1

I've been using Wireshark to check out the traffic on my home network. Fairly recently, I started getting a bunch of junk generated constantly. I've been unable to find out the cause, as virus/spyware scans have done nothing and there doesn't seem to be much definite information online.

Here's an example of what Wireshark reports:

192.168.1.103 192.168.1.1 TCP 63187 > park-agent [ACK] Seq=669 Ack=208 Win=17312 Len=0

192.168.1.103 is my computer, 192.168.1.1 is the router. The park-agent port appears to be 5421. I downloaded TCPView to see if it could help me find the the source, but I got some pretty vague answers:

[System Process] 0 TCP kchaloux-pc.ne.rr.com 63267 192.168.1.1 5431 TIME_WAIT

I can't query it for any more information than that. I've tried ending the process from within TCPView but it just seems to pop back up. Does anybody know if there's a known cause behind this behavior?

I'm currently running Windows Vista (home).

KChaloux
  • 157
  • 6
  • Have you tried running "netstat -b" as administrator? What does it report? – Tog Apr 23 '11 at 08:08
  • Disinfect your PC, see this...http://superuser.com/questions/100360/what-to-do-if-my-computer-is-infected-by-a-virus-or-a-malware – Moab Apr 23 '11 at 20:17

1 Answers1

0

Running Windows 7? Try disabling the "IP Helper" service and see if it goes away. This is assuming you're not using IPv6 in any way.

LawrenceC
  • 73,030
  • 15
  • 129
  • 214