1. Home
  2. Networking Firewalls
  3. my computer is sending a lot of data out but I am not uploading?

my computer is sending a lot of data out but I am not uploading?

I have an xp machine. I have a dial-up connection

I am using tiny firewall 6.0 I have nod32 and it's up to date. I use adaware and spybot, hackthis and cwsshredder. I have shut port 135

445 and dcom is turn off. I have also turned off the spam messages in messenger and the upnp is closed.

After about 2 hours the amount of outbound traffic starts to increase and by the morning it tells me it has sent eg 345,987,765bytes. So, it ticks over like crazy even when there is no visible traffic. Everything that I can close is closed.

I have used tcpview, commview and part of tfp 6.0 to monitor it. I can't see what or who is sending the data out. I am about to try cable nut.

I am coming to end of what I know. I have scanned and probed to the best of my ability. I am also coming to end of my rope. I am also seriously considering reimaging my drive, just to put an end to it.

I am hoping that someone can help, because I would dearly love to know waht's going on.

Thanks in advance. Please feel free to eamil me directly if you want.

Dennis Quinn

Reply to
dennis quinn
Loading thread data ...

Shut port 25 please. You are sending out spam. You have a spamming trojan.

Make sure nothing is allowed to use port 25 in your tiny firewall, log attempts.

Take a look and report back what you find.

Reply to
steevo

Can you paste a portion of the log? Have you tried to monitor with etheral?

Reply to
jch

snipped-for-privacy@bne.catholic.edu.au (dennis quinn) wrote in news: snipped-for-privacy@posting.google.com:

Active Ports and Process Explorer are some tools you can use.

formatting link
Duane :)

Reply to
Duane Arnold

Go to Steve Gibson's site and run ShieldsUp. I had port 1025 stuck open and needed to force Zone to close it. All others were closed and maybe 4-5 were in stealth mode. Site is

formatting link
This test everyone should run.

You can also download Leakiest free from the site. Just remember to say NO when your firewall asks to connect to the internet (basically, a leak).

B~

Reply to
B. Peg

">

Dear Steevo

Thankyou for your help.

I unload tiny firewall 6. While it was good, it was hard to use. I switched to zone alram pro. Which is easier to use and much more friendly for my wife when I'm not around. I shut down port 25, closed the smtp server on my computer. Didn't need it which was good. Went to grc and did the leak test. The computer is in stealth mode and the amount of outbound data has gone from something like 300Mb over a 5 hour period to about 500KB. So I am happy. Could not find the spam trojan for love nor money, any advice would be appreciated. I did come across a keylogger called spybot? I also came across C Dilla and Cydoor. I read some stuff about C Dilla and how incorrectly removing it can screw with ones mbr some advice here would also be appreciated.

What do I do about Cydoor? Can you recommend any good software to take care of this and find the spam trojan onboard.

Thanks heaps to everyone for your help. I was being driven crazy and all folks go me out of trouble THANKS

Dennis

Reply to
dennis quinn

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.