PDA

View Full Version : Internet problems...too many active sessions?


slapkey
09-09-2008, 06:43 PM
I recently moved into an apartment with 3 other guys, and my cable service there does not "feel good" at all, often. What I mean by that is that it feels slow and unresponsive, or else I'll be playing a game where I will suddenly see my ping skyrocket and/or disconnect. I thought the problem was that a roommate might have been running bittorrent, but to test I lowered his number of settings and upload bandwidth way, way low. Then I noticed in my router settings underneath "Active Sessions" that my desktop (I have a desktop and a laptop) is showing to be using almost ALL of the active sessions...posted below (this snapshot is while my other computer is also using the net, and a roommate or two is probably as well)

I'm currently on 6mb cable internet service, running through a D-LINK DIR 625. That cable runs to a Linksys switch that I have, and I have it into position 1. I then have my laptop, desktop, and roommate's ethernet stuck into 2,3, and 4. My laptop is .107, desktop is .106, and the other couple are roommates. Why is this one computer opening sooooo many?

192.168.0.107:1166 TCP 89.149.214.20:53002 1166 215 EST Out 7800
192.168.0.106:2120 TCP 204.245.162.9:80 2120 237 EST Out 7798
192.168.0.106:2135 TCP 208.76.217.24:80 2135 237 EST Out 7798
192.168.0.106:2134 TCP 204.245.162.9:80 2134 196 EST Out 7797
192.168.0.106:2133 TCP 216.73.87.52:80 2133 196 EST Out 7797
192.168.0.106:2132 TCP 72.32.153.176:80 2132 169 LA Out 237
192.168.0.106:2131 TCP 216.73.87.52:80 2131 169 LA Out 237
192.168.0.106:2130 TCP 204.245.162.24:80 2130 255 EST Out 7800
192.168.0.106:2129 TCP 204.245.162.24:80 2129 169 LA Out 236
192.168.0.106:2128 TCP 204.245.162.9:80 2128 196 EST Out 7796
192.168.0.106:2127 TCP 204.245.162.9:80 2127 215 EST Out 7797
192.168.0.106:49400 UDP 208.67.220.220:53 49400 130 - Out 296
192.168.0.106:2125 TCP 204.245.162.16:80 2125 237 EST Out 7790
192.168.0.106:2124 TCP 204.245.162.16:80 2124 243 EST Out 7800
192.168.0.106:2123 TCP 204.245.162.16:80 2123 247 EST Out 7790
192.168.0.106:2122 TCP 204.245.162.16:80 2122 254 EST Out 7792
192.168.0.106:59193 UDP 208.67.222.222:53 59193 130 - Out 290
192.168.0.106:2121 TCP 204.245.162.9:80 2121 169 CL Out 233
192.168.0.106:2119 TCP 204.245.162.9:80 2119 196 TW Out 230
192.168.0.106:2118 TCP 204.245.162.9:80 2118 254 EST Out 7800
192.168.0.106:2117 TCP 204.245.162.32:80 2117 255 EST Out 7797
192.168.0.106:2116 TCP 204.245.162.32:80 2116 255 EST Out 7795
192.168.0.106:2115 TCP 204.245.162.9:80 2115 196 TW Out 227
192.168.0.106:52991 UDP 208.67.220.220:53 52991 129 - Out 271
192.168.0.106:2114 TCP 216.73.87.52:80 2114 169 LA Out 211
192.168.0.106:55834 UDP 208.67.222.222:53 55834 130 - Out 268
192.168.0.116:2938 TCP 208.69.32.230:80 2938 228 EST Out 7766
192.168.0.116:1984 UDP 208.67.220.220:53 1984 129 - Out 265
192.168.0.106:2113 TCP 204.245.162.9:80 2113 196 TW Out 227
192.168.0.106:54279 UDP 208.67.222.222:53 54279 130 - Out 259
192.168.0.106:2112 TCP 204.245.162.32:80 2112 255 EST Out 7797
192.168.0.106:2111 TCP 204.245.162.32:80 2111 254 EST Out 7795
192.168.0.106:2110 TCP 74.125.242.88:80 2110 196 CL Out 208
192.168.0.106:2109 TCP 72.32.153.176:80 2109 169 LA Out 202
