I'm currently running XP SP3 with MSE, which I haven't booted into for a couple of months. I think this started when I accidentally installed a rougue Adobe Flash update a week or two ago (or the last time I used it), which turned out to be an XP Antivirus 2012 installer.
I Malwarebyte'd it, which seems to have done the trick; as a precaution, I'm letting Malwarebyte run in the background to monitor any traffic - I'm getting a constant stream of blocked incoming / outgoing popups from MB, stemming from around 83.133.(119 | 120 | 124).xxx. According to WhoIs, the IP belongs to 'Greatnet New Media', a German communications company.
Recently, I've also come to notice that if I turn off MB, I start pinging Google with times around 1 - 2k ms (normal is 50 ms), which leads me to believe that there may actually be something else that's the matter.
I ran MSE and MB again - MB came up with a Trojan in \WINDOWS\Temp\. I then ran HijackThis, DDS, and GMER (as per forum suggestions), and have uploaded them to pastebin:
The HJT and DDS logs seems pretty ordinary (msconfig changes were mine, unless I'm overlooking something really obvious) - overall, I'm just puzzled as to what would be causing the ridiculously high ping and the constant stream of blocked IP notifications from MB, though the Trojan from the MB scan does worry me somewhat.
I do run an external hard drive which I can back data into - most of this has already been taken care of, and what's left are programs to be reinstalled in case of catastrophic system failure. I'm dual-booting the computer as a Linux box, so wiping XP is always an option.
Does anyone know what all this means? Grateful that you guys can look this over for / with me. If you have any questions about this, please reply to this post. Thanks!
Edited by mzhang, 13 December 2011 - 06:36 AM.