... what is leaving the computer when all the outbound (red bars) are
flashing, all the time?
At this point, I know I have no virus, trojan, spyware etc. I have also
turned off Automatic Updates in Windows XP (Home Edition), but as soon as I
log on, the outgoing zone alarm bars start up... so I'm at a loss, and
Is there a simple way to find out?
Thanks in advance! I hope this made sense...
You can use the tools in the link above like Active Ports, Process
Explorer and the other tools being mentioned and go look for yourself.
Yes and ZA and other personal FW(s) can and do get beaten.
You could have no viruses/worms/Trojans/spyware, and still have lots of
outbound traffic when you log on. Depends on what you've got installed.
E.g. if you have Yahoo Messenger installed, you will have lots of
outbound traffic associated with the Bonjour Service installed with it.
Windows Messenger will also quickly kick off outbound traffic.
Anti-virus programs will also quickly kick off outbound traffic. At a
minimum, you will have outbound traffic with Generic Host Process for
To get specific answers for your PC, click on the Programs tab, and put
question marks on all internet access for all programs, instructing Zone
Alarm to ask your permission each and every time a program wants
Michael O'D> ... what is leaving the computer when all the outbound (red bars) are
As already mentioned in the thread, you could have a look at the
traffic using a sniffer, ethereal nearly being a standard today.
This examination will give you a lot of information even if the data
uses a home made protocol and/or encryption, such as volume, used
layers, *destination*, etc.
Doing whois queries on the destination addresses can help a lot.
will list all processes connected to internet together with destination
IP and port used for communication. It will also log ammount of data
transfer. You will easy see what is going on.
You can also use netstat command in command prompt (Windows console) to
see active connections.