Results 1 to 5 of 5
  1. #1
    2 Star Lounger
    Join Date
    Feb 2009
    Location
    Tucson, AZ, USA
    Posts
    142
    Thanks
    3
    Thanked 3 Times in 3 Posts

    I think I'm a zombie and need BIG help

    I am concerned that my computer has been compromised and is now a zombie. I put NetWorx on my machine yesterday to monitor the bandwidth use and 632 Gb was uploaded in 13 hours, more data than I have on my primary drive (and I’m a photographer). NetWorx does not tell me where it went. I run a remote backup, BackBlaze, but only about 1.3 Gb went there.

    This morning while I was out walking and the computer was just adding heat to my Tucson house, 7.5 Gb was uploaded and 5 Gb downloaded. I know, a lot of stuff happens in the background but this much???

    Can anybody recommend an inexpensive network monitor that will analyze this traffic and let me know where it is going? Finding the malware will be another issue.

    I’m running Win 7 pro 64 bit on an Intel Core i5 CPU H655 @ 3.2 Ghz with 16 G of ram.
    Dan Lynch
    The stonecherub

  2. #2
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    5,481
    Thanks
    130
    Thanked 499 Times in 459 Posts
    TCPView from Windows Sysinternals coupled with Process Explorer and Autoruns will do the job nicely.

    But if you are truely compromised do a full format and clean install, especially if you cannot ascertain the exact etiology of the compromise with the above tools, and an adequate search engine.
    Last edited by CLiNT; 2012-06-19 at 12:27.

  3. #3
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    10,359
    Thanks
    130
    Thanked 1,162 Times in 1,069 Posts
    A firewall such as Online Armor (you could run the free version or use the pro version in trial mode), can not only tell you what is connection to where, but will also tell you the amount of data downloaded and uploaded by each process. It can also be used to determine if you have any known malware. The installation process can take some time and it would be imperative that you take care on what you allow after the initial scan.

  4. #4
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    4,878
    Thanks
    68
    Thanked 557 Times in 505 Posts
    Wouldn't hurt to run Malwarebytes to see if it finds anything amiss.

    Jerry

  5. #5
    Lounge VIP
    Join Date
    Apr 2011
    Location
    Scotland
    Posts
    1,168
    Thanks
    44
    Thanked 134 Times in 115 Posts
    632GB in 13 hours works out to be around 12Mbp/s. Does your broadband connection support that data rate? It might well do, but if not then the numbers point to Networx logging internal traffic as well as external.

    I use Networx and have configured it to only log traffic over the LAN and not internal network traffic:

    Networx local monitor.jpg

    If you are monitoring internal network traffic as well as external, try the above setting and a while and see if it makes a difference.
    In God we trust; all others must bring data.

    - William Edwards Deming. 1900 - 1993

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •