My isp recently flagged me for too high bandwidth. Not knowing what it could be I put Glasswire on the local computers. One has over 50 gb outgoing over the last week. It’s the NT Kernel and System Process. The IPv6 address it is going to is unknown. Any ideas?
There’s not really any useful info in the screenshot. What type of traffic and where is it actually going to?
- IP address
- Traffic type
Hi, it’s going to an unknown ipv6 address in the US: 2601:c2:4100:97ff:8011:b252:e2e:2511
I’m not sure what the traffic type is; I just started using Glasswire. Virus and malware scans aren’t turning up anything.
View the usage by app and select NT kernel. The traffic types (protocols) should then be listed.
IP Address | 2601:c2:4100:97ff:8011:b252:e2e:2511 |
---|---|
City | Marietta |
State/Region | Georgia |
Country Code | United States of America |
Postal Code | 30006 |
ISP | Comcast Cable Communications LLC |
FYI, on my system I only see the NT Kernel & System
generating a tiny amount NetBIOS name resolution traffic which is good to see because it reminds me to disable it.
Thanks for your help! I’m thinking maybe I’m not reading the graph correctly. Today so far my NT Kernel & System says 22.4 GB but the traffic type, Active Directory Windows shares isn’t showing me much. Just outgoing traffic. I turned off NetBios yesterday.
I might have it fixed. I’ll know for sure tomorrow. I had recently reinstalled the OS and it may be that Windows was looking for 3rd party drivers, or that a couple of them were bad. I hit Start and typed verifier. An app started that allowed me to “verify” all non-microsoft drivers. Rebooted and the system seems to be stable. Just a few KB in and out now. Glasswire helped me track it down, so thanks (assuming it’s fixed). Richard