• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos0

What is suspicious OUTBOUND traffic?

I keep getting security alerts from Norton saying that it has detected "suspicious outbound traffic" and would I like to run Power Eraser. Several things stopped working after I ran Power Eraser so I undid it. My question is, What is suspicious OUTBOUND traffic? Is my computer sending some kind of information to another computer even when I am not using it? I have a laptop and even when the lid is closed, the fan frequently runs for long periods--I get tired of listening to it and have to pop the battery and pull the power cord to get it to stop. Is my computer sending data while it sleeps? What could it possibly be sending that is "outbound traffic"?

Replies

Kudos0

Re: What is suspicious OUTBOUND traffic?

@squidbrain9 Please provide a screen shot of what you are seeing. You can use the built in "Snipping Tool" if you are on a Windows device. How to post images to the forums is explained here: https://community.norton.com/en/forums/how-post-image-forums-0 

Outbound traffic can indicated a lot of things, in your case you have something running that is taking system resources for your fan to be running loudly AND while the laptop is sleeping. In addition to running Norton Power Eraser you also can download and run Malwarebytes alongside of your antivirus product. Get it here: https://www.malwarebytes.com/

Cheers

"From DOS to Windows10 what a journey it has been" Windows 10 Professional x 64 Fall Creators Update version 1709 / build 16299.98 / NSBU 22.11.2.7 Traditional / Norton BETA tester
Kudos2 Stats

Re: What is suspicious OUTBOUND traffic?

Outbound traffic is something on your computer that is connecting out to the internet.  If suspicious, it could be malware communicating with its command and control center.  If you are seeing a lot of internet activity when you are not really doing anything with your PC, it is possible that your computer is compromised and being used as part of a botnet for things like conducting DDOS attacks.  You definitely want to investigate what those Norton alerts are all about.

Kudos0

Re: What is suspicious OUTBOUND traffic?

Not sure about the traffic issue, but for your battery, do you have Windows 10 with included Cortana? I've been reading about issues with fans running continually or too much, and it seems a common problem is with CORTANA. If you have windows 10 and don't use Cortana, find the program folder where its installed. There should be 2 folders and one in particular has all the dll files. Rename the [Cortana Core.dll ] to something like Cortana Core.dllx and Cortana won't run and as a consequence, your fan won't run near as much, especially when laptop is sleep mode. I'm not familiar with using Cortana myself and didn't know if its included with Windows 8/8.1 or not. I use Windows 7 myself.

DELL XPS 8900 / I7-6700 / 64bit / 16GB RAM Win7 Pro - Norton Security
Kudos0

Re: What is suspicious OUTBOUND traffic?

@squidbrain9 You can view and isolate the offending process using this handy tool I use frequently. Run it from your desktop and look for processes that don't make sense. IE process names in all CAPs , etc.  https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview

You may also want to run Malwarebytes as I previously suggested to check for and remove offending programs.

Cheers

"From DOS to Windows10 what a journey it has been" Windows 10 Professional x 64 Fall Creators Update version 1709 / build 16299.98 / NSBU 22.11.2.7 Traditional / Norton BETA tester
Kudos0

Re: What is suspicious OUTBOUND traffic?

squidbrain9 I'm following up to see how you are coming along with a resolution.

Cheers

"From DOS to Windows10 what a journey it has been" Windows 10 Professional x 64 Fall Creators Update version 1709 / build 16299.98 / NSBU 22.11.2.7 Traditional / Norton BETA tester
Kudos0

Re: What is suspicious OUTBOUND traffic?

SoulAsylum,

Thank you for your attention to my problem. I am still working on a solution. I have purchased Malwarebytes as you suggested but have not yet used the Microsoft tool you mentioned. Malwarebytes found and quarantined 226 items that it identified as threats. We recently had a death in the family, and I have not had time to give my computer problem my full attention. Will let you know how things work out. PS--I am also dealing with a Netgear modem problem that may be related to the "suspicious outbound traffic" issue. When I installed the cable modem a year ago, I set it up as a specifically named PRIVATE network. Now I discover that the network name has been changed and the has become a PUBLIC network. Somebody out there is playing mischief with my equipment. Thanks again for your help. Squidbrain

Kudos0

Re: What is suspicious OUTBOUND traffic?

