Excess Unknown Internet activity

[Guest]

Win XP Pro SP2 / 256 MB RAM / Intel Celeron 2.66 GHz

Excess Unknown Internet activity

Of late, noticing a lot of background Internet activity.
I'm on a small home-net LAN w/ each comp connected to a hub
which goes to an ADSL router connected to telephone line.

Although I've not gone on the Internet today, I see
constant activity at the Internet Monitor icons in the
Notification area.

When check "status", I see, by now, 5 MB sent / 20 MB received -
and yet I've not initiated any Internet activity myself today.

I've uninstalled a few unused programs including everything
to do with Google DeskTop. My antivirus has already updated
this morning and that took only a few seconds.

What could be going on? and where all all these 5 MB of
"sent" coming from and where are those 20 MB "received"
(up til now and growing) going to?

How can I determine what's going on and how to stop it?
(rcvd 26 MB by now).

Thanks in advance,

 

[Guest]

Various possibilites:

Advertising parasite:

Scan with Ad-aware or Hijack This.
Look for suspicious processes in Task Manager.

Screensaver/Wallpaper downloader.
Look for entries in Add/Remove Programs.

P2P software:

As above, and find out who/why installled.

Unsecured wireless link:

Turn on encryption.

Hpe this helps.

Other way of tracing this is to stop the processes in Task Manager one by
one until the activity ceases. The you've found your culprit.

 

[Richard G. Harper]

Could it be the latest Windows Updates downloading, or your antivirus
downloading updates, or your antispyware product, or ... ???

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[Guest]

02:45 Thailand time - start...

OK. Thanks. Got that. I'll check. Here's what I can say so far:

It stopped for while in afternoon during the time I was off/on downloading
free aps and XP Help info. When got back up here later in evening, it was
going
strong again. It's now at 18/66 MB and counting....

I've seen this situation before somewhere. Surprised no one else has noticed.

Been advised the network traffic monitors in notification area could be
following traffic between the 3 pc's on this home net. But can't be. For
one thing, the other 2 have been off for many hours.

I will now answer each of your below suggestions:

Various possibilites:

Advertising parasite:

Don't think so. Updated & scanned w/ Spybot, Adaware, McAfee, AVG.
Did find a few false leads and some old, benign trojans tucked away in
some zip files. Will try Hijack this shortly.

Scan with Ad-aware or Hijack This.
Look for suspicious processes in Task Manager.

Will check...

Screensaver/Wallpaper downloader.

Not likely. Deleted the only one I know of that somebody had in here.

Look for entries in Add/Remove Programs.

I'll check again.

P2P software:

Not sure what that means, exactly. Don't know much about Peer-To-Peer. Did
un-install stuff like Azureus and Bittorrent, et. al., though...

As above, and find out who/why installled.

As I said, not v. clear on the concept yet. Originally this PC was under
another
person's control for about 6 months; but they're not into any of what you
speak.
It's beyond them. Since then I've cleaned it and added my own junk over past
6 months. So it must be my doing - and probably recent...

Unsecured wireless link:

Not into it. Nothing in this neighborhood, anyway. No way. Boonsville.

Turn on encryption.

Hole in brain on that one too. What encryption? I'm on FAT32 and don't
go for Accounts & Passwords either, as no need. Set it up for the 2
downstairs though. Nobody ever comes up here hardly and file transfers are
rare and
999 out of 999 times done by yours truly only. Windows Firewall up and lots
of stuff unticked today in those fancy exceptions etc., menus. No help.

Hpe this helps.

Sure does! Appreciate. Every bit helps!

Other way of tracing this is to stop the processes in Task Manager one by
one until the activity ceases. The you've found your culprit.

That'll be fun - in the sun; but if all else fails, it might do the trick.
It's funny though; it usually turns out to be something real simple or
stupid in the end.

Come to think of it, it might even be some free (contaminated) ap I may
have installed recently and forgotten about and that got missed by all the
scans. Hope it's not a rootkit or that recent 'buffer overflow' thing.

Anyhow, I'm not that click happy, either at spam, unknown email sources
or two-faced websites and I "normally" make a preliminary check on any
downloaded ap before I mess with it. But then again...

Thanks again for all the good tips. Will go thru them one by one in the
morning.

 

[Guest]

Appreciate the advice. However, we can pretty well rule out those
first 3, believe me.

Will let you all know when and if I have any luck...

Thanks,

--
Ted...

Could it be the latest Windows Updates downloading, or your antivirus
downloading updates, or your antispyware product, or ... ???

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Win XP Pro SP2 / 256 MB RAM / Intel Celeron 2.66 GHz

Excess Unknown Internet activity

Of late, noticing a lot of background Internet activity.
I'm on a small home-net LAN w/ each comp connected to a hub
which goes to an ADSL router connected to telephone line.

Although I've not gone on the Internet today, I see
constant activity at the Internet Monitor icons in the
Notification area.

When check "status", I see, by now, 5 MB sent / 20 MB received -
and yet I've not initiated any Internet activity myself today.

I've uninstalled a few unused programs including everything
to do with Google DeskTop. My antivirus has already updated
this morning and that took only a few seconds.

What could be going on? and where all all these 5 MB of
"sent" coming from and where are those 20 MB "received"
(up til now and growing) going to?

How can I determine what's going on and how to stop it?
(rcvd 26 MB by now).

Thanks in advance,