Wireshark-users: Re: [Wireshark-users] Tons of ARP packets...?

From: IchBin <weconsultants@xxxxxxxxx>
Date: Sat, 14 Jul 2007 12:13:40 -0400
Small, James wrote:
IchBin,

Still need to find the bugger who is causing that problem. Or more
interestingly where is this xxz0n3dxx.dyndns.org coming from on my
machine. I did a global text search for xxz0n3dxx.dyndns.org and only
found in 5 files but these related to the emails I have sent to this
newsgroup. Maybe I should look for just xxz0n3dxx or dyndns by
themselves.
When I see these Standard Queries, in real time, I see the Process-ids
associated but no associated program initiating that process.

If this is a Windows machine, One thing you can try is installing
ZoneAlarm of Kerio's personal firewall.  This allows you to selectively
block network access on a per process basis.  While it could be time
consuming, you can start with a default deny where when anything wants
network access you must approve it.  The obvious programs like your
browser and E-mail client you can grant access.  For other programs that
request access you can google their process/binary name to learn more
about them.  There is a wealth of information on-line.

Once you find a process you don't like, try using something like the
Sysinternal's Process Explorer to learn more about the process.  Then
hopefully you can uninstall/delete/disable it.

If you didn't already, you may want to try installing Windows Defender
or other anti-spyware programs to check the PC.  If it's just one
program you might be able to kill it.  If it's a nasty one though you
might have to re-image/re-format the machine.  Some nasties are almost
impossible to eradicate.

Good Luck,
  --Jim

_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users

Jim, as for spyware, viruses and etc programs I have already mentioned what I am using in one of the beginning message I wrote to this thread.