Cannot Disconnect my internet

[lamrinnirmal]

when i try to disconnect my internet (right click->disable) i get the following error:

Quote:

It is not possible to disconnect the connection at this time.This connection may be using one or more protocols that do not support Plug and play, or it may have been initiated by another user or the system account.

since im the only one on my pc , i am always logged on as administrator. does this error then mean that my pc is remotely controlled?
help me out people.

[grinning_devil]

:roll: disconnect my internet ... ??? means disconnecting from modem???

or ru trying to disable LAN connection ???

explain!!! :roll:

[lamrinnirmal]

Quote:

Originally Posted by grinning_devil

explain!!!

i did that buddy
right click-> disable would mean disabling the LAN connection.

[alib_i]

hmmm ..
never seen this kind of error in LAN connections ever ..
next time u get this kind of message ..
go to command prompt and type " netstat -a -n "
and tell the result ..
see if you are connected to some other IP also !!

-----
alibi

[swatkat]

Do u use a FireWall?If so,which one?
Also run a through Spyware/Virus check in the System using tools provided here:-
http://pcf.mundayweb.com/index.php?view=106
Also,u better use Kerio Firewall.
http://www.kerio.com/us/kpf_home.html

[lamrinnirmal]

hi alib_i. this is what i got on runing netstat -a -n

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING
TCP 0.0.0.0:25 0.0.0.0:0 LISTENING
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1028 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3016 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING
TCP 127.0.0.1:3001 0.0.0.0:0 LISTENING
TCP 127.0.0.1:3002 0.0.0.0:0 LISTENING
TCP 127.0.0.1:3003 0.0.0.0:0 LISTENING
TCP 127.0.0.1:3024 0.0.0.0:0 LISTENING
TCP 127.0.0.1:3024 127.0.0.1:3025 ESTABLISHED
TCP 127.0.0.1:3025 127.0.0.1:3024 ESTABLISHED
TCP 127.0.0.1:10025 0.0.0.0:0 LISTENING
TCP 127.0.0.1:10110 0.0.0.0:0 LISTENING
TCP 172.16.34.21:139 0.0.0.0:0 LISTENING
TCP 192.168.0.1:139 0.0.0.0:0 LISTENING
TCP 192.168.0.1:2869 192.168.0.2:1031 ESTABLISHED
TCP 192.168.0.1:3016 192.168.0.2:5000 ESTABLISHED
UDP 0.0.0.0:135 *:*
UDP 0.0.0.0:445 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1027 *:*
UDP 0.0.0.0:3004 *:*
UDP 0.0.0.0:3006 *:*
UDP 0.0.0.0:3017 *:*
UDP 0.0.0.0:3037 *:*
UDP 0.0.0.0:3456 *:*
UDP 127.0.0.1:123 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:2234 *:*
UDP 127.0.0.1:3007 *:*
UDP 127.0.0.1:3011 *:*
UDP 172.16.34.21:123 *:*
UDP 172.16.34.21:137 *:*
UDP 172.16.34.21:138 *:*
UDP 172.16.34.21:1900 *:*
UDP 172.16.34.21:2234 *:*
UDP 192.168.0.1:53 *:*
UDP 192.168.0.1:67 *:*
UDP 192.168.0.1:68 *:*
UDP 192.168.0.1:123 *:*
UDP 192.168.0.1:137 *:*
UDP 192.168.0.1:138 *:*
UDP 192.168.0.1:1900 *:*
UDP 192.168.0.1:2234 *:*

all of em look familiar to me. i ran the command without any windows or p2p program running.
@swatkat : do you think a firewall would solve the problem or it would prevent it in the future. anyways im getting one. black ice is really good i heard. thanks.

[alib_i]

lamrinnirmal,
actually, i was hoping that this way i could find some application which is using your network connection .. and thereby not allowing it to be stopped ..
but im not able to see anything fishy here ...

well can u do one more thing plz .. if u care
next time .. try .. "netstat -n -a -o"
this will display ProcessID of each application using the TCP connections ..
compare this ProcessID with those displaying in Task Manager ( assuming winxp )
ProcessID is displayed in Processes Tab .. u gotta tick it in View->Select Columns

see if this can give any productive results ..

PS: u seems to be running an FTP server, HTTP server and SMTP server. I hope you know that already.

[EDIT]
wht's this ->
TCP 127.0.0.1:3024 127.0.0.1:3025 ESTABLISHED
TCP 127.0.0.1:3025 127.0.0.1:3024 ESTABLISHED
and this
TCP 192.168.0.1:2869 192.168.0.2:1031 ESTABLISHED
TCP 192.168.0.1:3016 192.168.0.2:5000 ESTABLISHED
( talking to someone on YMessenger eh? )

-----
alibi

[lamrinnirmal]

@alib_i: dude this is even more crazy. im sure someone is lurking around in my comp!!
netstat -n -a -o
Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 516
TCP 0.0.0.0:25 0.0.0.0:0 LISTENING 516
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 516
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1076
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 516
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING 1124
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING 516
TCP 0.0.0.0:1034 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING 1316
TCP 0.0.0.0:3115 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3153 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3155 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3258 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3276 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3325 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3372 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3465 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3551 0.0.0.0:0 LISTENING 1316
TCP 0.0.0.0:3562 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3634 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3649 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3658 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3661 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3678 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3698 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3744 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3760 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3784 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3804 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3898 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3906 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:3909 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4147 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4162 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4204 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4235 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4303 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4369 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4387 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4409 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4466 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4583 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4603 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4642 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4654 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4806 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4842 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4869 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:4977 0.0.0.0:0 LISTENING 2040
TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING 1316
TCP 127.0.0.1:3001 0.0.0.0:0 LISTENING 272
TCP 127.0.0.1:3002 0.0.0.0:0 LISTENING 1124
TCP 127.0.0.1:3003 0.0.0.0:0 LISTENING 1124
TCP 127.0.0.1:3147 127.0.0.1:3146 TIME_WAIT 0
TCP 127.0.0.1:10025 0.0.0.0:0 LISTENING 200
TCP 127.0.0.1:10110 0.0.0.0:0 LISTENING 200
TCP 172.16.34.21:139 0.0.0.0:0 LISTENING 4
TCP 172.16.34.21:3115 68.203.219.36:6348 CLOSING 2040
TCP 172.16.34.21:3153 141.149.239.69:6346 FIN_WAIT_1 2040
TCP 172.16.34.21:3155 65.69.98.52:6346 CLOSING 2040
TCP 172.16.34.21:3162 130.94.75.250:80 TIME_WAIT 0
TCP 172.16.34.21:3163 130.94.75.250:80 TIME_WAIT 0
TCP 172.16.34.21:3165 207.150.167.190:80 TIME_WAIT 0
TCP 172.16.34.21:3258 84.119.142.71:6346 CLOSING 2040
TCP 172.16.34.21:3276 80.57.184.242:6346 CLOSING 2040
TCP 172.16.34.21:3325 172.202.69.253:6348 CLOSING 2040
TCP 172.16.34.21:3372 141.149.239.69:6346 CLOSING 2040
TCP 172.16.34.21:3465 84.119.142.71:6346 CLOSING 2040
TCP 172.16.34.21:3562 80.57.184.242:6346 CLOSING 2040
TCP 172.16.34.21:3634 82.32.227.28:6348 CLOSING 2040
TCP 172.16.34.21:3649 172.202.69.253:6348 CLOSING 2040
TCP 172.16.34.21:3658 80.57.184.242:6346 CLOSING 2040
TCP 172.16.34.21:3661 81.103.18.21:6346 CLOSING 2040
TCP 172.16.34.21:3678 68.96.218.220:6346 CLOSING 2040
TCP 172.16.34.21:3698 63.245.33.59:6348 CLOSING 2040
TCP 172.16.34.21:3744 138.130.158.143:6346 CLOSING 2040
TCP 172.16.34.21:3760 24.179.16.161:6350 CLOSING 2040
TCP 172.16.34.21:3784 24.160.184.110:6348 CLOSING 2040
TCP 172.16.34.21:3804 62.195.123.75:6346 CLOSING 2040
TCP 172.16.34.21:3898 65.69.98.52:6346 FIN_WAIT_1 2040
TCP 172.16.34.21:3906 84.119.142.71:6346 CLOSING 2040
TCP 172.16.34.21:3909 80.57.184.242:6346 CLOSING 2040
TCP 172.16.34.21:4147 84.119.142.71:6346 CLOSING 2040
TCP 172.16.34.21:4162 80.57.184.242:6346 CLOSING 2040
TCP 172.16.34.21:4204 81.103.18.21:6346 CLOSING 2040
TCP 172.16.34.21:4235 84.119.142.71:6346 FIN_WAIT_1 2040
TCP 172.16.34.21:4303 4.238.139.225:6346 CLOSING 2040
TCP 172.16.34.21:4369 141.149.239.69:6346 CLOSING 2040
TCP 172.16.34.21:4387 141.149.239.69:6346 CLOSING 2040
TCP 172.16.34.21:4409 209.239.5.77:6346 CLOSING 2040
TCP 172.16.34.21:4466 209.239.6.130:6346 CLOSING 2040
TCP 172.16.34.21:4583 24.156.254.163:6346 CLOSING 2040
TCP 172.16.34.21:4603 84.119.142.71:6346 CLOSING 2040
TCP 172.16.34.21:4642 141.149.239.69:6346 CLOSING 2040
TCP 172.16.34.21:4654 80.57.184.242:6346 CLOSING 2040
TCP 172.16.34.21:4806 209.239.6.130:6346 FIN_WAIT_1 2040
TCP 172.16.34.21:4842 172.202.69.253:6348 CLOSING 2040
TCP 172.16.34.21:4869 84.119.142.71:6346 FIN_WAIT_1 2040
TCP 172.16.34.21:4977 209.239.6.130:6346 FIN_WAIT_1 2040
TCP 192.168.0.1:139 0.0.0.0:0 LISTENING 4
TCP 192.168.0.1:3551 192.168.0.2:5000 ESTABLISHED 1316
UDP 0.0.0.0:135 *:* 1076
UDP 0.0.0.0:445 *:* 4
UDP 0.0.0.0:500 *:* 912
UDP 0.0.0.0:1032 *:* 516
UDP 0.0.0.0:1039 *:* 1124
UDP 0.0.0.0:3004 *:* 1284
UDP 0.0.0.0:3006 *:* 1124
UDP 0.0.0.0:3415 *:* 1284
UDP 0.0.0.0:3416 *:* 1284
UDP 0.0.0.0:3417 *:* 1284
UDP 0.0.0.0:3456 *:* 516
UDP 0.0.0.0:4052 *:* 1284
UDP 0.0.0.0:4157 *:* 1284
UDP 127.0.0.1:123 *:* 1124
UDP 127.0.0.1:1900 *:* 1316
UDP 127.0.0.1:2234 *:* 1124
UDP 127.0.0.1:3007 *:* 1124
UDP 127.0.0.1:3012 *:* 1124
UDP 127.0.0.1:3015 *:* 1868
UDP 172.16.34.21:123 *:* 1124
UDP 172.16.34.21:137 *:* 4
UDP 172.16.34.21:138 *:* 4
UDP 172.16.34.21:1900 *:* 1316
UDP 172.16.34.21:2234 *:* 1124
UDP 192.168.0.1:53 *:* 1124
UDP 192.168.0.1:67 *:* 1124
UDP 192.168.0.1:68 *:* 1124
UDP 192.168.0.1:123 *:* 1124
UDP 192.168.0.1:137 *:* 4
UDP 192.168.0.1:138 *:* 4
UDP 192.168.0.1:1900 *:* 1316
UDP 192.168.0.1:2234 *:* 1124

