Expert: Carolyn Meinel - 1/26/2008

Question
I have disabled the automatic updating of Windows updates etc. yet my internet hub frequently indicates the downloading of soemthing. How do I find out what is being downloaded? I can only find out how much is being downloaded but not from where. My wireless Internet hub started going offline this week as for some reason the computer keeps locking at start-up. I have used restore to a previous restore point and am now using an Ethernet cable. Is there a suitable software that can check out what's going on?

Answer
One way to find out what's going on is to install a packet sniffer. You can read about them and get links to free Windows packet sniffers at http://netsecurity.about.com/cs/hackertools/a/aafreepacsniff.htm

If you don't mind spending money to get an answer to your problem, and you want something easier to use, I recommend Zone Alarm Pro from zonelabs.com. Set its alert level to high and when this happens, it should pop up a window telling you a little bit about what is happening. Then if you want to know more, the popup window will give a link to the Zone Labs website telling you what they know about that particular problem.

However, there are so many un-good things going on in the Internet, there is no guarantee that any of these tools will tell you exactly what is going on. If you install a user friendly firewall such as Zone Alarm, you can partially solve the problem by telling the firewall to deny the download.

My concern is that your computer might be infected with some sort of malware -- virus, worm, trojan, spyware, it could be anything. Blocking it from making downloads helps, but doesn't get rid of it. Here's how I suggest you check for malware that your current seurity programs may have missed.

1) Download F-Secure's Complete Internet security suite, which offers a free thirty day trial: https://store.f-secure.com/cgi-bin/dlreg/ml=EN?ID=FSISTB&desid=TRIAL

2) Disconnect from the Internet.

3) Uninstall your current antivirus. This is absolutely essential because otherwise it and F-Secure will fight each other and might crash your computer. It isn't good enough to just turn off your old antivirus because it probably has been crippled by your virus infection.

4) Install F-Secure.

5) Run a complete scan of your computer. Follow any instructions F-Secure might give you.

6) Reboot.

If this works, you can either keep F-Secure or uninstall it and reinstall your old antivirus from either a download of the latest version from their website (if that's how they sell it) or from the disk it was on when you bought it. Be sure to get all the latest updates right away. Usually antivirus companies are pretty good about updating their programs whenever some new virus figures out how to evade or cripple their product.