Over 1 million tech questions and answers.

Encrypted traffic

Q: Encrypted traffic

How does ATA deal with packet inspection of encrypted traffic?

Thanks

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Encrypted traffic

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 63.2

Hi everyone!!!

I've been tasked with running message analyzer to determine if data is encrypted from an endpoint. We are using MBAM and want to ensure that any data sent to MBAM application server is encrypted. Now, we know it is via https, but, we still need to verify this
(for audit purposes).

Can anyone provide some insight as to how I could use microsoft message anaylzer (or perhaps something better) ?

We are planning to run a capture for 24 hours. We also want to ensure data is encrypted from app server to sql server. 



Thanks all! 

Read other answers
RELEVANCY SCORE 62.4

Sorry for the inconvenience, about 3 days to the date this message is appearing to me, usually when visiting microsoft sites.



This happens to me both with version 10 of ESS and Kaspersky. But it does not happen with other antivirus and version 8 of ESET Smart.

It happens in Chrome and occasionally with Internet explorer 9.

Please, I am very worried about this behavior, which had never been presented to me before.

Read other answers
RELEVANCY SCORE 43.6

I keep getting this alert despite the amount of resources that I add to my Gateway.  
Our DC and Gateway are running virtually in VMware.  Distributed Virtual Switches are not an option so I have to resort to configuring Promiscuous Port Group.  
I configured a Promiscuous Port Group on the same Virtual Switch that the DC (and the rest of our servers) is connected , and assigned it the same VLAN ID as the DC. 
ATA is capturing and reporting traffic but I continually receive an alert for some network traffic is not being analyzed.  I have thrown double the resources at our Gateway's
than what the sizing tool identified, and still receive this alert.  At this point I have 24GB of RAM and 10 Cores allocated to my Gateway which is only capturing reporting on 1 DC.  At this point I am about ready to scrap ATA because of how resource
intense it is.  
Any ideas or suggestions?  Does it sound like I have the Promiscuous Port Group configured correctly, or is it possible that I am capturing ALL traffic for the VLAN assigned?  

Read other answers
RELEVANCY SCORE 42.8

Is there a good network traffic/broadband monitor that actually keeps track of ALL (really ALL) traffic in a network?
I have used quite a few (eg, Ethereal, ntop, network probe) but all of them kinda keep track of only traffic that is coming in and out of the PC they are run from.

I need one that really tracks every single transaction that goes on in the network, including PCs talking to PCs, PCs talking to servers, servers talking to PCs, PCs talking to printers, etc.

Would help a great deal if they are FREE too!

Anyone know of any good ones?
 

A:Network traffic/bandwidth monitor that tracks GLOBAL network traffic

Hi.

You may find something here...

http://www.freewarehome.com/Internet/Networking/Network_Monitoring_t.html
 

Read other 2 answers
RELEVANCY SCORE 40.8

Hello everyone here
Seem like I am and idiot to it's seem funny it's like lock the door and then throw the key to that room.
I was wondering whether how can I open certificate.ptx file if it's already encrypted. I suddenly found a video on youtube
about encryption thing that can be done by CMD i have no idea what is about just try and follow it i'm not really know
that all the files that save on my desktop are being encrypted automatically. I saw windows asked to save the certificate then I save it on my desktop later on my PC error so I move all my files on desktop to external drive and do Windows reset tool completely
reset. And I've just noticed I can open all my files which I back up :/
Please if somebody have solution please let's me know. Now i'm stuck with all my files like 120Gb :/
Regard,
Sela 

Read other answers
RELEVANCY SCORE 39.2

I know I have been hit by CryptoWall. I do however seem to see something that I have heard shouldn't be the case. I am hoping that this is a good sign. I have files that are duplicated but it seems that the original file is still there. ex.
 
Kidz Club.jpg   
 
AND
 
Kidz Club.jpg.5aa
 
Problem remains the same both files are encrypted. Didn't know If this has been reflected in other forums and is something that is recoverable.
 
A response would be appreciated
 
Thanks for all you guys do.

A:Files encrypted but both regular and encrypted files remain.

