1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

HJT logfile please help me diagnose

By RyanGentleman · 12 replies
Apr 20, 2013
  1. Hello,

    So I've noticed my bandwidth is really low and my C always shortens on disc space every few mins when I'm online,I've tried all possible anti malware programs with no help,so HJT and you guys are my last resort cause it's really important to me that I don't have to format my C,so here's the logfile and thank you in advance!


    [HJT log removed by Broni]
  2. Broni

    Broni Malware Annihilator Posts: 53,874   +370

    Welcome aboard [​IMG]

    Please, complete all steps listed here: https://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
  3. RyanGentleman

    RyanGentleman TS Rookie Topic Starter


    Sorry I thought only HJT logfile was enough,anyways I have the logs u asked for..

    Malwarebytes Log file

    Malwarebytes Anti-Malware

    Database version: v2013.04.20.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 8.0.7601.17514
    Ryan :: RYANPC [administrator]

    4/20/2013 9:11:23 PM
    mbam-log-2013-04-20 (21-11-23).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 237677
    Time elapsed: 2 minute(s), 38 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)


    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.17.2
    Run by Ryan at 21:18:48 on 2013-04-20
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8190.6118 [GMT 3:00]
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    ============== Running Processes ===============
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Vtune\TBPANEL.exe
    C:\Program Files (x86)\Samsung\Kies\Kies.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    F:\League of Legends\RADS\system\rads_user_kernel.exe
    F:\League of Legends\RADS\projects\lol_launcher\releases\\deploy\LoLLauncher.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    F:\League of Legends\RADS\projects\lol_air_client\releases\\deploy\LolClient.exe
    ============== Pseudo HJT Report ===============
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    uRun: [TBPanel] C:\Program Files (x86)\Vtune\TBPanel.exe /A
    uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
    uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
    uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    LSP: %SystemRoot%\system32\WTFastDrv.dll
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: Interfaces\{343BB0EC-E13B-4AA1-97A4-7326EDEE28F4} : NameServer =
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    ============= SERVICES / DRIVERS ===============
    R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-8-14 21104]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-21 283200]
    R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2012-8-1 41704]
    R2 ES lite Service;ES lite Service for program management.;C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe [2012-8-14 68136]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264]
    R3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2012-12-6 33872]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-14 413800]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe --> C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [?]
    S2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe --> C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [?]
    S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-4-16 102936]
    S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
    S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-4-16 37344]
    S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2012-1-9 12800]
    S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2012-1-9 171008]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
    S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-12-2 31800]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-4-16 203544]
    S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
