I recently upgraded to ver 11.5 and I noticed that eDonkey was listed in my QOE widget. I initially assumed it was just monitored out of the box and had intentions of turning it off, until I noticed a little traffic. In the past 24 hours it has logged 4 transactions with 757 bytes of data. This is very small and my experience tells me that anyone using a peer to peer application would register a much larger amount of data. The truly odd part is 2 of the servers are RDP and I could see someone using an unauthorized piece of software on them, however one of the servers that registered 50% of the transactions is my Solarwinds server and I am the only person who has access to that server. After some searching I am unable to find anything on the server that leads me to believe that eDonkey (or any other peer to peer system) is installed.
My questions are:
Is there something else that looks like eDonkey to Solarwinds?
Any tips on tracking down this issue?
Is anyone else seeing anything like this?