OK, so I appreciate that some of the "EXPERTS" here are very busy so I appeal to anyone who has the time to help.

My problem is that I am using a plug in type Broadband but it's chewing up like 4 MB PER MINUTE (started about a week ago)

I have auto updates turned OFF

I've done a Hijack report thing but I can't see anything that shouldn't be there but I really wouldn't know anyway!

So any ideas greatly appreciated.

If it were me I'd call the service provider. They should be able to help, and with a bit of luck you'll get one that speaks "good" english lol

thanks mike, nah tried that ......no help

1. Have you updated and run Spyware Doctor for infections?

2. You appear to have reminants of Norton's Antivirus, delete the entire Symantec folder.

3. Download Noadware, update it and scan for malware, if it finds anything other than cookies, email me and I'll supply you with an activation number to remove the threats.

4. Download Malwarebytes Antimalware, update it and perform a deep scan for infections.

5. Run Hijack this and tick only the boxes that have (file missing), or (no name) or (no file) at the start or end of the entry.
Delete these references.

Did you try an unsuccessful Service Pack upgrade?
It appears that some Service Pack entries are there but some didn't install correctly.
Apologies for not getting back to you sooner, I've been unwell.....again.

Party,

Removing Nortons is not so easy. Even if you can remove the Nortons folder parts of Nortons will still be on your PC. Nortons has a removal tool but even this will not remove all of this bloatware!

To completely remove Nortons go to: http://www.askdavetaylor.com/how_to_fully_remove_norton_from_pc.html

Many steps involved but they are simple to follow. I'm using the free Online Armor firewall [best I've ever used] now and it works very well with the free AVG anti-virus. Both programs are install and forget. No tweaking involved.

Also, be VERY careful about what you remove using Hijack This. You best bet is to visit the Spyware Warrior forum and post your problem and a recent Hijack This log in the section: "HijackThis Logs- Help with spyware removal" http://www.spywarewarrior.com/index.php

Good luck!

Sorry I can't help, but any information is better than no information.

I had that sort of thing once.
And it worried me because I only can have about 30 Meg per day rations or I get slugged a hefty bill for excess usage.

I got by for a few days by getting my page I needed, then going Offline, read or do what I had to do, then go back Online.
Then go the Page or whatever I had to do, then go Offline.
Lot of mucking around.

It turned out that some website was causing me to upload Megabytes of data.
I got rid of the problem maybe by doing a system restore, but more likely by playing around with the registry.

Have a go at running msconfig and see if there is anything in your startup Folder what could be a problem.
Hijack this can often find the problem too.

Google searches give good results if you can actually insert the correct keywords to use.
But Googling is gonna eat up your Megabytes while your virus is still alive.

I've had so much bullaaaa over the years, and I managed to get rid of them, but my memory is terrible and I can't recall any repairs and if I get caught again, I'll be no better off than I was when I got caught the first time.

Good Luck with it.

You could always get another cheap Computer and use it until you get the information to repair your faulty one.
That is what I do now.
Have a spare Computer for times like these.

Crash,

I've seen his HijackThis log.

Thanks heaps Men, thats given me something to get my teeth into. Chrome one has to be very humble when asking for a freebie, especially when its *your* bread and butter job, Sso any help (if) any is greatly appreciated.

Crash I'll try all of the above,Moeee, thats what got me completely bamboozled, as its a plug in type, I used my lap top instead, but it behaves in exactly the same way, daft question but is it possible for the usb thing to be compromised in some way?

1. Have you updated and run Spyware Doctor for infections?

2. You appear to have reminants of Norton's Antivirus, delete the entire Symantec folder.

3. Download Noadware, update it and scan for malware, if it finds anything other than cookies, email me and I'll supply you with an activation number to remove the threats.

4. Download Malwarebytes Antimalware, update it and perform a deep scan for infections.

5. Run Hijack this and tick only the boxes that have (file missing), or (no name) or (no file) at the start or end of the entry.
Delete these references.

Did you try an unsuccessful Service Pack upgrade?
It appears that some Service Pack entries are there but some didn't install correctly.
Apologies for not getting back to you sooner, I've been unwell.....again.
1&2 done,

3 done, only 3 cookies picked, rated no great threat

4 done

5 done that

Re Service Pack, I got a pop up from MS you know the usual updates available, bla bla so went for it then it came back with what I told you about Office?? but it was after that the problem became obvious(may be just co-incidence)

Also as a separate issue, I still had Norton on my laptop so updated and ran that, also didn't pick anything up??