    S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
    S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
    S3 WinRing0_1_2_0;WinRing0_1_2_0;F:\PlayClaw3\WinRing0x64.sys [2012-8-29 14544]
    =============== Created Last 30 ================
    2013-04-20 18:08:5225928----a-w-C:\Windows\System32\drivers\mbam.sys
    2013-04-20 18:08:52--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-04-20 15:35:25--------d-----w-C:\Users\Ryan\AppData\Roaming\Rokario
    2013-04-20 15:35:23--------d-----w-C:\Program Files (x86)\Rokario
    2013-04-20 15:22:39--------d-----w-C:\Users\Ryan\AppData\Roaming\NetSpeedMonitor
    2013-04-20 15:22:26--------d-----w-C:\Program Files\NetSpeedMonitor
    2013-04-19 17:55:15--------d-----w-C:\Windows\PCHEALTH
    2013-04-19 17:53:35--------d-----w-C:\Program Files (x86)\Microsoft Visual Studio 8
    2013-04-19 17:53:03--------d-----w-C:\Users\Ryan\AppData\Local\Microsoft Help
    2013-04-19 11:01:00--------d-----w-C:\$RECYCLE.BIN
    2013-04-19 10:53:1998816----a-w-C:\Windows\sed.exe
    2013-04-19 10:53:19256000----a-w-C:\Windows\PEV.exe
    2013-04-19 10:53:19208896----a-w-C:\Windows\MBR.exe
    2013-04-17 15:09:39--------d-----w-C:\Users\Ryan\AppData\Roaming\RealNetworks
    2013-04-17 15:09:27--------d-----w-C:\Program Files (x86)\RealNetworks
    2013-04-17 15:09:25--------d-----w-C:\ProgramData\RealNetworks
    2013-04-17 15:09:18--------d-----w-C:\Program Files (x86)\Common Files\xing shared
    2013-04-17 15:09:10499712----a-w-C:\Windows\SysWow64\msvcp71.dll
    2013-04-17 15:09:10348160----a-w-C:\Windows\SysWow64\msvcr71.dll
    2013-04-16 16:35:34--------d-----w-C:\Users\Ryan\AppData\Local\Skymonk2
    2013-04-16 11:00:48--------d-----w-C:\Users\Ryan\.android
    2013-04-16 11:00:43--------d-----w-C:\Users\Ryan\AppData\Roaming\ApkInstaller
    2013-04-15 22:43:26203544----a-w-C:\Windows\System32\drivers\ssudmdm.sys
    2013-04-15 22:43:26102936----a-w-C:\Windows\System32\drivers\ssudbus.sys
    2013-04-15 22:39:3137344----a-w-C:\Windows\SysWow64\FsUsbExDisk.Sys
    2013-04-15 22:39:31233472----a-w-C:\Windows\SysWow64\FsUsbExService.Exe
    2013-04-15 22:39:31110592----a-w-C:\Windows\SysWow64\FsUsbExDevice.Dll
    2013-04-08 18:49:33--------d-----w-C:\Users\Ryan\AppData\Local\Programs
    2013-03-28 17:38:32--------d-----w-C:\ProgramData\SoftSafe
    2013-03-28 17:37:37--------d-----w-C:\Program Files (x86)\BrowseToSave
    2013-03-28 17:36:47--------d-----w-C:\ProgramData\InstallMate
    ==================== Find3M ====================
    2013-04-20 15:59:5825640----a-w-C:\Windows\gdrv.sys
    2013-04-12 18:13:5171048----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-04-12 18:13:51691592----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-03-15 04:16:183477280----a-w-C:\Windows\System32\nvsvc64.dll
    2013-03-15 04:16:176398240----a-w-C:\Windows\System32\nvcpl.dll
    2013-03-15 04:16:10877856----a-w-C:\Windows\System32\nvvsvc.exe
    2013-03-15 04:16:1063776----a-w-C:\Windows\System32\nvshext.dll
    2013-03-15 04:16:10237856----a-w-C:\Windows\System32\nvmctray.dll
    2013-03-14 19:07:52559904----a-w-C:\Windows\SysWow64\nvStreaming.exe
    2013-03-13 16:24:013065455----a-w-C:\Windows\System32\nvcoproc.bin
    2013-03-11 17:52:4395648----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-03-11 17:52:43861088----a-w-C:\Windows\SysWow64\npDeployJava1.dll
    2013-03-11 17:52:43782240----a-w-C:\Windows\SysWow64\deployJava1.dll
    2013-02-11 13:45:31281520----a-w-C:\Windows\SysWow64\PnkBstrB.xtr
    2013-02-11 13:45:31281520----a-w-C:\Windows\SysWow64\PnkBstrB.exe
    2013-02-10 03:25:271807136----a-w-C:\Windows\System32\nvdispco6420294.dll
    2013-02-10 03:25:271510176----a-w-C:\Windows\System32\nvdispgenco6420162.dll
    2013-01-21 13:46:49281520----a-w-C:\Windows\SysWow64\PnkBstrB.ex0
    ============= FINISH: 21:19:06.61 ===============
    DDS attach

    Many thanks in advance,and if I missed something,please let me know,It's my first time I report this issue.


