Spread the love! TechSpot Tech Gift Shortlist 2017

Millions of packets

By chunx0r
Apr 2, 2008
  1. Ok, I work at a university ITS helpdesk so I have at least some knowledge of tech ideas. However i am posting for my girlfreind who is currently abroad in guatemala.

    Anyways the problem is, her computer is uploading and downloading packets at extreme speeds, in a matter of five minutes she will hit the 3-4 million down.

    She is running vista. I have had her run HJT, and i didn't see anything out of the ordinary. I also have had her run TCPview, and TDIMON, and i saw nothing weird there either.

    She also said she had alot of svchost's in taskmanager. I had her disable updates and that hasn't done anything.

    Oh also she has run almost every scan there is. Norton, Spybot, spysweeper, superantispyware, combofix and more i think. any help would be greatly apreciated I will try and get a hijakthis log.
  2. Jesse_hz

    Jesse_hz TS Maniac Posts: 545

    If you can't find a logical explanation for the massive amounts of traffic, then her computer is probably infected with some form of malware and is probably being used as part of a botnet to flood the Internet with spam.

    One of the other members of this forum will probably post some instructions on detecting/removing it shortly, but if I were you, I'd just reinstall Windows.
  3. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Please have a read here-> Is your system infected? Read this before Cleaning or Formatting

    If you decide to clean your system please follow these Viruses/Spyware/Malware, preliminary removal instructions and post back in this thread with the requested logs. There should be at least 3.

    1)AVG log
    2)Combofix log
    3)Hijackthis log (Step 15)

    This thread is for the use of chunx0r only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  4. jobeard

    jobeard TS Ambassador Posts: 10,856   +901

    Get Cports here

    run as an admin account and you will see every program which opens an internet
    dbl-click on the column heading Remote Address and external accesses will be at the top

    If you see a program that has multiple connections and don't recognize its name,
    and you will see the path to that program and you can COPY it for later use.

    you can also close a connection (but likely will just restart it) or
    KILL the process.

    Once discovered, post back the program name and its path
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...