to where, but will also tell you the amount of data downloaded and uploaded by each process. It can also be used to determine if you have any known malware. The installation process can take some time and it would be imperative that you take care on what you allow after the initial scan.

  5. #4
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    4,661
    Thanks
    67
    Thanked 531 Times in 480 Posts
    Wouldn't hurt to run Malwarebytes to see if it finds anything amiss.

    Jerry

  6. #5
    Lounge VIP
    Join Date
    Apr 2011
    Location
    Scotland
    Posts
    1,168
    Thanks
    44
    Thanked 134 Times in 115 Posts
    632GB in 13 hours works out to be around 12Mbp/s. Does your broadband connection support that data rate? It might well do, but if not then the numbers point to Networx logging internal traffic as well as external.

    I use Networx and have configured it to only log traffic over the LAN and not internal network traffic:

    Networx local monitor.jpg

    If you are monitoring internal network traffic as well as external, try the above setting and a while and see if it makes a difference.
    In God we trust; all others must bring data.

    - William Edwards Deming. 1900 - 1993

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •