Does anyone know of a free program that can be used to show what is accessing the net?
My ZoneAlarm is showing light to medium net traffic quite often even when no windows are open
and nothing has been caught by my AV/Spam/Ad/Spyware programs. I really want to know what
the heck is going on. Process Explorer and Task Manager have not been much help either.
As for Updates, the only one left running is Windows update and the AV update. Neither should
cause almost constant traffic.
Thanks,
CeaSaR
Free Net traffic monitor
Free Net traffic monitor
Hey, what do I know?
Re: Free Net traffic monitor
This is a link to Karen's Power Tools and her Net Monitor may help you as well as a few of her other tools. She provides the programs free and for those with developer interest she provides all of her VB source code. The net monitor and her snoop programs may help you.
Ron
Ron
Re: Free Net traffic monitor
Thanks Ron, I'll have a look at it tomorrow.
CeaSaR
CeaSaR
Hey, what do I know?
Re: Free Net traffic monitor
Update:
Tried Karen's Net Monitor - didn't show anything that I didn't already ask to be let through. No help there.
In talking to my brother-in-law, he asked if I had Zone Alarm. As he was starting his next sentence I knew
what he was going to suggest.
"Go into (Zone Alarm's) Program Controls and then Programs. Set it to ask
each time a program wants to access either the Trusted or Internet zones."
What a D'OH moment!
Working my way from the top, I set everything to ask, except those that were already denied, and when I
hit 'Generic Host Process for Win32 Services' (...\System32\svchost,exe), the traffic stopped. BINGO!
I tried all 4 settings - ACCESS: trusted/internet and SERVER: trusted/internet - and the only one that was
affected was ACCESS: trusted.
Now, the question is: Why is my computer, specifically svchost.exe, accessing the Trusted Zone so much?
Anyone have any ideas?
Thanks in advance,
CeaSaR
Tried Karen's Net Monitor - didn't show anything that I didn't already ask to be let through. No help there.
In talking to my brother-in-law, he asked if I had Zone Alarm. As he was starting his next sentence I knew
what he was going to suggest.
"Go into (Zone Alarm's) Program Controls and then Programs. Set it to ask
each time a program wants to access either the Trusted or Internet zones."
What a D'OH moment!
Working my way from the top, I set everything to ask, except those that were already denied, and when I
hit 'Generic Host Process for Win32 Services' (...\System32\svchost,exe), the traffic stopped. BINGO!
I tried all 4 settings - ACCESS: trusted/internet and SERVER: trusted/internet - and the only one that was
affected was ACCESS: trusted.
Now, the question is: Why is my computer, specifically svchost.exe, accessing the Trusted Zone so much?
Anyone have any ideas?
Thanks in advance,
CeaSaR
Hey, what do I know?
Re: Free Net traffic monitor
Well actually it isn't quite svchost.exe accessing the Internet. First we need to understand what svchost.exe actually is:
The next trick would be to run a program that will identify everything running on the machine including those you don't see. I think Karen makes a power tool for that and there are other tools out there to show you everything running. I would give Karen's site a look first.
Ron
The above is continued here. That link should be helpful. Additionally this link really explains it quite well. So in conclusion I doubt svchost.exe is your problem but rather something using svchost.exe as it is intended to be used. For me it isn't unusual to see a few to several svchost.exe running. The file can also be associated with virus activity, especially if it is found outside the root of windows but with AV scans I doubt very much a virus is your problem.The Svchost.exe file is located in the %SystemRoot%\System32 folder. At startup, Svchost.exe checks the services part of the registry to construct a list of services that it must load. Multiple instances of Svchost.exe can run at the same time. Each Svchost.exe session can contain a grouping of services. Therefore, separate services can run, depending on how and where Svchost.exe is started. This grouping of services allows for better control and easier debugging.
The next trick would be to run a program that will identify everything running on the machine including those you don't see. I think Karen makes a power tool for that and there are other tools out there to show you everything running. I would give Karen's site a look first.
Ron
Re: Free Net traffic monitor
Thanks Ron.
Svchost (whatever it is actually controlling) is accessing the trusted zone on an almost constant basis,
not the internet. That is what I found when futzing with Zone Alarm. I'll have to sit down and dig deeper
into what is really running.
I looked at Karen's sight, but I think with what I found through my test today and Process Explorer, I
should be able to ferret out the culprit.
To be continued...
CeaSaR
Svchost (whatever it is actually controlling) is accessing the trusted zone on an almost constant basis,
not the internet. That is what I found when futzing with Zone Alarm. I'll have to sit down and dig deeper
into what is really running.
I looked at Karen's sight, but I think with what I found through my test today and Process Explorer, I
should be able to ferret out the culprit.
To be continued...
CeaSaR
Hey, what do I know?
Who is online
Users browsing this forum: No registered users and 59 guests