A repository of all current knowledge regarding CryptoWall is provided by Grinler (aka Lawrence Abrams), in this tutorial: CryptoWall and DECRYPT_INSTRUCTION Ransomware Information Guide and FAQReading that Guide will help you understand what CryptoDefense does and provide information for how to deal with it and possibly decrypt/recover your files. At this time there is no fix tool for CryptoWall.There is also a lengthy ongoing discussion in this topic: CryptoWall - new variant of CryptoDefense. Rather than have everyone start individual topics, it would be best (and more manageable for staff) if you posted any questions, comments or requests for assistance in that topic discussion....from the above topic.CryptoWall victims,If you are thinking about paying the ransom, have decided to pay, or want to help test a few things for me, Please email me at [email protected] or PM me first.There may be other options for you, or can receive assistance with the infection.Nathan (DecrypterFixer), Security Colleague Post #273ThanksThe BC StaffNote: Although this infection has numerous similarities to CryptoLocker and CryptorBit, there is no evidence that they are related other than that they do the same thing.

Read other 1 answers
RELEVANCY SCORE 32.8

hi,

Lately, at around 1 PM my time, the traffic of my connection is always 48 KB/s (i have 384 kbps internet connection), i see that is maximum speed i got. but the problem is everytime i browse, it's so slow.

My download speed from JDownloader is also drastically decreased from maximum 48 KB/s to 5 KB/s max. so i guess something is using my bandwidth!

maybe it's a trojan, and how to monitor which site or program uses it with nice interface (i can't read machine language)?
thank you

A:how to know how much traffic is used by which

Some firewalls will log traffic. Do you have antivirus and a firewall you use?

Read other 6 answers
RELEVANCY SCORE 32.8

how can you tell if a web site has high volume, by looking at it?
 

A:web traffic

Read other 12 answers
RELEVANCY SCORE 32.8

Can you help me please?My pc seems to be infected with the "bigtraffic" bug.My log file is as follows:Logfile of HijackThis v1.99.1Scan saved at 20:07:11, on 20/09/2005Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINNT\system32\spoolsv.exeC:\WINNT\System32\svchost.exeC:\PROGRA~1\Iomega\System32\AppServices.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINNT\system32\regsvc.exeC:\WINNT\system32\MSTask.exeC:\WINNT\system32\ZoneLabs\vsmon.exeC:\WINNT\Explorer.EXEC:\WINNT\ucfzsvc.exeC:\WINNT\System32\WBEM\WinMgmt.exeC:\WINNT\system32\svchost.exeC:\Program Files\Iomega\AutoDisk\ADService.exeC:\WINNT\system32\svhost.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Iomega\AutoDisk\ADUserMon.exeC:\Program Files\Iomega\DriveIcons\ImgIcon.exeC:\WINNT ... Read more

A:Big Traffic Bug

Hello Mikew and welcome to the BC HijackThis forum. After reviewing your log I see a few items that require our attention. Please print these directions and then proceed with the following steps in order.Step #1Download CCleaner and install it but do not run it yet.Step #2Start in Safe Mode Using the F8 method:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.Use the arrow keys to select the Safe Mode menu item.Press the Enter key.Step #3Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:R3 - Default URLSearchHook is missingF3 - REG:win.ini: run=C:\WINNT\system32\svhost.exeO2 - BHO: CDownCom Class - {031B6D43-CBC4-46A5-8E46-CF8B407C1A33} - C:\WINNT\DOWNLO~1\ipreg32.dllO2 - BHO: ts - {4006DCA3-433D-4FC8-AC36-42DA7797DCB7} - C:\WINNT\system32\bho.dllO2 - BHO: ohb - {9ADE0443-2AB2-4B23-A3F8-AC520773DE12} - C:\WINNT\system32\nsl33.dllO2 - BHO: (no name) - {A9AEE0DD-89E1-40EE-8749-A18650CC2175} - (no file)O4 - HKLM\..\Run: [System backup] C:\WINNT\system32\soft.exeO15 - Trusted Zone: *.addictivetechnologies.comO15 - Trusted Zone: *.awmdabest.comO15 - Trusted Zone: *.c4tdownload.comO15 - Trusted Zone: *.crazywinnings.comO15 - Trusted Zone: *.frame.crazywinnings.comO15 - Trusted Zone: *.megapornix.comO15 - Trusted Zone: *.overpro.comO15 - Trusted ... Read more

Read other 1 answers
RELEVANCY SCORE 32.8

is there any way I can look to see what is being accessed from my computer while I'm online?
 
