T
thx1138xxix
I was wondering if someone could help me figure something out.
When running TCPView, I'll see svchost establishing connections to
places that I don't recognize. And I was wondering if there is a way I
could find out ~why~ it's connecting to these places.
For instance today.. I logged on and my firewall alerted me that
svchost wanted to connect to download.windowsupdate.com. Okay, fine..
I accepted. It connected and there were no updates. But while watching
TCPView.. svchost connected (without alerting me) to a different IP
(195.10.34.87 :80). I couldn't find any info on that IP so I checked
my Process Explorer and saw that svchost was connected to " rsvd-
akamaiint-87.34.10.195.in-addr.arpa:http ".
I sat there and watched as over 10 megs of data was being received by
my computer and about 800k was being sent out. I didn't see an
automatic update icon appear as it normally does when downloading
updates.. so I wasn't sure what kind of data was being exchanged.
So I logged off and reconnected. Now svchost has connected again
(without any alert from my firewall) to 72.247.127.51:80.. which is
AKAMAITECHNOLOGIES.COM and has begun sending and receiving data once
again with no auto-update icon showing.
Is there ~any~ possible way to find out what kind of data is being
sent or received by my computer when this happens?
Please help?
When running TCPView, I'll see svchost establishing connections to
places that I don't recognize. And I was wondering if there is a way I
could find out ~why~ it's connecting to these places.
For instance today.. I logged on and my firewall alerted me that
svchost wanted to connect to download.windowsupdate.com. Okay, fine..
I accepted. It connected and there were no updates. But while watching
TCPView.. svchost connected (without alerting me) to a different IP
(195.10.34.87 :80). I couldn't find any info on that IP so I checked
my Process Explorer and saw that svchost was connected to " rsvd-
akamaiint-87.34.10.195.in-addr.arpa:http ".
I sat there and watched as over 10 megs of data was being received by
my computer and about 800k was being sent out. I didn't see an
automatic update icon appear as it normally does when downloading
updates.. so I wasn't sure what kind of data was being exchanged.
So I logged off and reconnected. Now svchost has connected again
(without any alert from my firewall) to 72.247.127.51:80.. which is
AKAMAITECHNOLOGIES.COM and has begun sending and receiving data once
again with no auto-update icon showing.
Is there ~any~ possible way to find out what kind of data is being
sent or received by my computer when this happens?
Please help?