not sure if i have a virus..

**PAINTITGOLD** · October 14th, 2011, 08:52 PM

i downloaded malware bytes and got rid of two different malware

http://www.besttechie.net/2009/08/05/ma ... rotection/

i get the second screenshot when opening streams and stuff, not sure if i'm infected or my internet has just been sucking. anyone else have experience with this?

i think that my monthly bandwidth limit was raped by a trojan i got somehow, which has totally fucked my internet speed and now i can't watch any MLG which is pretty shitty, but oh well

http://www.speedtest.net/result/1535614108.png

the download speed and upload speed are both pretty raped, they're both usually quite higher, i'm not entirely sure what happened

**nitestryker** · October 14th, 2011, 09:10 PM

usual questions:

torrents?
streaming services?

If it is a trojan, maybe try doing a blanket port blocking and only opening specific ports. If that still doesnt work, try avast, its free and i've always found it to be a pretty good antivirus

If all else fails, reformat

**NengLM** · October 14th, 2011, 10:57 PM

ad-aware. i believe that was the program i use to use. works like a charm everytime.
slows ur computer a shit ton tho, then again that was back in the 512mb ram days

**drmaul** · October 14th, 2011, 11:01 PM

MalwareBytes was the correct choice. But yeah, try Avast or Microsoft Security Essentials. If you want, give me a HijackThis log and I'll take a look at it.

**ironstove** · October 14th, 2011, 11:02 PM

avast

**PAINTITGOLD** · October 14th, 2011, 11:10 PM

Originally Posted by drmaul

MalwareBytes was the correct choice. But yeah, try Avast or Microsoft Security Essentials. If you want, give me a HijackThis log and I'll take a look at it.

i was actually looking into doing this, but they said they wouldn't look at it if i had pirated the program or have any signs of pirating / utorrent, so that was ruled out quick. i'd appreciate if you could in some spare time of yours

have avast, i'll do another scan

i think it's probably just my ISP being shitty

**drmaul** · October 14th, 2011, 11:14 PM

Hmm, quickly go pirate dumeter or something and see if your bandwidth is being used. And I assume you share your internets? Make sure no one is using your wireless if it's turned on.

And.. what ISP? Go call em up to see if there are any reported issues in your area.

And seriously, you really don't need malware bytes' realtime protection. Turn that off. Just scan regularly.

**PAINTITGOLD** · October 14th, 2011, 11:34 PM

Ok I turned off the protection and realized that when i get the messages about my IP being infected, it's because of other people connecting in the same area

theres 2 other connections that come on/off frequently, 1 being a router that i know of. (because of the name linksy) my router is completely protected, so they aren't connecting with it. i read about radio frequencies and how the closeness of the channel can affect speed. (i'm fairly certain i used to disconnect every once in a while when these routers connected. i downloaded the program inSSIDer 2, my two neighbours i assume are on channels 5 and 6, whereas i'm on channels 3 and 7. does the separation of channels or channels in general matter? i would assume if you were on the same channel it would, but since we aren't, from my understanding it doesn't affect it.

also from the DU meter i don't know how to judge this, it's just fluctuating at very low rates, i.e 30 KBPS to 350KBPS tops(rarely that high, download drops to 0 frequently, averages 50-150kbps)

i'm very appreciative for your help. thank you.

**NengLM** · October 14th, 2011, 11:34 PM

i hate isp these days, they're starting to block certain websites.

**PAINTITGOLD** · October 14th, 2011, 11:39 PM

oh yeah i forgot about the stopwatch i started 15 minutes ago.

lemme take a ss

**drmaul** · October 14th, 2011, 11:45 PM

All looks normal...

**PAINTITGOLD** · October 14th, 2011, 11:47 PM

yeah, i guess i'm kind of internet spoiled, lol

i could run the MLG quad stream with ease if my internet was the way it usually is

thanks for the help, i'll give my ISP a call tomorrow and see what's up.

**m0rphl1ng** · October 14th, 2011, 11:50 PM

If you think you might be infected, can you upload a HijackThis log, or an autoruns log?

**PAINTITGOLD** · October 15th, 2011, 12:15 AM

ogfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:14:29 AM, on 10/15/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AIM\aim.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\PROGRA~2\DUMETE~1\DUMeter.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Users\Josh\Downloads\HiJackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Josh\AppData\Local\Google\Update\GoogleU pdate.exe" /c
O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - Startup: My_AutoWarkey_Script.lnk = C:\Program Files (x86)\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9195 bytes

look out for aids and gay porn

both run rampant in my computer (no homo)

**mikey** · October 15th, 2011, 12:55 AM

damn josh, day1 was sick sucks u missed it yo

**carebear33** · October 15th, 2011, 07:49 AM

well if you reinstall windows and the problem continues you can rule out everything except ur isp/router being shitty, besides i think its a good idea to reinstall windows every now and then anyway, i used to do it like every 6 months with XP

**m0rphl1ng** · October 15th, 2011, 08:42 AM

Originally Posted by PAINTITGOLD

ogfile of Trend Micro HijackThis v2.0.4

Your HJT log looks clean. I'm actually impressed you knew what I was talking about/were able to do it. Most people on here have no clue.

Can you try streaming from another computer? If it happens on that computer as well, you know it's something from the router outwards.

Can you try to replicate the issue using a proxy?

Can you boot to a Windows RE and from command prompt run bootrec /fixmbr

Can you try resetting your router? Or even upgrading the firmware or installing DD-WRT?

**NInjaC** · October 15th, 2011, 09:09 AM

The simplest thing is to call up your provider and ask if they capped it then request a uncap. iF your using a service that guarantees no cap such as fios then you need to check and run a scan on your torrents as its possible that your computer is a zombie.
Being a zombie is only harmful to internet speed when its being used.

**InPhInItY_** · October 15th, 2011, 09:48 AM

just torrent AVG or something

**m0rphl1ng** · October 15th, 2011, 09:54 AM

Originally Posted by carebear33

well if you reinstall windows and the problem continues you can rule out everything except ur isp/router being shitty, besides i think its a good idea to reinstall windows every now and then anyway, i used to do it like every 6 months with XP

Actually, not only is this untrue, but also if you're not a retard you shouldn't be fucking up your OS to begin with.

Thread: not sure if i have a virus..

Thread Tools

Search Thread

not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Re: not sure if i have a virus..

Posting Permissions