I have alot of intelectual property and buisness things on my HD that I would not be cool with others seeing.
 
I have TrueCrypt but still not sure how to lock some of those indiviual files down.
 
any help is appreciated thank you in avance.

A:Traffic ?s

hey guys i know your all volenteers but I dont even know if anyone has looked at my questions yet. someone please let me know if it is a dead end for me or if I should just use the part of the forum to see if anthing is on my computer that could have comprimised it.

Read other 3 answers
RELEVANCY SCORE 32.8

How can I encrypt outgoing internet traffic or IMs? Anyone? Thanks in advance........ UGW!
 

A:Traffic?

Hiya

Just going through the old posts.

When you say Outgoing Internet Traffic, are you maening emails etc? If so, one of the bes out there is PGP.
http://www.pgp.com

Also, have a look at this: http://www.cert.org/encyc_article/tocencyc.html

What are IM's?

Regards

eddie
 

Read other 1 answers
RELEVANCY SCORE 32.8

My company uses IBM Lotus Notes for email, but because I would never wish that program on my worst enemy, I am using Microsoft Outlook with the Lotus DAMO software. For the first few months it had been working great and then I began experiencing a warning message claiming that Outlook could not find a connection to the server, but would resume syncing once the connection was established. This connection process has gotten progressively worse and takes anywhere from 30 minutes to several hours before Outlook is able to establish a connection. Out of curiosity, I began watching network traffic to see if there was anything I could detect. Sifting through the traffic, I discovered TCP incoming/outgoing traffic to 195.22.26.248. I did some research and found that this IP has been associated with malware and that the resolve host is Anubis Networks located in Portugal. The traffic seemed to be generated at the same time I would push the Send/Receive button in Outlook. I have added firewall rules to block any incoming/outgoing traffic from 195.22.26.248. I've loaded MBAM and completed scans with no results, I have loaded Hijack This and did not see anything unusual; I've run a few different rootkit scanners that came up empty as well.
 
I apologize for the long description. What can I do to determine if this is indeed something to be worried about. Thank you.

Read other answers
RELEVANCY SCORE 32.8

Hi guys.........nice site......pleased I found you.....

desktop pc on XP Pro sp2
laptop on XP home
Both connected to internet via wireless router.
Both set up using network connection wizard
Both have SFS set to enabled
router security disabled

The problem I have is this......

Both pc's connect to the web no problem....
My network places on the desktop shows all shared files on desktop and laptop
and I can access all the files in that direction
My network places on the laptop shows only the shared files on the laptop, and none on the desktop.

(working on the laptop)
When I click 'view workgroup computers' both the computers are there.....
but when I try to open the desktop, it gives me the 'cannot access etc'...
'may not have permission etc'...........

I have just read every post in this thread and tried everything mentioned, with no joy...

the router is on 192.168.2.1
the desktop is on 192.168.2
the laptop is on 192.168.2.5
windows firewall disabled
zone alarm set with permissions for above IP's and also tried whilst switched off.
even tried changing the 'restrictanonymous' value to zero in the registry....
nothing seems to change it.

I don't know what else to try.....It will no doubt be something too simple that I've overlooked
Or it might be that I killed a robin when I was five or something.....

Any help really appreciated.....

...........frostyboy...........
 

A:one way traffic

Read other 12 answers
RELEVANCY SCORE 32.8

I can log onto the internet ok, but after that the problem begins. Its sort of hard to explain but here goes -- When i click on my outlook express to bring up my email, OR click on a web page, the two-screen icon on the task bar SOMETIMES doesnt start flashing for an extended amount of time, (it varies). I don't know if its the ISP, my phone connection, the software or the PC. Where should i start to fix this?

A:in & out traffic

Can you access your email or go to any websites when that happens? When it's not flashing, what it usually means is that there is no data coming in or going out.

Read other 6 answers
RELEVANCY SCORE 32.4

Hi there,
I run a server which runs an internt radio staion, and some games servers e.t.c , so its obviousally not the mst secure.
It also runs a domain network, with CAT5 and VPN connected clients!

Yesterday, it stopped asiging IP Address, and the Remote desktop software I was using to access it stoped working as well.

