Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible infection effecting browser speeds?


  • Please log in to reply
3 replies to this topic

#1 mrbrick

mrbrick

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:08 AM

Posted 27 December 2011 - 12:38 PM

I was recently running through a huge crunch at work and not spending much time at home. One of the people I live with, their lap top broke and it looks like they switched over to using my work machine while I was doing 12 hour days in the office. I noticed they had downloaded some torrents from places I would never go to which was my first clue something was wrong.

I noticed that the internet on this machine had become incredibly slow- but only in bursts. It will not be able to load a page for 10 or so minutes- then everything will be lightning fast 5. Repeat.

I figured it could have been an ISP problem, phoned them to find out something interesting. I get my internet from a service that rents the lines form a major ISP. That major ISP had randomly downgraded my speeds to 2mb down (should be 7) and barely 100k up. They fixed the problem but my start/stop internet still seems to be happening. The other lap top I have is fine. Ive noticed too that my FTP file transfering doesn't seem to be effected.

I have Microsoft Security Essentials running, Spybot S&D and Malware bytes and Hi Jack This. Ive run each of them but nothing was really found. EDIT: forgot to mention I did these scans after updating the definitions and booting up in safe mode.

I feel like this machine is infected- but the infection is evading my attempts to find it.

Im running Win7 64bit and can post a log from any of the above programs no problem.

Could anyone help me figure out the source of this problem?

Edit: Moved topic from AntiVirus, Firewall and Privacy Products and Protection Methods to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:08 PM

Posted 27 December 2011 - 10:51 PM

Before doing anything further, if you have not already done so, you should back up all your important documents, personal data files and photos to a CD or DVD drive as some infections may render your computer unbootable during or before the disinfection process. If that occurs there may be no option but to reformat and reinstall the OS or perform a full system recovery. The safest practice is not to backup any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.


I noticed they had downloaded some torrents from places I would never go to which was my first clue something was wrong.

Did you remove them? If not, please do so. You should be able to uninstall all of them from Programs and Features in Windows 7.

I did these scans after updating the definitions and booting up in safe mode.

IMPORTANT NOTE: Scanning with Malwarebytes Anti-Malware in safe or normal mode will work but removal functions are not as powerful in safe mode. Why? Malwarebytes is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, Malwarebytes loses some effectiveness for detection & removal when used in safe mode because the program includes a special driver which does not work in safe mode. Further, scanning in safe mode prevents some types of malware from running so it may be missed during the detection process. For optimal removal, normal mode is recommended so it does not limit the abilities of Malwarebytes but sometimes there is no alternative but to do a safe mode scan. If that is the case, after completing a safe mode scan, reboot normally, update the database definitions through the program's interface (preferable method) and try rescanning again.

Please download and scan with the Kaspersky Virus Removal Tool from one of the links provided below and save it to your desktop.
Link 1
Link 2
Link 3Be sure to print out and read the instructions provided in:How to Install Kaspersky Virus Removal Tool
How to use the Kaspersky Virus Removal Tool to automatically remove viruses
  • Double-click the setup file (i.e. setup_9.0.0.722_22.01.2010_10-04.exe), select your language and install the utility.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • At the 'Setup page', click Next, check the box to accept the license agreement and click Next twice more to extract the required files.
  • Setup may recommend to scan the computer in Safe Mode. Click Ok.
  • A window will open with a tab that says Autoscan. Click the green Start scan button on the Autoscan tab in the main window.
  • If malware is detected, you will see the Scan Alert screen.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • After the scan finishes, if any threats are left unneutralized in the Scan window (Red exclamation point), click the Neutralize all button.
  • Place a checkmark in the Apply to all box, and click Disinfect if the button is active.
  • If advised that a special disinfection procedure is required which demands system reboot, click the Ok button to close the window.
  • In the Scan window click the Reports button, choose Critical events and select Save to save the results to a file (name it avptool.txt).
  • Copy and paste the report results of any threats detected. Do not include the longer list marked Events.
  • When finished, follow these instructions on How to uninstall Kaspersky Virus Removal Tool 2011.
-- If you cannot run this tool in normal mode, then try using it in "safe mode".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 mrbrick

mrbrick
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:08 AM

Posted 28 December 2011 - 12:41 AM

Awesome.

Thank you for the info on Malware Bytes. Very informative.

I have already deleted the stuff that he had downloaded onto my machine. He didn't install anything.

While installing Kaspersky warned me that 2 files were password protected- which were its installers that I had just downloaded. Seemed a little odd.

I just finished the scan and found... nothing.

Is there a chance this isn't malware related at all?

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:08 PM

Posted 28 December 2011 - 08:16 AM

Is there a chance this isn't malware related at all?

Hard to tell for sure without further investigation.

Of course you could always try using Windows 7 System Restore to return to a previous state before the folks you lived with messed with the computer and problems began?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users