Windows 10: Excessive sessions open immediately after boot


  1. Posts : 85
    Microsoft Windows 10x64 Pro
       17 Feb 2016 #1

    Excessive sessions open immediately after boot


    I've been having problems with Internet speed variations recently. Today I had a Tech from my ISP here to look at the problem and he discovered that immediately after boot I have over 50 active sessions open on my PC, even before I open a browser window. This machine has Norton Security installed and active and I've recently run Norton Eraser As Well as Malwarebytes and neither of them have found anything significant while scanning.

    Any idea what could because of these sessions to open?
      My ComputerSystem Spec


  2. Posts : 12,404
    W10Prox64
       17 Feb 2016 #2

    MSRadell said: View Post
    I've been having problems with Internet speed variations recently. Today I had a Tech from my ISP here to look at the problem and he discovered that immediately after boot I have over 50 active sessions open on my PC, even before I open a browser window. This machine has Norton Security installed and active and I've recently run Norton Eraser As Well as Malwarebytes and neither of them have found anything significant while scanning.

    Any idea what could because of these sessions to open?
    Hi.
    I see you've got a post over at Bleeping Computer on this as well.

    Excessive active internet sessions can be caused by torrenting programs and botnets (clickfraud/DDoS attacks, etc.). I have also seen this when someone has gotten into a system with a lot of storage, and put their illegal stuff on it, selling it to customers and then linking to the compromised computer after the sale, for the download. And, just because you've got Norton running doesn't mean you're safe.

    You could try Wireshark if you want to sniff your packets, for more information.

    I would run RKILL, JRT, then an ESET Online Scan for starters, and see what comes up, while you're waiting for BC to answer. You'll need to disable Norton when running ESET.

    EDIT: Have you noticed high activity on your CPU lately?
      My ComputerSystem Spec


  3. Posts : 85
    Microsoft Windows 10x64 Pro
    Thread Starter
       17 Feb 2016 #3

    Thanks, I've run the 1st 2 already and they didn't find anything I'm working on running ESET right now.
      My ComputerSystem Spec


  4. Posts : 85
    Microsoft Windows 10x64 Pro
    Thread Starter
       18 Feb 2016 #4

    I went ahead and ran Wireshark today after none of the other troubleshooting tools found anything. I'm attaching a copy of a Wireshark file to see if anybody can see anything interesting in it.
    Excessive sessions open immediately after boot Attached Files
      My ComputerSystem Spec


  5. Posts : 12,404
    W10Prox64
       21 Feb 2016 #5

    MSRadell said: View Post
    I went ahead and ran Wireshark today after none of the other troubleshooting tools found anything. I'm attaching a copy of a Wireshark file to see if anybody can see anything interesting in it.
    Yeah, I can't really do much with the PDF. I think you need to be in the program to do the evaluating, using the various filters available. Have a look here:
    Capturing network communication packets with Wireshark Utility | Symantec Connect
    They have a wireshark tutorial video on there.

    Did the ESET scan find anything?
      My ComputerSystem Spec


  6. Posts : 85
    Microsoft Windows 10x64 Pro
    Thread Starter
       21 Feb 2016 #6

    simrick said: View Post

    Did the ESET scan find anything?
    No It Didn't.
      My ComputerSystem Spec

  7.    26 Feb 2016 #7

    Have you reviewed your startup programs in task manager? Sounds like a virus, etc... to me
      My ComputerSystem Spec


  8. Posts : 85
    Microsoft Windows 10x64 Pro
    Thread Starter
       26 Feb 2016 #8

    Following up with some of the information I collect on Wireshark I thought a lot of communications to the IP address of 204.79.197.213. A search came back showing that's a MS site. I created a firewall rule to block all communications to and from that site and suddenly everything seems to be working fine! I'm running Windows 10x64 Pro, and to the best of my knowledge have all of the MS data transfer stuff turned off but obviously something is still functioning.
      My ComputerSystem Spec


  9. Posts : 12,404
    W10Prox64
       26 Feb 2016 #9

    MSRadell said: View Post
    No It Didn't.
    Good. If ESET didn't find anything, then you can be pretty sure there's no virus lurking.

    MSRadell said: View Post
    Following up with some of the information I collect on Wireshark I thought a lot of communications to the IP address of 204.79.197.213. A search came back showing that's a MS site. I created a firewall rule to block all communications to and from that site and suddenly everything seems to be working fine! I'm running Windows 10x64 Pro, and to the best of my knowledge have all of the MS data transfer stuff turned off but obviously something is still functioning.
    Interesting. I hope that's not your OneDrive sync.
      My ComputerSystem Spec


  10. Posts : 85
    Microsoft Windows 10x64 Pro
    Thread Starter
       26 Feb 2016 #10

    Actually after doing some more research that's the homepage for Bing, don't know why it was trying to communicate because I don't use it at all and have it turned off! Just more MS BS.
      My ComputerSystem Spec


 

Related Threads
I am a pensioner who has a special telephone/internet package for those of us on limited incomes. This package only allows 10GB of bandwith usage per month after which we have to pay 5.50 for each block of 5GB over the 10GB limit. When I was...
Exactly as it says on the title. When I power it on, the GPU fans go full blast, it stays that way for a little while and shuts down automatically. There's no splash screens or anything either so I can't go into safe mode. Sometimes it shuts down...
Solved Excessive CPU Usage with Browser(s) in Performance & Maintenance
Hello all, I recently purchased new a Lenovo Flex 3 1130 (80LY), 2 in 1 laptop. I'm aware it's a entry level machine and it's purpose is primarily just for school. Definitly not going to run my server.....lol. Everything is as expected with the...
I can't seem to find a setting that will either clear my Edge cookies or do whatever is necessary to log my Google account out when I close the Edge browser. As much as I prefer my family not go through my stuff, I don't want to see theirs after...
Spent the best part of a day fixing my PC after a W10 upgrade this morning. All seems to be working well now except that I have an issue with a couple of Metro apps - those named in the title. What happens is that the apps open and then...

Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 17:40.
Find Us