I'll try that, I'll run netstat over and over for 2 minutes. The IP is listed as being owned by Oracle Chicago. I don't know if it's a denial of service attack or a real product that was installed on the system.
--- On Thu, 12/2/10, Paul McNett <[email protected]> wrote: > From: Paul McNett <[email protected]> > Subject: Re: [NF] Weird traffic still happening > To: [email protected] > Date: Thursday, December 2, 2010, 8:24 PM > On 12/2/10 5:11 PM, Michael Madigan > wrote: > >> From one computer I have is sending out packets to > 138.1.1.99 and 138.1.1.101. on port 137 It will try it 3 > times every 2 minutes. > > > > I have shut off that port on the router, but I've run > Combofix. AVG, and Malwarebytes on the system and can't find > what is doing it. > > > > The IPs link to Oracle Corp in Chicago. > > > > When I do a netstat -ano , the only program I get that > is transmitting is system. > > > > Anyone have any ideas? > > Look through running services; shut down (at least > temporarily) all possible services > to see if one of them was the culprit. > > Kill Windows Explorer from the task manager right before > the 2 minute mark to see if > something there was the culprit. > > When you netstat -ano, is it for the port 137? You may need > to write a script to > continually call "netstat -ano | grep 137" (or whatever the > Windows equivalent of > grep is) until you find the actual process attempting the > connection. > > Paul > > [excessive quoting removed by server] _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
