Hello once again friends,
I am looking for help in reading (translating) reports from Wireshark software.
This issue is continued from here... http://www.bleepingcomputer.com/forums/t/484074/yahoo-account-spamming-contacts/page-2#entry2975299
Summary: I do realize that a connected PC will will communicate with the internet due to software or hardware requirements. However, I have been seeing 'consistent' sending/receiving traffic on my Network Meter.
Example: receive (5 sec delay) receive (10 sec delay) receive (5 sec delay) receive (10 sec delay)
This continues on and on, with intermittent 'sending' along the way (every 10-20 seconds).
I have tried Moo0 ConnectionWatcher, but was not able to decipher any information from that one. I did a capture with Wireshark and although things looked more detailed, I am still unable to figure anything out from what was shown. I did get some IP's that should be useful, but I do not know exactly how to get the information I am looking for from them. Of course, I am looking to find out what is sending and receiving and how to stop it from doing so.
Any suggestions would be greatly appreciated In the meantime, I will Ping the IP's and see what I can find out. Thanks in advance for your time and advice!
Update: PINGed 3 IP's noted in Wireshark - all timed-out with no results.
Edited by ForeverRogue, 22 February 2013 - 07:42 PM.