I thought maybe over night the problem might mysterously disipear as it came. But it got worse, this morning it was being a bit tempormenatal, and I had resulted by maunually siging IPs on the computers i needed connected.

Now the server does not seam to be accepting any incomming connections besides terminal servcies.
There is no DHCP, no shares, No internet, no nothing besices terminal serves (which runs very slowly)
I have scanned with avast and Lavasoft anti spyware, they both found and remboved a few minor things, and still the problem moves on.
Harware and firewall wise, I have recently put Comodo firewall on some of the client PCS, and instaly took it off my main pc yesterday. The server has nothing, besides the firewall within the router.
Besides the Comodo firewall, nothing has really changed much deliberiatly.
I have just restarted everything on the network, and the same problem arrisies, and I have ironed out the fault being the router, as i have now configured this computer's IP to work stright off the router, (Hence how I am on the internet now)
I urgently need to sort this problem as obviousally i have clients unable to access it... Read more

A:No traffic!!? - Emergentcy..please help!!

Read other 16 answers
RELEVANCY SCORE 32.4

Help me if you can, After receiving the email attached below I ran full scans with MS Security Essentials as well as Malwarebytes anti malware without finding anything, yet according to the email I have a zeroaccess infection. Is this a false positive identified by AT&T or do I have something hidden on my PC? (EMAIL I RECEIVED)***********************************************************For the fastest response, please ensure that you retain thesubject line, and direct all replies to this warning letterto [email protected]***********************************************************IMPORTANT COMPUTER SAFETY NOTICE from AT&T Internet ServicesSecurity Center - "Bot Traffic Detected"******* *****,AT&T has received information which indicates that a device accessingthe Internet via your Internet connection is infected with malicioussoftware. Our investigation shows the following IP was assigned to youat the indicated time and was being used to provide DNS services to azombie computer network, also known as a Botnet.At Fri, 25 Oct 2013 00:02:16 +0000, your IP address was: **.***.**.**Type of infection (if known): ZeroAccessSource Port: 49156Destination Port: 16470Destination IP: 70.xx.xx.19Botnets are networks of compromised computers under the control of ahacker or group of hackers. Botnets are often used to conduct variousattacks ranging from denial of service attacks on websites, tospamming, click fraud, and distribution of malicious software.To address... Read more

A:Bot Traffic Detected

No worry, do you get on chats. that can false positive

Read other 6 answers
RELEVANCY SCORE 32.4

Group:
 
Within the last several days I have not been able to reach several links and the attempts seems to end up at:    traffic.outbrain.com    and then does nothing.  Is there some kind of virus, malware or something that may be trying to redirect the link to somewhere else?
 
Appreciate any suggestions or comments

A:traffic.outbrain.com

Hello sailor, it's possible you have a browser hijack.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 
Download TDSSKiller and save it to your desktop.
Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
.
.
.
Please download Malwarebytes Anti-Malware and save it to your desktop. Important!! When you save the mbam-set... Read more

Read other 7 answers
RELEVANCY SCORE 32.4

My query is about the high traffic there is in a couple of pc's that i have, they are virus free, the statistics for the lan connection show millions of packets received and transmitted in a 2' time.
Opinions?
 

Read other answers
RELEVANCY SCORE 32.4

Hi guys,

I'm looking for a good (free) traffic generator to test and beef up my web server. I would love it to be able to fire simultaneous HTTP connections to many URLs at ones, and preferably be able to save that config, so I didn't have to set it up each time.

It would also be beneficial to have it be able to emulate TCP. UDP and ICMP training in the same way.

Any ideas of anything that does this? I've tried the Nsasoft stuff, but it doesn't allow me to save config, plus it's 2 separate interfaces, and I can only enter URL per instance.

Any help would be gratefully received.

Regards,

Rob.
 

A:Traffic generator

Read other 16 answers
RELEVANCY SCORE 32.4

Hi. I recently received a message from a posting board/ bulletin board type site and there was a link with the message. I did not click the link, but I did copy and paste it into the url box and then I went to that page. If the link in the very suspicious message was linked with an auto-execute RAT and I cut and pasted it, if it had been created by an expert at sending RAT links, could it have infected my computer? I've noticed suspicious behavior on my computer like tabs closing without me closing them, the computer slower....