192.168.0.106:50258 UDP 208.67.220.220:53 50258 130 - Out 259
192.168.0.106:2107 TCP 204.245.162.9:80 2107 196 TW Out 227
192.168.0.106:2108 TCP 204.245.162.9:80 2108 196 TW Out 227
192.168.0.106:2106 TCP 74.125.242.88:80 2106 169 CL Out 199
192.168.0.106:53256 UDP 208.67.222.222:53 53256 130 - Out 256
192.168.0.106:2105 TCP 208.69.40.119:80 2105 169 LA Out 196
192.168.0.106:2104 TCP 213.236.208.60:80 2104 169 LA Out 190
192.168.0.106:2103 TCP 208.69.40.119:80 2103 169 LA Out 196
192.168.0.106:2102 TCP 208.76.217.26:80 2102 196 TW Out 227
192.168.0.106:49581 UDP 208.67.220.220:53 49581 129 - Out 250
192.168.0.106:60467 UDP 208.67.222.222:53 60467 130 - Out 250
192.168.0.106:49166 UDP 208.67.220.220:53 49166 130 - Out 250
192.168.0.106:2101 TCP 204.245.162.32:80 2101 169 CL Out 235
192.168.0.106:2100 TCP 208.69.32.231:80 2100 169 LA Out 193
192.168.0.106:2099 TCP 74.125.79.127:80 2099 196 TW Out 227
192.168.0.106:2098 TCP 96.6.149.127:80 2098 196 TW Out 227
192.168.0.106:2097 TCP 208.76.217.24:80 2097 196 TW Out 227
192.168.0.106:57263 UDP 208.67.222.222:53 57263 130 - Out 241
192.168.0.106:63802 UDP 208.67.220.220:53 63802 130 - Out 241
192.168.0.106:2096 TCP 204.245.162.32:80 2096 169 CL Out 206
192.168.0.106:2095 TCP 204.245.162.32:80 2095 169 FW Out 7745
192.168.0.106:2092 TCP 204.245.162.32:80 2092 196 TW Out 196
192.168.0.106:2094 TCP 208.76.217.22:80 2094 196 TW Out 227
192.168.0.106:2093 TCP 208.76.217.22:80 2093 196 TW Out 227
192.168.0.106:64691 UDP 208.67.222.222:53 64691 130 - Out 233
192.168.0.106:2091 TCP 213.236.208.60:80 2091 169 LA Out 178
192.168.0.106:2090 TCP 204.245.162.32:80 2090 255 EST Out 7739
192.168.0.106:61353 UDP 208.67.220.220:53 61353 130 - Out 233
192.168.0.106:64541 UDP 208.67.222.222:53 64541 130 - Out 233
192.168.0.116:1026 UDP 208.67.220.220:53 1026 130 - Out 220
192.168.0.107:1164 TCP 64.234.75.31:35618 1164 169 SS Out 168
192.168.0.116:1026 UDP 208.67.222.222:53 1026 130 - Out 214
192.168.0.106:57735 UDP 208.67.220.220:53 57735 130 - Out 207
192.168.0.106:55999 UDP 208.67.222.222:53 55999 129 - Out 207
192.168.0.106:2087 TCP 66.249.93.18:80 2087 169 CL Out 221
192.168.0.107:1163 TCP 64.234.75.31:13491 1163 169 SS Out 144
192.168.0.106:2085 TCP 66.249.91.113:80 2085 169 CL Out 152
192.168.0.181:3015 TCP 199.93.63.123:80 3015 255 EST Out 7800
192.168.0.181:56107 UDP 208.67.222.222:53 56107 130 - Out 174
192.168.0.181:1025 UDP 208.67.220.220:53 1025 131 - Out 179
192.168.0.107:1161 TCP 64.234.75.31:35618 1161 169 SS Out 122
192.168.0.107:1159 TCP 89.149.214.20:53000 1159 169 CL Out 107
192.168.0.107:1158 TCP 12.129.233.27:3724 1158 255 EST Out 7792
192.168.0.107:1157 TCP 12.129.224.110:3724 1157 253 EST Out 7664
192.168.0.181:3013 TCP 65.55.184.157:80 3013 169 CL Out 96
192.168.0.106:2081 TCP 64.233.183.147:443 2081 169 CL Out 161
192.168.0.181:5353 UDP 224.0.0.251:5353 5353 148 - Out 278
192.168.0.181:3012 TCP 65.55.184.157:443 3012 169 CL Out 89
192.168.0.181:3011 TCP 208.111.162.31:80 3011 169 CL Out 114
64.234.75.31:35528 TCP 64.7.210.130:80 35528 196 TW Out 87
64.234.75.31:4097 UDP 208.67.222.222:53 4097 130 - Out 147
192.168.0.181:53742 UDP 208.67.222.222:53 53742 130 - Out 149
192.168.0.181:53742 UDP 208.67.220.220:53 53742 128 - Out 145
64.234.75.31:68 UDP *.*.*.*:* 68 128 - - -

JackMDS
09-09-2008, 07:05 PM
I do noy know wich application you use to generate this data.

If this Reading are progressing in time, it is Not that unusual.

Use this application, http://technet.microsoft.com/e...nternals/bb897437.aspx (http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx)

Run it and do not do any thing related to the Network/Internet.

If while idling it produces such a reading then oy might be a sign of trouble.

slapkey
09-09-2008, 07:35 PM
That list was the current list of Active Sessions as seen by my router. I just ran that TCPView program. When it first came up there were a large number of things that went red and then disappeared. after letting it sit quiet for a while, the output is
alg.exe:3052 TCP LOGENDESK:1028 LOGENDESK:0 LISTENING
AppleMobileDeviceService.exe:276 TCP LOGENDESK:27015 LOGENDESK:0 LISTENING
chrome.exe:1884 UDP LOGENDESK:1659 *:*
chrome.exe:1884 TCP logendesk:2579 nf-in-f147.google.com:https CLOSE_WAIT
chrome.exe:1884 TCP logendesk:2580 ug-in-f18.google.com:http ESTABLISHED
lsass.exe:824 UDP LOGENDESK:isakmp *:*
lsass.exe:824 UDP LOGENDESK:4500 *:*
mDNSResponder.exe:336 TCP LOGENDESK:5354 LOGENDESK:0 LISTENING
mDNSResponder.exe:336 UDP logendesk:5353 *:*
mDNSResponder.exe:336 UDP LOGENDESK:1025 *:*
svchost.exe:1072 TCP LOGENDESK:epmap LOGENDESK:0 LISTENING
svchost.exe:1212 UDP logendesk:ntp *:*
svchost.exe:1212 UDP LOGENDESK:ntp *:*
svchost.exe:1564 TCP LOGENDESK:2869 LOGENDESK:0 LISTENING
svchost.exe:1564 UDP logendesk:1900 *:*
svchost.exe:1564 UDP LOGENDESK:1900 *:*
System:4 TCP LOGENDESK:microsoft-ds LOGENDESK:0 LISTENING
System:4 TCP logendesk:netbios-ssn LOGENDESK:0 LISTENING
System:4 UDP logendesk:netbios-ns *:*
System:4 UDP LOGENDESK:microsoft-ds *:*
System:4 UDP logendesk:netbios-dgm *:*


I just ran the program on my notebook, and got the following results while idle.
[System Process]:0 TCP logennotebook:1519 65.55.197.125:http TIME_WAIT
[System Process]:0 TCP logennotebook:1523 wwwbaytest2.microsoft.com:http TIME_WAIT
[System Process]:0 TCP logennotebook:ingreslock 204.2.241.146:http TIME_WAIT
[System Process]:0 TCP logennotebook:1521 204.2.241.145:http TIME_WAIT
[System Process]:0 TCP logennotebook:1517 65.55.197.125:http TIME_WAIT
[System Process]:0 TCP logennotebook:1522 204.2.241.145:http TIME_WAIT
[System Process]:0 TCP logennotebook:1516 204.2.241.145:http TIME_WAIT
[System Process]:0 TCP logennotebook:wins 204.2.241.145:http TIME_WAIT
[System Process]:0 TCP logennotebook:1510 204.2.241.145:http TIME_WAIT
[System Process]:0 TCP logennotebook:1528 204.2.241.155:http TIME_WAIT
[System Process]:0 TCP logennotebook:1526 204.2.241.146:http TIME_WAIT
[System Process]:0 TCP logennotebook:1508 65.55.11.240:http TIME_WAIT
[System Process]:0 TCP logennotebook:1529 downloads.sysinternals.com:http TIME_WAIT
AppleMobileDeviceService.exe:588 TCP logennotebook:27015 logennotebook:0 LISTENING
avgemc.exe:2076 TCP logennotebook:10110 logennotebook:0 LISTENING
lsass.exe:904 UDP logennotebook:isakmp *:*
lsass.exe:904 UDP logennotebook:4500 *:*
mDNSResponder.exe:604 TCP logennotebook:5354 logennotebook:0 LISTENING
mDNSResponder.exe:604 UDP logennotebook:1025 *:*
mDNSResponder.exe:604 UDP logennotebook:5353 *:*
svchost.exe:1180 TCP logennotebook:epmap logennotebook:0 LISTENING
svchost.exe:1324 UDP logennotebook:1150 *:*
svchost.exe:1324 UDP logennotebook:ntp *:*
svchost.exe:1324 UDP logennotebook:ntp *:*
svchost.exe:148 TCP logennotebook:2869 logennotebook:0 LISTENING
svchost.exe:148 UDP logennotebook:1900 *:*
svchost.exe:148 UDP logennotebook:1900 *:*
System:4 TCP logennotebook:netbios-ssn logennotebook:0 LISTENING
System:4 TCP logennotebook:microsoft-ds logennotebook:0 LISTENING
System:4 UDP logennotebook:netbios-ns *:*
System:4 UDP logennotebook:netbios-dgm *:*
System:4 UDP logennotebook:microsoft-ds *:*
winmgwsd.exe:684 TCP logennotebook:32196 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:14246 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:40419 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:20139 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:10536 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:13273 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:30196 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:12595 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:29727 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:39206 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:26102 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:28149 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:22357 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:41544 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:10273 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:28727 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:25071 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:29960 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:10529 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:13491 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:23284 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:16992 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:40234 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:31728 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:32736 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:35795 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:23672 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:35826 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:23455 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:37195 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:22839 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:19311 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:27534 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:14756 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:33272 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:17214 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:19517 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:16148 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:30822 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:13690 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:14446 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:21215 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:13628 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:36118 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:18230 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:35618 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:17106 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:37607 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:25546 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:39596 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:22247 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:41709 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:26252 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:16583 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:38441 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:37658 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:14164 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:36332 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:28997 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:41438 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:23550 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:13067 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:16281 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:15370 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:18805 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:11970 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:15592 logennotebook:0 LISTENING
winmgwsd.exe:684 TCP logennotebook:31005 logennotebook:0 LISTENING

what are all those winmgwsd.exe? and should that be there? anything else look odd?

spidey07
09-09-2008, 07:55 PM
Head over to the security forum to clean your machine.

JackMDS
09-09-2008, 07:57 PM
Could e this, http://www.threatexpert.com/th...jan-pr-agent-edfk.html (http://www.threatexpert.com/threats/trojan-pr-agent-edfk.html)