Moeee, thats what got me completely bamboozled, as its a plug in type, I used my lap top instead, but it behaves in exactly the same way, daft question but is it possible for the usb thing to be compromised in some way?

Whats the usb thingo?
Is it a wireless Internet Modem.
How do you know you are losing 4 Megabytes per minute?

I have a 3 wireless modem and they have a thing called dashboard and it has a display called VOLUME and it usually says I am going through a lot of Megabytes, but after speaking with the 3 people, I eventually got someone who said to ignore it.

So do you have a wireless Internet and only had it a week or 2?

I have on the bottom row on the right of my monitor an Icon of 2 little screens
If I right ckick on them and open, I can then see hoe much I am using and have used this Internet session.

Whats the usb thingo?
Is it a wireless Internet Modem.
Moeee, I think he is alluding to a USB Network Adapter. I've got one and wish I'd gone for the PCI card - will be doing so when I build my next PC.

Den

Moee, yes I have the same 3 service, same volume monitor etc, so you can literally see what you are using by the second, first month was fine only used about 30 MB per day which is what I would expect, then suddenly this problem started and used 3gig in 10 days, only logged on for internet and placing bets, crazy stuff!

Party,

If you are still suffering and nothing is picking up the problem, it sounds like you might have a backdoor trojan or a 'rootkit' problem hiding a Trojan or aaaa on your PC. These are the nasty of the narsties and can avoid anything you throw at it, especialy Nortons!


Below is a quick descriptiuon and until you get the problem sorted You might want to avoid useing your PC for any financial transactions!


"Presumably the rootkit nasties description using is used to hide the trojans which can be used by the attacker to take total control of a machine while the keyloggers transmit information back to the attackers including passwords and data from the infected machine. An ugly situation at best. In cases like this I think the safest thing for a user to do is format and reinstall because there is no way to tell how severly the machine has been compromised and what dangers may lurk inside, even if the trojans and rootkit files are removed, if they can even be removed.

Here's an example where format and reinstall was advised on a severely compromised network computer":
http://spywarewarrior.com/viewtopic.php?t=16273

What is a backdoor Trojan? For a description and immediate course of action to avoid any futher compomise, go here:
http://www.geekstogo.com/2007/10/03/what-is-a-backdoor-trojan/

Yes, what antivirus are you using, it doesn't show up in the log???

I would next suggest getting rid of that Symantec stuff and installing Avast Home Edition free, then schedule a boot time scan.

If you do all that I posted and still having problems, I'd say that maybe adobe acrobat or some other program is actually downloading updates and you won't know until it finishes.

Moee, yes I have the same 3 service, same volume monitor etc, so you can literally see what you are using by the second, first month was fine only used about 30 MB per day which is what I would expect, then suddenly this problem started and used 3gig in 10 days, only logged on for internet and placing bets, crazy stuff!

"3g in 10 days" [!] is no sort of valid program update. Sounds like a Trojan Bot [up to no good] to me. If it is already on your PC Party, no amount of changing firewalls or anti-virus software will cure the problem or even find it most probably, as a Trojan bot is malicious code attached to a seemingly valid bit of software or a downloaded media codex. Very well hidden from anything mostly, but getting rid of Nortons is still a good idea.

Thanks guys, now I'm really worried, but just one question ! does it make any sense that I plugged the USB Modem into my laptop and got the same problem?? i.e. could I have infected the lap top via the USBModem?


Chrome, down loaded Avast and its scanning now, will let you know the result

Just finished that Avast scan, with no infections detected?????

If you are with 3, do you know how to find out your Megabyte usage?
You go to the 3 home page and login
After you login there is a page what will have your mobile number on it.
If you click on that number it will send you to a page where it tells you how much you have downloaded since the month started.
If you write this down, and then go back there in 24 hours, you can subtract the new Megabyte from the previous and you know how much you have REALLY downloaded.

But the best way is if you have Windows XP, there is a Icon on the bottom left of the screen when you hook up to the Internet Explorer.
If you right click on it and then click on status, you can watch exactly how much Megabytes are being uploaded and downloaded in REAL Time and are the ACTUAL numbers, rather than that VOLUME thingo.

Is your firewall turned on?

