Business, T7700 Avast! A-Squared Defender NetGadget shows UP and DOWN traffic. Booting this morning, a download began. It had a lot of priority, because emails and other online events were extremely slow. It finally ended after 30 minutes... A2 and Avast are set for manual updates, not automatic. And it's not Tuesday... Let's assume there's nothing evil on this machine. I want to take control of such things. What can I do to identify the program that initiated that download? Thanks!
No strange services or processes running, that I could recognize. Task Manager -> Networking shows "Loopback Connections for Xdrive" at 0.15%, but Xdrive (the online backup product) is not installed on this laptop. It may have been at one time (assistant uses it as well). Services show "Xdrive Service" -- stopped. Processes show no Xdrive. Search found no Xdrive app or files. In Registry, found instances of Xdrive and deleted.
Someone who uses your computer has installed the following: http://www.xdrive.com/ -- Richard Urban Microsoft MVP Windows Desktop Experience "Ike" wrote in message news:g9ort0$deu$1@registered.motzarella.org... > No strange services or processes running, that I could recognize. > > Task Manager -> Networking shows "Loopback Connections for Xdrive" at > 0.15%, but Xdrive (the online backup product) is not installed on this > laptop. It may have been at one time (assistant uses it as well). > > Services show "Xdrive Service" -- stopped. > Processes show no Xdrive. > Search found no Xdrive app or files. > In Registry, found instances of Xdrive and deleted.
I called to check and you are correct, but he believes Xdrive had been uninstalled. Some bits and pieces showed up with Regedit, and I deleted them. Even after rebooting, the Network Activity display indicates that "Loopback connection for Xdrive" is still connected and running. I'm not convinced that Xdrive is causing this activity, but there's still constant net traffic. What's changed is that it is not all download, but UP/DOWN in equal volume. This computer is strictly business and does only low-risk things. There are no games or videos on it, and no odd downloads. But the net activity continues, though a scan with A-Squared and Avast found nothing. Richard Urban wrote: > Someone who uses your computer has installed the following: > > http://www.xdrive.com/ >
Ike wrote: > I called to check and you are correct, but he believes Xdrive had been > uninstalled. Some bits and pieces showed up with Regedit, and I deleted > them. > > Even after rebooting, the Network Activity display indicates that > "Loopback connection for Xdrive" is still connected and running. > > I'm not convinced that Xdrive is causing this activity, but there's > still constant net traffic. What's changed is that it is not all > download, but UP/DOWN in equal volume. > > This computer is strictly business and does only low-risk things. There > are no games or videos on it, and no odd downloads. But the net activity > continues, though a scan with A-Squared and Avast found nothing. Sounds like your computer got hijacked and is a part of a herd bot. Have you run any root kit detection/removal software like Spybot Search and Destroy? Alias > > > > Richard Urban wrote: >> Someone who uses your computer has installed the following: >> >> http://www.xdrive.com/ >> S
"Alias" wrote in message news:g9oul2$mfg$2@aioe.org... > Ike wrote: >> I called to check and you are correct, but he believes Xdrive had been >> uninstalled. Some bits and pieces showed up with Regedit, and I deleted >> them. >> >> Even after rebooting, the Network Activity display indicates that >> "Loopback connection for Xdrive" is still connected and running. >> >> I'm not convinced that Xdrive is causing this activity, but there's still >> constant net traffic. What's changed is that it is not all download, but >> UP/DOWN in equal volume. >> >> This computer is strictly business and does only low-risk things. There >> are no games or videos on it, and no odd downloads. But the net activity >> continues, though a scan with A-Squared and Avast found nothing. > > Sounds like your computer got hijacked and is a part of a herd bot. Have > you run any root kit detection/removal software like Spybot Search and > Destroy? > Alias talking about a herd. The only "herd" he knows about is SHEEP. > Alias >> >> >> >> Richard Urban wrote: >>> Someone who uses your computer has installed the following: >>> >>> http://www.xdrive.com/ >>> > > S