    Attached Files:

  4. Broni

    Broni Malware Annihilator Posts: 53,874   +370

    [​IMG] I don't see any AV program running...
    Install ONE of these:

    - Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html

    - free Microsoft Security Essentials: http://windows.microsoft.com/en-GB/windows/products/security-essentials
    Note for Windows 8 users: Microsoft Security Essentials comes preinstalled and renamed as Windows Defender.
    You can keep it or you have to disable it before installing another AV program. How to...

    - free Comodo Antivirus: http://www.comodo.com/home/internet-security/antivirus.php

    Update, run full scan, report on any findings.
    [​IMG] Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Download Malwarebytes Anti-Rootkit (MBAR) from HERE
    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
  5. RyanGentleman

    RyanGentleman TS Rookie Topic Starter

    I had Avira AV and I unistalled it just couple hours ago because I couldn't finish it's update,it just never finishes updating..Ill work on the other programs you provided,thank you again..I'll update you as soon as I finish these steps..
  6. RyanGentleman

    RyanGentleman TS Rookie Topic Starter

    Hi again,

    My download is so slow that I barely downloaded Windows Essentials and updated it and run scan with no harm detected,then downloaded RogueKiller and run scan and delete as mentioned above and here's the log
    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Ryan [Admin rights]
    Mode : Remove -- Date : 04/20/2013 22:20:25
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 4 ¤¤¤
    [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{343BB0EC-E13B-4AA1-97A4-7326EDEE28F4} : NameServer ( -> NOT REMOVED, USE DNSFIX
    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts localhost

    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: WDC WD3200AAKS-00L9A0 ATA Device +++++
    --- User ---
    [MBR] 78bc7d911ff6ab92ae641b86f77d96d7
    [BSP] bd8439a60270113cdadcd7ba2eddee7c : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 84249 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 172544000 | Size: 73665 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 323409920 | Size: 73664 Mo
    3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 474273792 | Size: 73665 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[2]_D_04202013_02d2220.txt >>
    RKreport[1]_S_04202013_02d2218.txt ; RKreport[2]_D_04202013_02d2220.txt

    As for MB Anti rootkit,I couldnt finish download it because the speed goes to bytes and tried to redownload many times with no help..something really bad taking all my bandwidth and just makes me want to give up and format right away..hope this is enough info for what you because I can't download anything else with the speed..
  7. Broni

    Broni Malware Annihilator Posts: 53,874   +370

    Do you have other computers in your household?
    If so do they have any internet speed issues?

    So far your logs look clean.
  8. RyanGentleman

    RyanGentleman TS Rookie Topic Starter

    Yes I do,but the reason I'm suspecious is that because I used NetSpeedMonitor to monitor my connection traffic and to see why my C drive loses some space every now and then when I'm online...also monitored my bandwidth via avira firewall and noticed a constant ~74 Kbps down speed are being used and upload is reading high as well,I'm not sure what's going on,I've tried every possible AV on google and none found a trojan/worm or anything..I've read it somewhere saying that this type of virus set up FTP servers on ur PC and send and collects data via ur PC,but wouldn't that type of virus be detected,or is it too OP to be found?

    Thank u again
  9. Broni

    Broni Malware Annihilator Posts: 53,874   +370

    Well, you didn't really answer my question.
    Are the other computers OK?
    Is this the only one affected?
  10. RyanGentleman

    RyanGentleman TS Rookie Topic Starter

    Yes,other computers are fine,normal speed and C doesnt eat space..
  11. Broni

    Broni Malware Annihilator Posts: 53,874   +370

    Download it with a different computer and transfer it to this computer using USB flash drive.
  12. RyanGentleman

    RyanGentleman TS Rookie Topic Starter

    I don't think MB anti rootkit will solve my problem,sorry for wasting your time,I'm really tired of it and might format..thank you again and you can close the thread.

  13. Broni

    Broni Malware Annihilator Posts: 53,874   +370

    Thanks for letting me know.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...