Its dowloading something but what?!?

[Guest]

Do have Anti virus software and is it up to date with the
latest DAT files? It sounds like you have a virus.

-----Original Message-----
I have an odd problem, when I am idle on the net (not

browsing or any thing) my connection details keep showing
that I'm constantly downloading some thing, even though I
don't have Kazaa or any P2P program, nor is my auto
update dowloaing any thing. I went as far as to close
basically every program on my Taskbar, went to task
manager and disabled every process except for the bare
essentials and still its downloading something. is there
a way to find out where its coming form, where its going,
what it is, or simply what program is doing it? I have an
inkling that its a Trojan or some thing like it. Thanks
in advance

 

[B Walker]

Do have Anti virus software and is it up to date with the
latest DAT files? It sounds like you have a virus.


browsing or any thing) my connection details keep showing
that I'm constantly downloading some thing, even though I
don't have Kazaa or any P2P program, nor is my auto

Get a copy of Ethereal (and winpcap which is required by Ethereal) and
see exactly what the traffic is, check the ports (that can give you an
idea) and the hosts (an even better idea).

 

[Chuck]

Do have Anti virus software and is it up to date with the
latest DAT files? It sounds like you have a virus.
browsing or any thing) my connection details keep showing
that I'm constantly downloading some thing, even though I
don't have Kazaa or any P2P program, nor is my auto
update dowloaing any thing. I went as far as to close
basically every program on my Taskbar, went to task
manager and disabled every process except for the bare
essentials and still its downloading something. is there
a way to find out where its coming form, where its going,
what it is, or simply what program is doing it? I have an
inkling that its a Trojan or some thing like it. Thanks
in advance

Port Explorer (free) from
<http://www.diamondcs.com.au/portexplorer/index.php?page=home> will show you
what network connections your computer is actually opening, and what processes
are opening them. And Process Explorer (free) from
<http://www.sysinternals.com/ntw2k/freeware/procexp.shtml> provides way more
information than Task Manager, including what module are called by any process
identified by Port Explorer, and who wrote or distributed each module.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.

 

[B Walker]

Port Explorer (free) from
<http://www.diamondcs.com.au/portexplorer/index.php?page=home> will show you
what network connections your computer is actually opening, and what processes
are opening them. And Process Explorer (free) from
<http://www.sysinternals.com/ntw2k/freeware/procexp.shtml> provides way more
information than Task Manager, including what module are called by any process
identified by Port Explorer, and who wrote or distributed each module.

Or you can simply go to a command line and type netstat this is free and
included with WinXP at least.

 

[Chuck]

Or you can simply go to a command line and type netstat this is free and
included with WinXP at least.

Use "netstat -o" if you want the pids for the network connections, which is how
you find the processes of interest. Unfortunately, the -o only works for WinXP.
Which is how I got to using Port Explorer.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.