Internet lag, overwhelming TIME_WAIT

For the past two months, I've dealt with some major slowdown to my internet. It seems to be pretty random, though it also seems to be 'triggered' by something. It won't happen while I'm off doing something like playing a game, but when I make new and different connections. Sometimes, I can go an entire day without the problem, other days I am hit multiple times by the lag, and as of today (hence becoming fed up and looking for support) I have been hit constantly. The lag comes on suddenly, Youtube videos buffer slowly, images slowly pop up, and my latency or ping in online video games spike to 800 to 900 where they are usually 80.

For history, I have a pretty terrible local internet service provider. I get pretty good and expected latency or ping to local servers at 30-40ms, Texas servers give me 70-80, Cali servers give me 80-100. European servers give me an expected 100-150, and Russian/Asian servers return 200's. Again, these are expected. However, my internet has the tendency to randomly 'disconnect' for approximately 20 seconds, then reconnect. How often it does this is random, as well. Some days, I deal with it a ton, others, I rarely deal with it. Also, my internet does not fare well with routers. When two computers are using the internet connection, my latency jumps to 300-500 (sometimes 900-1000 when people are downloading large files or browsing, say, YouTube), occasionally settling to 160 where my game runs extremely choppy. The disconnects are more frequent when the router is in use, as well. These 'exaggarated' pings are to a server in Texas.

Though, this specific problem I'm having has never happened before. I can deal with my terrible internet service by dividing up time; browsing the internet is no problem with me, and when the router is no longer in use; I can play my games with little problem. But, this new problem has made that impossible! Even when the router is free, I struggle just to browse the internet. For more history, two or three days ago I was hit by a Trojan through my web browser (Opera). I did a ton of scans (Ad-Aware, AVG, HijackThis, RootRepeal) and my machine appears to be free of infections after I manually deleted some UACD* rootkit files, cleared some infection from my registry, and so on. (Though, RootRepeal still lists 'UACD*.sys' as a 'Hidden Service'. Should I worry?) This trojan only disabled my security service in Vista. I was able to reactivate it, and it's been doing fine ever since. Again, complete scans of my system show that I am infection-free. UACD*.sys is listed in 'Hidden Services' in RootRepeal, but someone told me UACD*.sys (while it could be a trojan) is most likely Account Control for Windows Vista.

Remember, though, that this problem has persisted long before this trojan, but as of lately it has been absolutely worse. It began (the problem in general) after I installed a game called Call of Duty 4, which I had purchased through Steam (A legitimate service that sells games digitally). In addition to game files, the installation also installed a service called Punkbuster; the anti-cheat that prevents people from cheating/hacking/exploiting/etc in game. Before this installation, I had no internet problems (except for bad quality internet), so I drew my assumption that "It has to be punkbuster". While I did cancel Punkbuster's processes through my Task Manager, the problem persisted. I have yet to try and disable Punkbuster through-and-through with MSCONFIG, though I will try after this post is confirmed. (A problem exists with disabling this, as I will no longer be able to play a few games that rely on Punkbuster to provide anti-cheat. This would only be a problem if I figured Punkbuster to be the cause of slowdown.) Yes, anyway..

On another forum, I was told to use a command in command prompt called NETSTAT. I was told it would list all active connections to my machine. So, immediately, I opened up cmd prompt the day I was shown the command, and typed it in. Considering a few internet programs were open and my web browser, I was given a small list of connections. Nothing out of the oridinary! Later in the day, when my internet began to slow down, despite the router being free and no downloads taking place, I returned to NETSTAT, where I was flooded with connections by my own computer: "Casey-PC:*" where * was a random port, usually between 600-700. These connections, in the TIME_WAIT or CLOSE_WAIT status seemed to have been 'stuck', though there were only five to ten of them. After four minutes, the duration for a TIME_WAIT connection, the TIME_WAIT was still hanging. I did some searching amongst the lag and some people told me it was Vista's native Firewall slowing my computer down, as it would take a slow time 'testing' connections, often leaving some to 'hang'. I disabled my Firewall, and while the probem seemed to have gone away, within a few hours it was back. The only temporary fix was to restart my machine, thus cancelling all connections to my individual machine.

That temporary fix, however, is no longer useful. Today, I woke up and turned on my computer. The instant I made a connection to one of my frequently browsed websites, my internet began to slow horribly. I netstat'd as I had become so used to, and realized I was being hit with the dreaded TIME_WAITs again. To my surprise, there were literally a hundred of them now. All of them with a foreign address of my own computer: "Casey-PC:*". It would usually only display ten at most, but now the command prompt was overwhelming with TIME_WAITs. I restarted my machine, but the second I made another connection, the TIME_WAITs reappeared. I have restarted three times now, and the SECOND I make any connection, it generates a large number of TIME_WAITs, from my computer, to my computer.

