Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Something on my laptop is eating 25gig a day of my data limit [Solved]

malware malware - virus trojan??????

  • This topic is locked This topic is locked

#61
grancarol

grancarol

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Well... I am not going over because the only time I connect my laptop is when I am running one of our tests but even with no real internet usage specifically from me other than the tests, I have used 7 gig which is still 2 times as much as my average usage before this problem (and we are only half way through the month). I think I am going to go ahead and put the wifi password in on my tv and my dvd player since we seem to have pretty much identified the laptop as the culprit.   :smashcomp:


  • 1

Advertisements


#62
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
I have some items for you to work through that I think might have a positive effect on your issue.
 
First, please run OTL and make sure you follow these instructions to assure you get an Extras.txt log for me to assess.
 
51a5d669693dd-icon_OTL.png Scan with OTL

Please download OTL by OldTimer and save the file to your desktop.

  • Right-click on 51a5d669693dd-icon_OTL.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Make sure that Scan All Users, LOP check and Purity check are ticked.
  • For 64-bit systems only - make sure that Include 64-bit option is also ticked.
  • Sections Processes, Modules, Services, Drivers, Standard Registry are set to Use Safelist.
  • Section Extra Registry is also set to Use Safelist.
  • Push Run Scan and wait patiently.
  • Two notepad windows will be opened after this run: OTL.txt (maximized) and Extras.txt (minimized).


Please include the content of both logfiles in your next reply.
 
Next, let's Reset your Firewall by following these instructions.
 
Click the Start button in the lower left of your screen, then navigate as follows.
 
Click Control Pannel
In the upper right of the screen, in the Search Control Pannel, type Firewall.
Then on the Left you will see Restore Defaults, select that. There might be a confirmation dialog box, if so, confirm.
 
Next, please run ADWcleaner.
 
 
adwcleaner_new.png Scan with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.
 
  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator (if necessary) to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.
 
Please include the contents of that file in your reply.

 

When this is complete, perform the usual bandwidth check to see if this help the problem.


  • 0

#63
grancarol

grancarol

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

ok sorry I have been swamped this week. I am taking a class after work this semester and that kind of kicked in with homework plus I am running in my first 5K tonight so it has just been a hectic week which is not a bad thing. I hope you have had a good week.

Here is the results from the OTL run and I will reset the firewall and run the ADWcleaner now.

Attached Files


  • 0

#64
grancarol

grancarol

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

I did not see an option to reset my firewall. Here is the result from my search on firewall

Attached Thumbnails

  • firewall.png

  • 0

#65
grancarol

grancarol

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

ok I poked around and found the place to restore the defaults to the firewall and I downloaded the adwcleaner and here are the results. Thanks!

Attached Files


  • 0

#66
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Incomplete instructions on my part, very sorry.

 

Click "Check Firewall Status"

Click "Restore Defaults"

 

Best of luck in your 5k. I ran distance for many years and coached for even more. My suggestion, stay comfortable with your pace at least through the first mile. Only push in the last mile and only if you're feeling strong. :)


  • 0

#67
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

AHhh...I see you've gotten it. Ok, when you have a minute, see if the issue has resolved. :0


  • 0

#68
grancarol

grancarol

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

:headscratch: I am still downloading alot of data.


  • 0

#69
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

A slightly different approach with adwCleaner with the use of Clean after the scan. Also, we are going to try a completely different tool called Combofix.

 

Download ADWCleaner by Xplode to your desktop.

  • Close all programs and right-click on the adwcleaner.png icon - select Run as Administrator.
    (Users of Windows XP please just double-click).
  • You will be presented with the console like the one below:

    adwcleaner-start.jpg

  • Click on Scan and follow the prompts.
  • Let it run unhindered.
  • When done, click on the Clean button, and follow the prompts.
  • Allow the system to reboot.

After that, you will then be presented with the report. Copy & Paste this report on your next reply.

icon_idea.gif The report will be saved in the C:\AdwCleaner folder, as AdwCleaner[S0].txt.

 

 

51a5bf3d99e8a-ComboFixlogo16.png Scan with ComboFix

This is a very powerful tool that should be used only if advised by Malware Analyst.
Do not run ComboFix on your own!


Referring to this instruction, please download ComboFix by sUBs and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
 

  • Right-click on 51a5bf3d99e8a-ComboFixlogo16.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the disclaimer and agree if prompted to install Recovery Console.
  • Do not take any actions while ComboFix goes through your System - it may cause it to stall!
  • This scan may take some time!
  • When finished - it will display a logfile (located also on your main drive, usually C:\ComboFix.txt).

Include that log in your next reply.
icon_idea.gif If you'll encounter any issues with internet connection after running ComboFix, please visit this link.
icon_idea.gif If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine.

 


  • 0

#70
grancarol

grancarol

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Ok I ran them both and here are the log files. Bitmeter throws and error when I try to run it but from what I can tell with NetLimiter it doesn't appear that I am using that much data now.

Attached Files


  • 0

Advertisements


#71
grancarol

grancarol

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Whoo Whoo... I believe that you have fixed the problem! I rebooted and bitmeter came up and it is not pegged. There is no red except when I access the internet.


  • 0

#72
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Excellent news!! Sorry that this took so long, but it was an odd one to say the least.

 

I still need to assess the ComboFix log to see if anything else needs to come out, but for the time being go ahead and run with it and see how things go today. I'll try to have a full assessment by morning.


  • 0

#73
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
I think we're getting close to the finish line on this one. Let's let ESET have a look at things.
 
ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:
  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.

To perform the scan:
  • Make sure that Remove found threats is unchecked.
  • Scan archives is checked.
  • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.

Please include this logfile in your next reply.

Don't forget to re-enable previously switched-off protection software!


  • 0

#74
grancarol

grancarol

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

ok here is the log file from the ESET scan


  • 0

#75
grancarol

grancarol

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

ok here is the log file from the ESET scan

Attached Files

  • Attached File  log.txt   112bytes   65 downloads

  • 0






Similar Topics


Also tagged with one or more of these keywords: malware, malware - virus trojan??????

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP