Wired 100mb network connection constantly "sends"

G

Guest

I have Windows XP, SP2 with all updates applied (running on a Sony Viao with
512mb, a 2.4 P4 and 60GB). I connect to a USR 54g router (both wirelessly
(@125mb) and wired (@100mb)), but the wired connnection numbers show an
excessive (and I mean excessive) number of "sends." For example, after being
online for 52 minutes, here are the stats when I open up my network
connections:
Wireless: Sent = 1,608,811 Received = 8,065,967
Wireed: Sent = 17,732,689,652,039 Received = 14,535

Clearly my wireless connection is doing the bulk of the transmissions, but
why does my wired "sent" number esclate so high, so fast (e.g., they reach a
billion+ in the first few minutes after powering up).

I have loaded Port Explorer and Process Explorer and neither shows any
unusual activity. I'm also update on my Norton Anti-Virus (i.e., none found)
and Spy Sweeper anti-spyware.

This has been going on for months, and the machine is slowing down more and
more.

Any thoughts???? This one is a real brain-buster!

p.s. My wired NIC is the Intel PRO/100 VE Adapter and my wireless NIC is a
US Robotics 802.11G Wireless Turbo Adapter. The router is a US Robotics
802.11g Wireless Turbo Router (both adapter and router firmware upgraded to
provide 125mb) and I've even put in a different router, but get the same
results.
 
C

Chuck

I have Windows XP, SP2 with all updates applied (running on a Sony Viao with
512mb, a 2.4 P4 and 60GB). I connect to a USR 54g router (both wirelessly
(@125mb) and wired (@100mb)), but the wired connnection numbers show an
excessive (and I mean excessive) number of "sends." For example, after being
online for 52 minutes, here are the stats when I open up my network
connections:
Wireless: Sent = 1,608,811 Received = 8,065,967
Wireed: Sent = 17,732,689,652,039 Received = 14,535

Clearly my wireless connection is doing the bulk of the transmissions, but
why does my wired "sent" number esclate so high, so fast (e.g., they reach a
billion+ in the first few minutes after powering up).

I have loaded Port Explorer and Process Explorer and neither shows any
unusual activity. I'm also update on my Norton Anti-Virus (i.e., none found)
and Spy Sweeper anti-spyware.

This has been going on for months, and the machine is slowing down more and
more.

Any thoughts???? This one is a real brain-buster!

p.s. My wired NIC is the Intel PRO/100 VE Adapter and my wireless NIC is a
US Robotics 802.11G Wireless Turbo Adapter. The router is a US Robotics
802.11g Wireless Turbo Router (both adapter and router firmware upgraded to
provide 125mb) and I've even put in a different router, but get the same
results.
Click to expand...

Tommy,

That is a pretty large number. Does Port Explorer show which process is running
the numbers up? The Sent and Received columns can be pretty useful here.
 
G

Guest

No, Port Explorer doesn't show any excessive activity. It's as if the
counter in the display is just incrementing itself. When I have a Port
Explorer windows open right next to the "Local LAN Connection" Status window,
I can watch the number in the "status" window incrementing at a tremendous
rate (i.e., a couple of a million in less than 60 seconds), yet Port Explorer
only shows 600-700 bytes being sent.

A real puzzler.

Tommy
=======
 
C

Chuck

No, Port Explorer doesn't show any excessive activity. It's as if the
counter in the display is just incrementing itself. When I have a Port
Explorer windows open right next to the "Local LAN Connection" Status window,
I can watch the number in the "status" window incrementing at a tremendous
rate (i.e., a couple of a million in less than 60 seconds), yet Port Explorer
only shows 600-700 bytes being sent.

A real puzzler.
Click to expand...

OK, Tommy,

And have you identified all of the processes that do show in Port Explorer, with
numbers increasing at any rate?

And if you can't reach a conclusion, I'd highly recommend HijackThis and expert
advice. And BlackLight or Rootkit Revealer.
<http://nitecruzr.blogspot.com/2005/05/interpreting-hijackthis-logs-with.html>
http://nitecruzr.blogspot.com/2005/05/interpreting-hijackthis-logs-with.html
<http://nitecruzr.blogspot.com/2006/06/deeply-hidden-and-heavily-protected.html>
http://nitecruzr.blogspot.com/2006/06/deeply-hidden-and-heavily-protected.html
 
G

Guest

Chuck,

I looked at the info in Port Explorer and it all looks okay, but I'll look
again. And thanks for recommending the other two options. Maybe one of them
will provide some insight. I've seen a lot in my 30 years of doing this
stuff, but this one truly has me baffled.

Tommy
====
 
C

Chuck

Chuck,

I looked at the info in Port Explorer and it all looks okay, but I'll look
again. And thanks for recommending the other two options. Maybe one of them
will provide some insight. I've seen a lot in my 30 years of doing this
stuff, but this one truly has me baffled.

Tommy
====
Click to expand...

If you don't see any numbers in Port Explorer to equal what you see in My
Network Connections, then you could well have a rootkit type malware in action.
And you will need expert security advice.

The hell of it is, the experts will probably advise you to "nuke and pave".
<http://en.wikipedia.org/wiki/Nuke_and_pave>
http://en.wikipedia.org/wiki/Nuke_and_pave
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Explain network errors in event log? 1
network connection between wireless and wired 5
Wired and wireless to same router 3
Constant, excessive, transmission on my "wired" connection 2
Network Bridge: Wireless + Wired 6
Odd network results from two installed adapters, wired/wirelss 1
wireless + wired network routing 4
wireless and wired in same network 11

Top