So, what's the deal? Does anyone have any suggestions for a fix or a guess at what might be the problem? Sorry for the wall of text, but I'm really annoyed by this problem. I wanted to pack as much detail into this thread as possible, as well as some history, so you know what I've had to deal with. I'm going to go disable Punkbuster now, and see if that is the problem. Thanks,

 

I decided to edit my post, as the first is a little messy. Here is the revision:

To begin, I would like to offer you some history of my internet and its performance. My internet service provider is local, and thus with such cheap prices and a name that isn't so popular, comes terrible download speeds (170kb/s is the max I have reached in years of using this service) instability (Internet dies randomly during the day, waits 20 seconds, reconnects) and a small amount of bandwidth (Two computers on router leaves me at 300-500 ping in most video games, making it unplayable). I have learned to deal with these problems, to divide time amongst router usage, and to simply reconnect to my games when the internet's up-time hits a low.

Two months ago, after a purchase of Call of Duty 4, the installation process also installed a service called Punkbuster. From this day on, I have been experiencing this problem. Whether it is a coincidence or the problem is connected to this action; I am unsure. To be specific on the problem, randomly during my overall experience, I would experience immense slowdown. Games would ping me at 300-500 to local servers, browsing the internet was terribly slow, and so on. The only fix I knew, at the time, was to restart my machine. From a fresh restart, I could go a few hours before the problem came back up. It would almost always happen immediately after closing the game I had purchased, which supported my assumption of it being Punkbuster. While I have never truely disabled Punkbuster, I have cancelled it via Task Manager. I should probably try to disallow it through Msconfig.

I was told of a comand prompt command called 'netstat' and began to use it religiously during the day and night, popping up command prompt and typing it in during the slowdown. Always, there were ten or more connections from my local computer.. to my local computer ("Casey-PC:*") where * was a port usually three digit and between 600-700, in the TIME_WAIT status. The only thing I could do at the time was restart my computer, playing amongst general bad quality internet until the problem returned, never when I was in game, but once I had closed and went about my business. I have since uninstalled the game, but the problem persists. The service, Punkbuster, which I forgot to mention is a program designed to stop cheaters/hackers/exploiters from ruining the game experience, has been used since then by quite a few games on my machine that rely on it.

For more history, I was hit by a trojan four days ago. This was from browsing a very 'sketchy' site that has been listed as an attack site by Google on many occasions. However, this site is legitimate in its use and theory, and I've downloaded from it with no problem. It is just a major target of attacks. The trojan was not from a download. I was attacked through my web browser, presented a fake Windows Security service in my Systray, and I paniced. I scanned my system, removed some bad registry features, manually deleted some UACD* files from my System folder (though one UACD*.sys still, to this day, shows up as a 'hidden service' by RootRepeal. Should I be worried? I was told there's at least one legitimate UACD file for Account Control in Vista) So on and so on, I am said to be free of infection by Ad-Aware and AVG Virus Scanner. HijackThis doesn't return any services or processes that seem suspicious, though the RootRepeal thing worries me. For now, I presume myself to be clean.

Today, the slowdown has been unbelieveable. Even a restart does nothing, and the TIME_WAITs are being presented to me in the hundreds. I was told that this could be the native Vista firewall, so I disabled that. Still, the problem persists. Every time I make a connection to the internet, I am absolutely bombarded with these TIME_WAIT connections. I have only been connected to this site in the ten or so minutes it has taken me to write this message, I have not refreshed the page, and yet the TIME_WAITs are sitting in my active connections, hanging there, as they have been for that time. They are supposed to disconnect after four minutes, I am told. So, what do you think the problem is? What suggestions are there for fixes? Last, what about that UACD file RootRepeal keeps announcing to me? I can not 'wipe it' nor 'delete it' through RR because the 'File can not be found on disk.' Thanks for your time, and sorry for the wall of text.

EDIT: There are only a few TIME_WAITS now. Five of the connections to Casey-PC:* have been established, and five of them are in waiting. Perhaps this is my connection to this site? Though, what would explain the overwhelming TIME_WAITs when I make the initial connection to one website? Why are these TIME_WAITs lagging me?

 

I disabled Punkbuster Anti-Cheat through MSConfig. This seems to have stopped the problem, I would guess. All of the active connections through Netstat (of which four are to my own computer, I think "Casey-PC:*") are established, none of them in TIME_WAIT, none of them hanging. I will spend the rest of the day testing my connection through netstat. It would be nice if I have figured out the problem, but not so nice that my favorite games require this service to be running to enjoy them. I guess that's their problem, and I'll take it up with them. The idea of disabling it through MSCONFIG came to me while writing this thread; sorry for not trying beforehand. If the problem is resolved, I guess the question could be 'cut' down to whether the UACD*.sys file being shown by RootRepeal in 'Hidden Services' is a problem.