[beaditya]

save me from all these numbers!!


hey alibi can u "pm " me some of the commands which we can use like the ones u'v given above


to ping someone, to find out if our provider has disabled our account.......................coz my service really pisses me off.............and i thnk my service provider disables accounts to use the band for himself in the late nights


plz help

[alib_i]

@nirmal
wht the heck ..
wht is this process no. 2040
it has something like 50 connections ( or more )
I think u got a spyware or something ..
Just do that netstat -n -a -o once again ..
and see wht is this process which is eating your connections
( compare the PID from task manager to see which process is this )

@aditya
its just windows xp's own commands
nothing new .
and im not aware of any command which can tell whether your account has been disabled..
anybody wud like to help me here!!!


-----
alibi

[digen]

Quote:

PS: u seems to be running an FTP server, HTTP server and SMTP server. I hope you know that already.

What made you say this alib_i?

If this is what you are referring to...

Code:

 TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 516
TCP 0.0.0.0:25 0.0.0.0:0 LISTENING 516
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 516

Please do correct me if I'm wrong but I believe even though these addresses along with their respective ports are under the "Listening" state[which clearly states that its acting as a "server" under TCP/IP semantics] the address 0.0.0.0 is a non-functional address w.r.t the internet.
Client/server model cant have a possible 3 way handshake with this as a IP address.Moreover the range from 0.0.0.0-0.255.255.255.

I'll try digging up a RFC & post the equivalent rfc number here when I find one.

Although netstat does a pretty good job of mapping ports to application I prefer to use Fport.Which virtually does the same job but with a bit of ease & functionality.

I would suggest the original poster to issue netstat/fport when you connect to the internet without having any services running i.e browser,chat apps.

This will rule out safe connections from any malicious connections like a trojan listening to a particular port,or a server which you have unknowingly started like IIS by default.
Oh btw keep the firewall enabled or if you dont have one get one.

[alib_i]

Quote:

Originally Posted by digen verma

Quote:

What made you say this alib_i?

If this is what you are referring to...

Code:

 TCP 0.0.0.0:21 0.0.0.0:0 LISTENING 516
TCP 0.0.0.0:25 0.0.0.0:0 LISTENING 516
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 516

Please do correct me if I'm wrong but I believe even though these addresses along with their respective ports are under the "Listening" state[which clearly states that its acting as a "server" under TCP/IP semantics] the address 0.0.0.0 is a non-functional address w.r.t the internet.
Client/server model cant have a possible 3 way handshake with this as a IP address.Moreover the range from 0.0.0.0-0.255.255.255.

exactly....
rule of thumb ..
Listening on port 21 :: Running a FTP Server
Listening on port 25 :: Running a SMTP Server
Listening on port 80 :: Running a HTTP Server
( knowingly or unknowingly )
I can also see that he has File and Printer Sharing Enabled ( port 445 ) and HTTPS enabled ( port 443 )

-----
alibi