Network Activity question

  • Thread starter Thread starter JG
  • Start date Start date
J

JG

Hi All,
I have 3 icons in my system tray.
1. Local Area connection
2. Internet Connection
3. Bridge linking 1&2.

1&2 are continuously sending and receiving packets. I have installed
multiple Antivirus, Firewalls and Spyware programs, none of which detected
anything. This problem started about 4 weeks ago. Any ideas on how to stop
this activity would be helpful?
Thanks.
John.
 
Hi All,
I have 3 icons in my system tray.
1. Local Area connection
2. Internet Connection
3. Bridge linking 1&2.

1&2 are continuously sending and receiving packets. I have installed
multiple Antivirus, Firewalls and Spyware programs, none of which detected
anything. This problem started about 4 weeks ago. Any ideas on how to stop
this activity would be helpful?
Thanks.
John.
Click to expand...

John,

Every computer, when connected to the network, will show network traffic, as
being on the network involves talking to other computers. Most Antivirus,
Firewalls and Spyware programs, if they are worth anything, will check with
their home servers to see if any changes are required. This will generate still
more traffic.

If you're truly concerned about malware, stop what you're doing. Get
HijackThis, make a scan of your computer, and have the scan interpreted by
experts.
<http://nitecruzr.blogspot.com/2005/05/interpreting-hijackthis-logs-with.html>
http://nitecruzr.blogspot.com/2005/05/interpreting-hijackthis-logs-with.html

I will, right now, recommend Security Cleanup forum at DSL Reports.
<http://www.dslreports.com/forum/cleanup>
http://www.dslreports.com/forum/cleanup

Read their Mandatory Steps Before Requesting Assistance.
<http://www.dslreports.com/faq/13616>
http://www.dslreports.com/faq/13616
 
Hi
Download this utility, and run it. It would provide information about the
traffic.
http://www.microsoft.com/technet/sysinternals/utilities/TcpView.mspx
In addition, look at your Firewall Log and see what the nature of the
outgoing traffic is.
I hope that your phrase: “have installed multiple Antivirus, Firewalls and
Spyware programs”. Does not indicate that you installed few active guard
application of the same type.
Multiple active guard protection applications of the same category do not
add protection, they add confusion.
Jack (MVP-Networking).
 
Thanks,
I unstalled before I installed a new one.
For 3 years my icons would only blink occasionally, then about a month ago,
they started to blink regularly and 1,000s of packets are being
sent/received. Here is the output of the TcpView. I'm not sure how to
interpret all this.
Any help would be appreciated.
John.

alg.exe:764 TCP 127.0.0.1:1032 0.0.0.0:0 LISTENING
isafe.exe:1336 TCP 127.0.0.1:1025 0.0.0.0:0 LISTENING
isafe.exe:1336 TCP 127.0.0.1:1026 0.0.0.0:0 LISTENING
isafe.exe:1336 TCP 127.0.0.1:1027 0.0.0.0:0 LISTENING
isafe.exe:1336 TCP 127.0.0.1:1025 127.0.0.1:1028 ESTABLISHED
isafe.exe:1336 TCP 127.0.0.1:1027 127.0.0.1:1029 ESTABLISHED
lsass.exe:204 UDP 0.0.0.0:500 *:*
lsass.exe:204 UDP 0.0.0.0:4500 *:*
svchost.exe:1152 UDP 0.0.0.0:1030 *:*
svchost.exe:1152 UDP 0.0.0.0:1050 *:*
svchost.exe:1484 UDP 127.0.0.1:1900 *:*
svchost.exe:1484 UDP 192.168.254.1:1900 *:*
svchost.exe:240 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
svchost.exe:792 UDP 127.0.0.1:123 *:*
svchost.exe:792 UDP 192.168.254.1:123 *:*
System:4 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
System:4 TCP 192.168.254.1:139 0.0.0.0:0 LISTENING
System:4 TCP 192.168.254.1:139 192.168.254.5:3222 ESTABLISHED
System:4 UDP 0.0.0.0:445 *:*
System:4 UDP 192.168.254.1:137 *:*
System:4 UDP 192.168.254.1:138 *:*
vetmsg.exe:1036 TCP 127.0.0.1:1028 127.0.0.1:1025 ESTABLISHED
vetmsg.exe:1036 TCP 127.0.0.1:1029 127.0.0.1:1027 ESTABLISHED
 
David said:
Last time 13 worked for me, but if the OP isn't using a specific flux
capacitor it could cause problems, I'd suggest 33 in that case.
Click to expand...

You're all wrong. Haven't you been paying attention. Today, the number
that matters is 44.
 
Back
Top