My main question here is.... I have read in the past that the best way to tell if someone is on your computer is to monitor traffic. Can you tell me how to do that? If someone is on my computer, then they are reading this message. If I were to try to monitor traffic, could they just 'log-off' or something when I started to monitor it and then get back on later/ tomorrow thereby the traffic being monitored would not see them?

Please help!
Thx
 

Read other answers
RELEVANCY SCORE 32.4

Does anyone know how to fully remove Traffic Syndicate/Hu? Mcafee finds it on every scan, but can't fully remove it.

Thanks
djpete665

A:Traffic Syndicate/Hu

If it's a toolbar installed...remove the toolbar, using Add/Remove Programs.

Appears to be adware, should be able to be removed by SUPERAntiSpyware and/or Malwarebytes.

Louis

Read other 1 answers
RELEVANCY SCORE 32.4

Traffic exchange is a popular concept on the Internet, referring to the exchange of web traffic on the World Wide Web.

Usually, a central exchange site receives submissions from website operators. They sign up for traffic exchange networks. These people then browse other member sites on the exchange program to earn credits, which enable their sites to be viewed by other members. This increases the number of visitors to all the sites involved, but does so in a way that seems to have little benefit for the participants.

Exchange programs typically enforce a 2-to-1 or 4-to-1 credit ratio, meaning members earn 0.5 or 0.25 in credit for visiting one member site, and each credit is translated to one page view for them.

In theory, website owners would visit other sites through the central exchange program and thus channel more traffic back to their own sites. As the viewers are all website owners or operators, it is possible that some of them might find certain member sites interesting and thus make note of them on their own sites, sending more traffic their way. Most traffic programs also impose a time limit when members are browsing, ranging from 60 seconds to 10 seconds. Some incorporate the use of captcha to ensure user interaction, although there are exchange programs that let members browse without manually clicking, automatically moving on to the next site in rotation once the time limit is up.

Almost all traffic exchange programs are free, although many of them o... Read more

A:Traffic to your website

You should choose your traffic exchanges carefully though. They come and go very quickly, often disappearing in the night with paying members hard earned.

Choose well established exchanges with proven records. Many claim to drive targetted traffic to your site but is it really?

Email the owner and ask lots of questions before parting with your cash. Do they answer your questions, if not then avoid using them.

They are also a breeding ground for malware. Make sure you are well protected ie ALL your software is up to date, especially Operating System, Anti-Virus, and any pop-blockers, spyware blockers etc. Make sure your firewall is protecting you. Scan your ports with security checkers at Gibson Research or Symantec to make sure. Switch off services you don't need.

Know each exchanges terms and conditions, many sites break them eg more than 2 popups (I believe most exchanges allow 2), sites breaking out of frames etc and report them to the exchange.

And remember if it looks too good to be true then it usually is. There are many gullable people trying to get rich selling you a get rich quick scheme, avoid them like the plague.

Be aware that a well written site will get most of it's "targeted traffic" from search engines not traffic exchanges. Content is crucial once your visitor lands on your site you want to keep them coming back for more.

Read other 1 answers
RELEVANCY SCORE 32.4

Ever since implementing ATA, we have been generating alerts from our firewall for blocked traffic on port 135. The traffic is only into one of our environments. Does anyone know what ATA is doing on port 135?

Read other answers
RELEVANCY SCORE 32.4

Hi ZoneAlarm had just detected VPN traffic, should I be woried?

A:Detected VPN Traffic

Do you have VPN setup on your machine ? Did you let it trough ?

Read other 2 answers
RELEVANCY SCORE 32.4

plz anybdy tell me that i want inspect my network that who is chatting ,who is downloading movies,what are the site users are visitng, p2p file share etc etc

i want keep watching all these activities and monitor some time i want to block particular application like p2p, chating etcetc

is there any s/w that can help me

plz reply asap
 

A:traffic monitor

what kind of router do you have?

how big is your network?
 

Read other 1 answers
RELEVANCY SCORE 32.4

I have about 300 computers on my network and want to isolate a department. That department is generating to much traffic. I don't know if I should use a bridge,Ethernet switch or create a workgroup for them. I still need the deparment to be on the same network.

Thank You,

julia
 

A:Traffic on the Network

A workgroup won't really help with router traffic. It's just a logical arrangement for the computers.