I'm starting to think that someone else closeby is using your bandwidth.

No spyware, no viruses, no updates, must be outside useage.

In my previous post, the ICON is on the bottom right, not left.

I have been on Internet for about half an hour now, and MY VOLUME Thing says that I have used 21 Megabytes.
My Computer tells me I have used 1.4 Megabytes

You see the difference?
Don't go by that Volume thing..its silly.. just ignore it.
It is mainly happening because the modem keeps dropping out and reconnecting.

I wonder if you have changed the hours you spend on Internet Partypooper.
At Peak Periods, like after 5pm or so, the Phone Network gets very busy and downloads are very slow.

Party,

I think you stated you are using a plug-in modem, not wireless. If that is the case nobody outside can use your bandwidth, it's usage from within your PC [and laptop now it seems].

Sad to say, that if you connected your laptop to your PC using USB you could have easily transfered a rootkit Trojan to your laptop. It sure sounds like you have transfered something!

I would suggest you check for nasty rootkits by downloading a small free program to check for rootkits hiding a bot Trojan: http://research.pandasecurity.com/archive/New-Panda-Anti_2D00_Rootkit-_2D00_-Version-1.07.aspx

Panda Anti-Rootkit is a program that uses latest generation technology to detect and remove rootkits. Rootkits are programs designed to hide processes, files or Windows Registry entries. This type of software is used by hackers to hide their tracks or to insert threats surreptitiously on compromised computers. There are types of malware that use rootkits to hide themselves on a computer [hiding them from any firewall, anti-virus or any melware/spyware apps].

There is no guarantee that even if the program finds a rootkit that it will fix the problem, but there is a good chance that it will. Please let me know what you found if anything, before deleting. One step at a time, so lets rule out [or in] Rootkits first.

Chrome, unfortunately that sounds right as when I first contacted 3, thats what they suggested, but what seemed impossible is that I can log on anytime of the day or night and the same thing is happening??

Moeee, yes unfortunately it is REAL usage, and any excess is charged at 10c per MB, which doesn't sound a lot but at this rate is a great concern.

Crash, ok, I'll follow that and get back to this page a bit later. Ta!

Hi Party, you could try a forum dedicated to computer users.
I've used www.atomic.com.au (http://www.atomic.com.au) a few times and found them a very helpfull lot.

Mike.

Crash, ran that Panda thing, found nothing, frustrating isn't it?

Mike367, thanks will give em a go

One post disappeared (can't think why) anyway thanks all, and mike I'll try that one ta!

Running Panda was a good thing. At least no known rootkits on your PC.

It's very hard to diagnose PC problems blind and a port monitoring program [what is going in or out over the internet] would not be much use to you as it's all a bit complex.

I would still suggest you post your problem on http://www.spywarewarrior.com/index.php as this group is the best of the best if any nasties are involved.

Will do Crash and thanks again. One last question if someone is hacking my usage would there be any other tell tale sign? like would it happen sometimes and not others or all time etc etc?

If it is a bot, it would happen as soon as you turn on your PC. Often they use only so much bandwidth but on multiple machines so its not that noticeable on any individual machine. Main usage is for sending spam automatically.

Could you do what I said about the monitor ICON in the corner.
Check whether the Megabytes are being stolen by Downloading or Uploading.

Your download usage should be a lot more than your upload usage.

Moeee, I am using my lap top on Dial up temporarily til the 10th which is my billing cycle for 3. so will download a few things and have a go at it then (Friday) cheers

Did you go to the 3 webpage like I said and have a look at how many Megabytes you have used up till now for the month?

You can do that on the dialup Computer.

Moeee, I am using my lap top on Dial up temporarily til the 10th which is my billing cycle for 3. so will download a few things and have a go at it then (Friday) cheers


Party,
Apart from simple problem solving and advice and with all due respect to anyone here trying to help you, Punting forums are probably not the best place to try and resolve serious PC issues :-)

For general PC or infection problems:
http://www.bleepingcomputer.com/forums/

For infected PC problems only:
http://www.spywarewarrior.com/index.php

These 2 sites are as good as they get and might be a nice shortcut to solving any serious PC problems.

Moeee, yes that's how I realised there was something desperately wrong!

Crash, I agree and thanks for the pointers good stuff.( I changed my passwords just in case)

party,

another good site that has helped me many times is -

http://www.windowsbbs.com/

Den