SoulAsylum,

The information on how to post a screenshot may be helpful in the future. Thank you for that advice. Presently, however, there is nothing to make a screenshot of except the message from Norton telling me I have suspicious outbound traffic. Squidbrain

Kudos0

Re: What is suspicious OUTBOUND traffic?

Sorry to hear of your loss. If you can find the most current firmware download for your router reinstall it on the router and reboot. DON'T set anything into a DMZ zone as that exposes your network.

Cheers

"From DOS to Windows10 what a journey it has been" Windows 10 Professional x 64 Fall Creators Update version 1709 / build 16299.98 / NSBU 22.11.2.7 Traditional / Norton BETA tester
Kudos0

Re: What is suspicious OUTBOUND traffic?

Thanks, plb4333, for your comment. I am running Windows 8.1 on a PC, but my wife is using Windows 10 so your advice may be of help to her. The reason the fan is running so much on my own computer (a laptop) is that it is actually working while the lid is closed and it's supposed to be asleep. I know it's up to something because not only is the fan humming away, the "running lights" come on and stay on for hours at a time unless I disconnect all power to the machine.

Kudos0

Re: What is suspicious OUTBOUND traffic?

SoulAsylum, I ran TCPView but I have no idea what I am looking at or what the program is doing. It generates a list about a mile long and proceeds to (apparently) examine each entry, sometimes highlighting a line in either green, yellow, or red, and the red-lighted lines it appears to eliminate or delete. I will try to find a tutorial somewhere, but meanwhile it may be a couple of days before I can get back to my computer problem. Thank you once more for your assistance. I'm guessing you are well-versed in computer magic. Squidbrain

Kudos0

Re: What is suspicious OUTBOUND traffic?

You would just be looking at the service names in the far left column for suspicious looking services. Such as an exe file in all caps, one in numbers and letters mangled together. That should help you pin down the culprit that is keeping a constant connection. Post a screenshot and I will look it over for you.

Cheers

"From DOS to Windows10 what a journey it has been" Windows 10 Professional x 64 Fall Creators Update version 1709 / build 16299.98 / NSBU 22.11.2.7 Traditional / Norton BETA tester
Kudos0

Re: What is suspicious OUTBOUND traffic?

I had similar problems with my old PC.  It was a good gaming PC, but 10 years old.  Hackers must have set up some back-door access because scans from Norton, Avast, Malwarebytes and numerous free scan programs never found the problem.  I ended up buying a new one after spending a year trying to figure it out.  Depending how old your laptop is, might save yourself a headache and 100's of hours wasted and get a new one.  Use that old one as practice to figure out what to look for and protect yourself on the new one.  But I'm no expert, maybe you can fix it.

Kudos1 Stats

Re: What is suspicious OUTBOUND traffic?

SoulAsylum, My problem may have been solved. Ever since I installed Malwarebytes and it quarantined 226 files, mostly PUP but some Rootkit, the results have been 1) my computer runs a great deal faster, 2) I am not plagued with "unresponsive script" freeze-ups, and 3) my laptop has ceased working busily with the fan running while its lid is closed and it is supposed to be asleep. Thank you for your assistance.

Kudos0

Re: What is suspicious OUTBOUND traffic?

squidbrain9 Great news all around indeed. Please select the post/suggestion that best fits the solution and mark it as the solution for the thread if you'd be so kind. Other may then see that solution. Have a great day.

Cheers

"From DOS to Windows10 what a journey it has been" Windows 10 Professional x 64 Fall Creators Update version 1709 / build 16299.98 / NSBU 22.11.2.7 Traditional / Norton BETA tester

This thread is closed from further comment. Please visit the forum to start a new thread.