I don't honestly know enough to say whether a bridge would be better, but I would think a switch would be more cost effective.

Hopefully someone with a bit more knowledge about this will reply soon.
 

Read other 2 answers
RELEVANCY SCORE 32.4

Hi,

I have a 2008 R2 Server Running 2 Websites, 1 Lan card with 2 Different IP. I need to Monitor each IP to find out if one is creating a bottle neck for the other.

E.g.
Web1: mywebsite.com
IP1: 192.168.1.100

Web2: yourwebsite.com
IP2: 192.168.1.101
I need to monitor 192.168.1.101 & 192.168.1.100 so i can find out if one is using more bandwidth than the other.
 

A:Need a Traffic Monitor

Read other 6 answers
RELEVANCY SCORE 32.4

Is there any programs on windows 7 that can limit bandwidth?

My problem is that when someone streams a video or downloads something it lags the online game im playing .

If anyone has another solution i would be glad to hear it.

A:Traffic shaping

Hi John, and welcome to SevenForums.

Can you tell us more about your setup? Such as are you on a network? What kind of router/modem are you using?
Things like that would help us identify how and what your problem actually is, and how to fix it.
Cheers

Read other 3 answers
RELEVANCY SCORE 32.4

Dear All,

I want to monitor my network traffic. Which tool I will have to use for that and how to monitor network traffic. Please help me everyone because this is very important question which I will have to face in interview.

Thanks in advance
 

A:Network Traffic

http://www.wireshark.org/
 

Read other 2 answers
RELEVANCY SCORE 32.4

I used a network utility called ShowTraf 1.7 and it identified one computer on our network that was sending TCPIP packets back and forth to an outside computer. Our computer was sending messages to an outside computer on port 7125 and was recieving on port 1050. I tried to check for any possible legitimate reason why this was occuring but could not find one.I have installed/uninstalled a couple of anti-virus programs but they have not been able to detect anything. Someone pointed out that if there was a virus it may have a rootkit which would interfere with the anti-viruses working properly. They recommended HijackThis as a next step in diagnosing this problem. So, following the instructions here is the HijackThis log. Any ideas out there?*************************************************************************************************Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:21:04 PM, on 1/22/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spo... Read more

A:Unidentified IP traffic

Hello DavidH_LAWelcome to BleepingComputer ========================Please download DDS and save it to your desktop.Disable any script blocking protection Double click dds.scr to run the tool. When done, DDS.txt will open. Click Yes at the next prompt for Optional Scan. Save both reports to your desktop.---------------------------------------------------Please include the contents of the following in your next reply:DDS.txtAttach.txt. ================Download the GMER Rootkit Scanner. Unzip it to your Desktop.Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.Double-click gmer.exe. The program will begin to run.**Caution**These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!If possible rootkit activity is found, you will be asked if you would like to perform a full scan.Click NOIn the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.Now click the Scan button.
Once the scan is complete, you may receive another notice about rootkit activity.Click OK.GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt" Save it where you can easily find it, such as your desktop.Post the contents of GMER.tx... Read more

Read other 1 answers
RELEVANCY SCORE 32.4

I noticed that it would take my email anywhere from 30 minutes to several hours to sync with the email server. Using wireshark, I discovered every time I'd see Outlook attempting a sync, it would try hitting 195.22.26.248. I set a firewall rule to block incoming/outgoing traffic from that address and my mail would sync immediately. Several days later, mail began hanging again and wireshark revealed traffic from 195.22.28.210. I expanded the firewall rule to block traffic from 195.22.24.0/21. Also, using nslookup shows 195.22.28.210 as a non-authoritative nameserver. My FRST report:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by Jefft (administrator) on 368-JEFFT-LT2 (25-10-2016 14:50:36)
Running from C:\Users\jefft\Downloads
Loaded Profiles: Jefft (Available Profiles: Jefft & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Dell Inc.) C:\Windows\System32\CmgShieldSvc.exe
(Dell Inc.) C:\Windows\System32\EmsService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Disp... Read more

Read other answers
RELEVANCY SCORE 32.4

My ISP sent me an email saying someone using my IP address has been involved in copyright infringing activity. I know who it is - I need to be able to monitor their Internet usage in order to lock down access to the sites they're getting to in these activities, and possibly even limiting the amount of bandwidth available to them or the PC they use. I've not seen a product that will allow for capturing and logging IP addresses access on individual PCs, an app that loads automatically and monitor/log in the background. The account in question is not an admin account. I don't have a gateway PC so this monitoring/logging app/software would have to reside on the PC.

