Hughesnet Community

Large upload amount that I can't figure out...

cancel
Showing results for 
Search instead for 
Did you mean: 
GabeU
Distinguished Professor IV

Large upload amount that I can't figure out...

On Monday evening I was online, with a few pages open.  A few pages of this community, CNN's main page, Facebook and Twitter.  There were others here and there, but those ones mentioned were the only ones open for a long time.  After a few hours, I checked Glasswire, which I often do.  To my surprise, there was something that had uploaded over 100MB of data during this time.  I searched the IP address assigned to the upload, but I'm at a loss.  Any ideas what this was? It was definitely one of the webpages, as the upload was done via Chrome.  It's the top host entry, which I opened so you can see the IP address.  23MB download and 102.1MB upload.  

 

Upload.jpg

 

I ran Webroot, Malwarebytes, Norton Power Eraser, Microsoft Safety Scanner and Microsoft Malicious Software Removal Tool scans, and nothing was found.  All clean.  

 

I think it could be related to an ad or something else on CNN, even though I have an ad-blocker installed and they are all blocked because of it.  I couldn't match up the times of the upload with CNN, as I again opened it later, which, with Chrome, wipes out the previous CNN entry and just has the newest one in its history.  A dumb feature for history, but it is what it is.  

 

I'm just very worried that this could be something nefarious.  

 

Thanks for the help.  🙂  


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
14 REPLIES 14
MarkJFine
Professor

192.33.31.70 resolves to a-sg01sl03.insnw.net (Instart Logic, Inc.)

The following A records are set to 192.33.31.70:
hearthhead.com, smiggle.asia, smiggle.com, smigglepals.com, smiggles.com, smigglets.com.

Instart Logic is a content delivery network, so I'm guessing it was a streaming ad using a ad-blocker-buster.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
GabeU
Distinguished Professor IV

@MarkJFine

 

When I did a search for it I saw that Instart Logic, but that didn't mean anything to me.  Thanks for the info.  🙂

 

Why would a streaming ad use upload data instead of download data?  Could it have been trying to upload my location info or something, but couldn't, so it kept trying?  


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
BirdDog
Assistant Professor

I blame that Exede site you visited. Smiley Wink

GabeU
Distinguished Professor IV


@BirdDog wrote:

I blame that Exede site you visited. Smiley Wink


LMAO!!!!  That's what it is!  It's revenge for tainting HughesNet's servers with the competition's info.  😛 

 

 


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro


@GabeU wrote:

@MarkJFine

 


 

Why would a streaming ad use upload data instead of download data?  Could it have been trying to upload my location info or something, but couldn't, so it kept trying?  


    Don't know about Crome, but Firefox warns you when someone is trying to upload your location data. and you can also block it.

 

   What's scary to me is that there are actually companys out there that have an ad-blocker-buster.

 

  Oh no!  I'm going to have get an ad-blocker-buster-buster!

GabeU
Distinguished Professor IV

@gaines_wright

 

Chrome does give you the warning for, and the option to allow or deny, location requests by sites.  It's just that I know that sometimes ads can do more than just advertise, so if it is an ad, or ads, that were playing regardless of my ad blocker without me noticing, I wonder if it was trying to collect some kind of info.  Being that it was an upload rather than download, I thought this could be the cause.  I'll probably never know, but I'll definitely keep a better eye on open pages, and especially CNN.  


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
GabeU
Distinguished Professor IV

Update:

 

I think I'm going to reinstall Windows.  Today I've had 35MB of upload.  Half of it being from my Webroot Antivirus.  Something odd is going on.  I'm just going to save everything I need to and reinstall.  I already have the newest Windows 10 ISO on a flash drive, ready to go.  Maybe it will fix it, maybe it won't, but at least I'll have a little piece of mind, as I really don't like what's going on right now.  Not so much the data, but not knowing why it's happening.  😞  


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
GabeU
Distinguished Professor IV

Well, that was loads of fun.  Only four hours and about 3.7GB of data.  SMH.  I didn't think it would use that much data.  What a pain.

 

Hopefully starting fresh helps.  We'll see.  


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
maratsade
Distinguished Professor IV

That's a lot of data for something you already had the image for.  I guess it had to download updates? Fingers crossed that this will solve the issue!

GabeU
Distinguished Professor IV


@maratsade wrote:

That's a lot of data for something you already had the image for.  I guess it had to download updates? Fingers crossed that this will solve the issue!


Yep.  The updates, including for the built in apps and whatnot.  Plus, I had to download a couple of programs that I had forgotten to save.  

 

The funny thing is, the W10 1809 ISO itself isn't even that big.  Nearly, but not quite.  Of course, if I had to download ISO, as well, I would have done all this startinig at 2AM.  

 

I didn't realize what I did would use so much data.  


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro
maratsade
Distinguished Professor IV

That's Windows for you -- cumbersome.  I hope everything is working properly now. 

BirdDog
Assistant Professor

@GabeU, don't know if anything to to do with your original problem but my Comodo AV popped up an alert last night about Bitcoin mining malware trying to attach to Chrome. Scary stuff going on right now.


@BirdDog wrote:

@GabeU, don't know if anything to to do with your original problem but my Comodo AV popped up an alert last night about Bitcoin mining malware trying to attach to Chrome. Scary stuff going on right now.


Very scary stuff, and a bad distro of Chrome is right in the middle of it.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
GabeU
Distinguished Professor IV


@BirdDog wrote:

@GabeU, don't know if anything to to do with your original problem but my Comodo AV popped up an alert last night about Bitcoin mining malware trying to attach to Chrome. Scary stuff going on right now.


Oh, wow.  That's interesting.  It hasn't happened since, and I ran all of the scans I mentioned, but it's entirely possible that something like that could have slipped through, especially if it's new.  

 

Thanks for the info.  I'm keeping a much closer eye on it since the re-installation.  


Ryzen 5 3400G | MSI B450M Pro-M2 MAX | 16GB Corsair Vengeance DDR4 3000 | XPG SX8200 Pro 512GB NVMe | Windows 10 Pro