Welcome To Zombie.com

For system help, all hardware / software topics NOTE: use Coders Corner for all coders topics.

Moderators: Krom, Grendel

Post Reply
User avatar
bash
DBB Master
DBB Master
Posts: 5042
Joined: Thu Nov 05, 1998 12:01 pm
Location: Texas

Welcome To Zombie.com

Post by bash »

I think I'm a zombie. I've noticed activity on the router when none should be happening and even after I quit out of Outlook, when I look in the Task Manager it shows Outlook.exe running and using 50% of my CPU resources. This all started recently when I updated MS Office Suite. I also notice a new message when I start up Outlook that says *Some Application Is Trying TO Access Your Address Book, Allow or Disallow?* or something along those lines. Any guesses and any way to verify whether I've become a spam machine for the living dead? Thanks in advance for any insights.

I'm running updated AntiVir 24/7, as well as have firewall on and periodically check things with Spybot and Adaware. All come back with no alerts. Intel P4.
Top
User avatar
WarAdvocat
DBB Defender
DBB Defender
Posts: 3035
Joined: Sun Jun 23, 2002 2:01 am
Location: Fort Lauderdale, FL USA

Post by WarAdvocat »

Did you try an online virus scan? If not, I suggest Trend Micro's Housecall. It usually works even when malware has disabled Norton & Macafee :)

At the very least it's an additional angle of attack for you to try.
Top
User avatar
Avder
DBB Material Defender
DBB Material Defender
Posts: 4926
Joined: Sat Oct 09, 1999 2:01 am
Location: Moorhead, MN

Post by Avder »

Get a strong firewall that can be set to completely kill all net traffic except dhcp and dns. Sit online overnight with it, and check the log the next day to see if applications are trying to access the net without your consent. A good firewall should log the following things: The full path of the application that tried to access the net, the address they tried to contact, and what port they were trying to send from.

I cannot stress the full path thing enough because a lot of things will simply dump to %systemroot%\system32 and rename themselves to the names of often used programs in hopes that the firewall only checks the executeable name.
Top
User avatar
Top Wop
DBB Master
DBB Master
Posts: 5104
Joined: Wed Mar 01, 2000 3:01 am
Location: Far from you.
Contact:
Contact Top Wop

Post by Top Wop »

WarAdvocat wrote:...even when malware has disabled Norton & Macafee :)...
Last time that happened to me I just stopped using their ★■◆● and relied more on that Housecall (never had a reason to use it yet!) and Adaware. Common sense is the best anti-virus. I dont need a resource hogger to substitute for that.
Top
MD-2389
Defender of the Night
Defender of the Night
Posts: 13477
Joined: Thu Nov 05, 1998 12:01 pm
Location: Olathe, KS
Contact:
Contact MD-2389

Post by MD-2389 »

bash, download a copy of Hijack This! and post the log it generates.

Hijack This!
Top
User avatar
Grendel
3d Pro Master
3d Pro Master
Posts: 4390
Joined: Mon Oct 28, 2002 3:01 am
Location: Corvallis OR, USA

Post by Grendel »

Try Tcpview, look for weired connections..
Top
Post Reply

Return to “Tech Forum”