Read other answers
RELEVANCY SCORE 32.4

Hello,

I did some searching on this topic and saw the answer was to turn off default gateway. I work at home and am connected to my home network and VPN into my work network so outlook will work. If I look at my VPN Status, it says IPv4 connectivity - no internet access- and IPv6 connectivity no network access.

From what I was able to find this is how I want it set up so that my general internet browsing it not going over my VPN. Can you confirm that's what IPv4 no internet access means?

My home network says IPv4 connectivity - internet -
 

Read other answers
RELEVANCY SCORE 32.4

Hello, all!

Trying to fix my wife's computer (Toshiba Ultrabook, purchased 08/2013, W8 as a standalone workstation) - I haven't been on it ever before; not very W8 fluent.

Symptoms:

Can't load anything in IE or Firefox, including local router web interface
Can't RDC or FTP
CAN ping websites

On login, balloon appears:
Failed to connect to windows service; Windows couldn?t connect to the Windows All-User Install Agent service
Service isn't running, but starts on my command without issue. It's set for Automatic startup. Starting service does not resolve any issues.

Ran SFC... From cbs log:
DIRSD OWNER WARNING ? about 600 instances, mostly in C:\windows
"Ignoring duplicate ownership for directory?" another 600 instances

My wife's account is an Admin account. While in her account, I created a new user account, also admin. This new account has the same issues as my wife's.

I don't know of any other problems with this computer.

Starting to run out of ideas, any suggestions would be greatly appreciated. Thanks!

As another bit of info, this weekend my wife used an older WD external USB HD for the first time. She didn't experience any difficulties, except the "safely remove device" attempt was never successful. Not sure if this is correlation or coincidence.

A:No internet traffic (mostly)

Hello, did this problem start right after installing or updating an antivirus program?
Lets see if its a browser or a Network problem.
Install another browser either from download if you can or bring it from another pc via usb stick.
Are you wireless or wired?

Read other 2 answers
RELEVANCY SCORE 32.4

Is there a way to find out if a logged on user is downloading/uploading huge data across the LAN and even from the net?.

E.g.

You notice that the LAN is slow and you click on the 'Local Area Connection Status' icon in your systray and it tells you that there is high traffic.

Now, how do I check where that traffic is coming from on the LAN?

LAN is Windows2000 Client and Win2003 Server
 

A:Tracking Traffic Over The LAN

you need a network packet monitoring or analyser
 

Read other 2 answers
RELEVANCY SCORE 32.4

Is there any way (using included software, free software or commercial software) to prevent Windows XP Pro to solve this problem:

- I connect to a PPTP VPN
- I start program that uses the network connection
- The VPN suddenly break av disconnects
- The applications now silently starts using the "ordinary" Internet connection

I would like to have it like this:

- I connect to a PPTP VPN
- I start program that uses the network connection
- The VPN suddenly break av disconnects
- The applications gets no access to Internet until the VPN is connected again
 

Read other answers
RELEVANCY SCORE 32.4

I noticed that it would take my email anywhere from 30 minutes to several hours to sync with the email server. Using wireshark, I discovered every time I'd see Outlook attempting a sync, it would try hitting 195.22.26.248. I set a firewall rule to block incoming/outgoing traffic from that address and my mail would sync immediately. Several days later, mail began hanging again and wireshark revealed traffic from 195.22.28.210. I expanded the firewall rule to block traffic from 195.22.24.0/21. Also, using nslookup shows 195.22.28.210 as a non-authoritative nameserver. My FRST report:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by Jefft (administrator) on 368-JEFFT-LT2 (25-10-2016 14:50:36)
Running from C:\Users\jefft\Downloads
Loaded Profiles: Jefft (Available Profiles: Jefft & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Dell Inc.) C:\Windows\System32\CmgShieldSvc.exe
(Dell Inc.) C:\Windows\System32\EmsService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Disp... Read more

A:Seeing Traffic from 195.22.26.248: Possible Botnet?

hi,
 
Dont see anything in the logs that looks out of place.
Usually only here once or twice per day so you may not get a reply back from me until the following day.

