• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Do I have a trojan?

S

Suspicious-Teach8788

Lifer
I want to start off by saying I'm pretty saavy with software and hardware, so it's not usual for me to get infected. I've been infected once and that was because I downloaded something that looked like an MP3 off of Kazaa. It was a VBS. I knew to delete it right away but instead of a single click + delete, I hit double click and yea.. That was 5 years ago. A quick format fixed things though (thank goodness).


I just reformatted recently because I figured my 1 year old Windows XP is getting a little sluggish and I didnt keep up with my 6 months reformatting standards.

I'm running Kaspersky with a very updated database.

And recently I noticed that while playing Warcraft 3 I get a lot of lagouts. What happens is my network starts going crazy (and it's from my PC). I notice a lot of packets being sent from my end (6000/refresh.. does it refresh every second in the network monitor or what), and so it seems like upstream data only. Nothing is coming back though.

It slows my network access to a crawl and the router seems to get overlaoded too as my laptop cannot access any webpages. Once I pull the plug from my desktop, my laptop works again.

I looked into this by loading up PeerGuardian and I noticed that it comes as a bunch of outward access requests from various ports of my computer trying to go to 1 IP address.

Sounds suspiciously like a trojan.

That IP however is non functional (as in I can't get it to respond to ping requests... but maybe it's just firewalled). Either way I see no response and downstream data from that IP when my network goes haywire. And this can happen maybe 2 - 3 times in a day. Each time the IP is different. It usually goes away on its own too (this massive upstream flow) if I leave it alone.

Sometimes I come back to my computer after a few hours and I see my packets jump up to 3 million, so I know it's done this whole upstream thing a few times.

I installed Adaware and I did a scan. Nothing.
Kaspersky did a system scan and a C: scan. Nothing. I'm not sure about scanning the other 960gb I have, but I'm sure it should be fine.

Bottom line is I just don't want to reformat again after spending so many hours customizing my icons...
 
Kazaa
Click to expand...
Using that adware infected application is not a good idea.
instead of a single click + delete, I hit double click
Click to expand...
Consider using NoScript to prevent this
I looked into this by loading up PeerGuardian and I noticed that it comes as a bunch of outward access requests from various ports of my computer trying to go to 1 IP address.
Click to expand...
Almost sounds like your computer has turned into a Zombie launching DoS attacks, but it seems like it would constantly be doing this rather than just three times a day. What process is eating your CPU up when your network activity spikes?

A few things to try:
[*]Running Mcafee's command line scanner in safe mode
[*]Fully update and run SUPERAntiSpyware and a-squared in safe mode.

Scan everything with Kaspersky and these tools (heuristics, if applicable, maxed out), not just your windows folder.
 
Originally posted by: Muadib
Dude, how the heck can you say your other 960gb are fine if you didn't scan them.😕
Click to expand...

Because those are data drives where my music, movies, tv shows and games go. Almost all installations go into c:, my OS drive. I've scanned both C: and D: my XP and Vista partitions, but now I'll scan everything else for the heck of it.

Scadenfroh: Yeah.. that Kazaa incident is over 5 years old, back on my ancient computer. I was using Windows 98SE or something back then and since then I've reformatted that computer at least a dozen times.

When network activity spikes, nothing eats up my processes. I look it up instantly and I end the ones I deem uneccessary, and I've googled a few of the other processes, and everything looks good.

If I load up PeerGuardian, that thing spikes to 50% as it's trying to list every single network access request.

It may be more than 3 times aday. I first thought my Warcraft 3 was infected with something funny, but when I left my computer on for 6 hours once and came back I found my packets jumped to 3 million. Obviously something's wrong. Anyways it's just periodic.

I've found that disabling my network adapter and then re-enabling it maybe 10 min later or even 5 min later will fix the problem.

I'm scanning with Kaspersky as we speak and I'll let you. I'll run the other applications a little later.

If I can't find anything I'll reformat this weekend. =)
 
DO NOT CROSS POST. This belongs in the security forum, you already started it there, so please monitor that thread (with 7k+ posts you should know better)
 
Originally posted by: DLeRium
I want to start off by saying I'm pretty saavy with software and hardware, so it's not usual for me to get infected. I've been infected once and that was because I downloaded something that looked like an MP3 off of Kazaa. It was a VBS. I knew to delete it right away but instead of a single click + delete, I hit double click and yea.. That was 5 years ago. A quick format fixed things though (thank goodness).


I just reformatted recently because I figured my 1 year old Windows XP is getting a little sluggish and I didnt keep up with my 6 months reformatting standards.

I'm running Kaspersky with a very updated database.

And recently I noticed that while playing Warcraft 3 I get a lot of lagouts. What happens is my network starts going crazy (and it's from my PC). I notice a lot of packets being sent from my end (6000/refresh.. does it refresh every second in the network monitor or what), and so it seems like upstream data only. Nothing is coming back though.

It slows my network access to a crawl and the router seems to get overlaoded too as my laptop cannot access any webpages. Once I pull the plug from my desktop, my laptop works again.

I looked into this by loading up PeerGuardian and I noticed that it comes as a bunch of outward access requests from various ports of my computer trying to go to 1 IP address.

Sounds suspiciously like a trojan.

That IP however is non functional (as in I can't get it to respond to ping requests... but maybe it's just firewalled). Either way I see no response and downstream data from that IP when my network goes haywire. And this can happen maybe 2 - 3 times in a day. Each time the IP is different. It usually goes away on its own too (this massive upstream flow) if I leave it alone.

Sometimes I come back to my computer after a few hours and I see my packets jump up to 3 million, so I know it's done this whole upstream thing a few times.

I installed Adaware and I did a scan. Nothing.
Kaspersky did a system scan and a C: scan. Nothing. I'm not sure about scanning the other 960gb I have, but I'm sure it should be fine.

Bottom line is I just don't want to reformat again after spending so many hours customizing my icons...
Click to expand...

Can you tell what process on that box is generating all the network traffic?
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top