Sysinternals Process Explorer to monitor the thread execution of the
afsd_service.exe. If there is one or more threads executing when
the system should be in idle state, try and grab a stack from it.
Also, you can increase the size of the afsd_service.exe Trace Log (see registry.txt) and use "fs trace -dump" to produce a log file %WINDIR%\TEMP\afsd.log. This will output the most recent output from the circular log.
If you have a debugger, you can attach to the afsd_service.exe and place breakpoints in the functions which generate the packets you are seeing being sent from the client.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