Read other 6 answers
RELEVANCY SCORE 32.4

Hi,
I have a D-link 614+ router and am using Windows XP

Is there a way to monitor internet traffic for individual computers on the LAN either with the router or third party software? I can get a total for the whole LAN but I want to know who's using what!
 

A:Traffic Monitor

If this router won't do it, is there one that does?
 

Read other 1 answers
RELEVANCY SCORE 32.4

Hello,

I have a LAN of about 10 computers and we conect to internet via a switch. I want a software to monitor which computer consumes internet speed

A:Network traffic

Would resmon not do the trick?

Read other 1 answers
RELEVANCY SCORE 32.4

I'm running Sunbelt VIPRE and Firewall. I notice, late at night, from my modem diodes, that my computer is either sending or receiving large amounts of data. Scans (including rootkits) claim that I am clean. How can I identify what software or source is producing this traffic?
 

A:Traffic Identification

Read other 6 answers
RELEVANCY SCORE 32.4

I have been having ping trouble for months in the late afternoons into the evenings with my cable internet connection with no router. My pings are perfect around midnight through the morning so I assume my trouble is due to local traffic, will upgrading my internet speed help the problem? can I change providers to completely fix the problem or will it be the same no matter who the provider is? Is there anything i can do? The techs for my isp dont seem to be very bright.

Im in Columbus Georgia using Knology internet service
Windows XP
 

A:Question about traffic lag

Ask your ISP if it would be possible to move you elsewhere on their server.
 

Read other 1 answers
RELEVANCY SCORE 32.4

I use NetMeter to monitor in and outbound traffic to my computer, and starting a coupple of months ago, every once and a while, a series of a thousand or so 2.25 to 3Mb/s upload spikes start, amounting for almost 1Gb per day!!!!!

the spikes occur every 20 seconds, like clockwork.

i'll post a screenshot from netmeter next time it happens.

the odd thing is, no antivirus i've tried has found anything! same goes for antispyware!

whenever i start deleteing processes from the process list, it stops, then comes back after a coupple of minutes! also, if i am running on wifi, plug in my network cable, wait for it to connect, and disable wifi, the pulses subside for a bit, then come back!

i'm concerned because of the incredible ammount of data involved, and, it seems to have been increasing iver the past month.

Luckily, all the important data on my machine is encrypted, but, if the spikes are a data transfer, encryption won't mean $#!7.

any ideas?
screenshot comming soon.
 

A:Odd network traffic

Read other 8 answers
RELEVANCY SCORE 32.4

I am helping a friend with his website and I was wondering if anyone had any good recommendations for promoting that site. I have already added some meta tags and submitted it to search engines but, the site isn't showing up very high up the ranks, if it shows up at all. I need to figure out a way to help him get this site some exposure. Any suggestions would be appreciated. Thanks.
 

A:Web site traffic

You might find this link usefull
http://selfpromotion.com/

 

Read other 1 answers
RELEVANCY SCORE 32.4

Can anyone walk me through trying to fix my networking issue? Is that allowed in this section?

If so, I've got a computer connected to our network, and it's able to access all the other computers on the network, but trying to access it from the server and I get nothing. Even trying to ping it from the command prompt it times out. However, pinging the server from the computer it kicks back immediately. It's not a firewall issue because I've turned it off and still cannot connect to it from the server. I recently had to remove some scareware from this computer, and that's when the networking issue started.

Any ideas?
 

A:One-way traffic on a network

*ping*

Anyone?

ICMP enabled, DHCP enabled, firewall off. Nothing doing. Workstation sees everything on the network and can access shared folders and ping all other workstations. But the rest of the workstations and the server "see" the troubled workstation, but cannot contact it.
 

Read other 18 answers
RELEVANCY SCORE 32.4

Wy do I see my laptop sending and receiving data when I am not surfing nd how can I find out what and who it is sending and receiving the data?
 

A:internet traffic?

Using the command prompt you can do what is called a netstat, it will show all communications on the network, and what program is associated with them.

The command would be the following, be sure to include the 4 spaces in the command.
This is a snapshot of current activity, use F3 and enter to run it again.

netstat -a -b -n -o

.
 

Read other 3 answers