Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus eating my data/bandwidth


  • Please log in to reply
1 reply to this topic

#1 CharisaL

CharisaL

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 21 August 2017 - 12:11 PM

There is a virus, malware or something chewing at my data/bandwidth for the last two months now.

 

Last month I noticed the data usage being abnormally high, but thought it might be us being browser happy. But this month it depleted even faster, though we did even less. Our 40GB is already depleted and I am using out of bundle data to post to this forum.

 

We've also noticed constant dips in our connection, where it disconnects completely, and then reconnects after a few seconds. The router itself disconnects completely (red light) or partially (flashing green light) before reconnecting. I checked our Router logs, but it did not deliver much accept for the confirmation of our dips in connectivity.

 

When we noticed the high usage, we changed the password to the wifi router, and only reconnected one PC and one phone. However, the data usage climbed.

 

Upon checking our computer's data usage, it shows only 11.84GB usage over the last 30 days, which includes half of last month, and thus it can be divided in half for this month's usage. 

 

We have a paid version of BitDefender installed and I ran all the available scans, with no threats detected. I also ran Malwarebytes but it detected nothing as well.

 

My computer is definitely slowing down, which is why I am certain it is not a network issue, but a virus/mwalware or something.

 

Could something be dipping my internet and using my data remotely? Is there any other possible explanation or scan or fix that I can try?

 

Herewith the router log:

[Admin login] from source 10.0.0.5, Monday, Aug 21,2017 19:20:07

[UPnP set event: Public_UPNP_C5] from source 10.0.0.5, Monday, Aug 21,2017 19:19:02

[DHCP IP: (10.0.0.5)] to MAC address F4:06:69:4A:5A:BA, Monday, Aug 21,2017 19:19:00

[DOS Attack] : 1 [FIN Scan] packets detected in last 20 seconds, source ip [216.58.223.46]. Monday, Aug 21,2017 19:08:12

[Internet connected] IP address: 105.186.230.163, Monday, Aug 21,2017 19:07:47

[Internet disconnected] Monday, Aug 21,2017 19:07:34

[UPnP set event: Public_UPNP_C5] from source 10.0.0.5, Monday, Aug 21,2017 18:54:19

[DHCP IP: (10.0.0.5)] to MAC address F4:06:69:4A:5A:BA, Monday, Aug 21,2017 18:54:16

[Internet connected] IP address: 105.225.119.15, Monday, Aug 21,2017 18:49:04

[Internet disconnected] Monday, Aug 21,2017 18:48:51

[Internet connected] IP address: 105.186.97.190, Monday, Aug 21,2017 18:30:22

[Internet disconnected] Monday, Aug 21,2017 18:30:09

[Internet connected] IP address: 105.224.233.153, Monday, Aug 21,2017 18:11:39

[Internet disconnected] Monday, Aug 21,2017 18:11:26

[Internet connected] IP address: 105.225.117.173, Monday, Aug 21,2017 17:52:27

[Internet disconnected] Monday, Aug 21,2017 17:52:13

[DOS Attack] : 1 [ACK Scan] packets detected in last 20 seconds, source ip [216.58.223.2]. Monday, Aug 21,2017 17:34:51

[Internet connected] IP address: 105.186.96.46, Monday, Aug 21,2017 17:33:44

[Internet disconnected] Monday, Aug 21,2017 17:33:31

[DHCP IP: (10.0.0.4)] to MAC address F4:06:69:1F:81:A0, Monday, Aug 21,2017 17:18:25

[Internet connected] IP address: 105.186.97.199, Monday, Aug 21,2017 17:14:02

[Internet disconnected] Monday, Aug 21,2017 17:13:48

[Internet connected] IP address: 105.186.210.53, Monday, Aug 21,2017 16:54:49

[Internet disconnected] Monday, Aug 21,2017 16:54:36

[DHCP IP: (10.0.0.4)] to MAC address F4:06:69:1F:81:A0, Monday, Aug 21,2017 16:51:48

[DOS Attack] : 3 [FIN Scan] packets detected in last 20 seconds, source ip [216.58.223.4]. Monday, Aug 21,2017 16:38:40

[DOS Attack] : 1 [FIN Scan] packets detected in last 20 seconds, source ip [216.58.223.4]. Monday, Aug 21,2017 16:38:08

[Time synchronized with NTP server] Monday, Aug 21,2017 16:37:34

[Internet connected] IP address: 105.225.78.81, Monday, Aug 21,2017 16:36:21

[DHCP IP: (10.0.0.3)] to MAC address 84:9F:B5:68:1D:B0, Monday, Aug 21,2017 16:36:05

[Initialized, firmware version: V1.0.0.55_1.0.55] Monday, Aug 21,2017 16:35:58

[System boot up] Monday, Aug 21,2017 16:35:58

 

Help would be soooo appreciated!!!


Edited by hamluis, 21 August 2017 - 12:39 PM.
Moved from MRL to Am I Infected, no logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 JoshRoss

JoshRoss

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:07:45 PM

Posted 22 August 2017 - 07:40 AM

Malware that depletes internet data? Interesting, haven't seen this one. What have you tried doing to fix the issue? 

 

In any case, check your running applications and processes? You could even try sys.internal process explorer to check fully what causes bandwidth usage. Are you certain that no one else is using the data? Torrents or something similar?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users