[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1093
  • Last Modified:

Internet of PC is suspiciously being used up

My asshole computer is using up my internet suspiciously, and I can't seem to find the stupid program/hack that's doing this.

I'm at school, where the broadband connection is like 6Mb/s, I mean that's REALLY FAST. Yet, I happen to have trouble simply streaming a song???? What the heck!!!!

Most of the time, I see the packets constantly being sent, as if I'm downloading something large, but I'm not.

What can I do? How can I identify what's downloading all the time?

I'm running AVG now, and it just only found tracking cookies.
I'm so willing to move over to Linux due to all these nasty viruses and stuff.


Thanks a lot.
0
nvs_victor
Asked:
nvs_victor
  • 7
  • 4
2 Solutions
 
NetAdmin2436Commented:
<<My asshole computer is using up my internet suspiciously
ROFLMO

I'd start by downloading and running hijackthis, as it sounds like you may have some crap on there. Run it and attach a screen shot of the results.
http://majorgeeks.com/download3155.html
0
 
NetAdmin2436Commented:
Another thing you can quickly do is...
Start --> Run --> CMD --> netstat -b

This will give you a list of executables and there TCP/IP connections. That might give you a clue
0
 
nvs_victorAuthor Commented:
Thanks a lot.

The netstat -b looks useful. Any way to know the usage amount?


Here's the netstat -b


Active Connections

  Proto  Local Address          Foreign Address        State           PID
  TCP    HDI:2242               lee.cs.miami.edu:22    ESTABLISHED     6080
  [SshClient.exe]

  TCP    HDI:2654               yx-in-f83.google.com:http  ESTABLISHED
  [avgnsx.exe]

  TCP    HDI:1043               localhost:27015        ESTABLISHED     3020
  [iTunesHelper.exe]

  TCP    HDI:1725               localhost:27015        ESTABLISHED     1852
  [iTunes.exe]

  TCP    HDI:1726               localhost:5354         ESTABLISHED     1852
  [iTunes.exe]

  TCP    HDI:1727               localhost:5354         ESTABLISHED     1852
  [iTunes.exe]

  TCP    HDI:1728               localhost:5354         ESTABLISHED     1852
  [iTunes.exe]

  TCP    HDI:1729               localhost:5354         ESTABLISHED     1852
  [iTunes.exe]

  TCP    HDI:2653               localhost:10080        ESTABLISHED     3268
  [firefox.exe]

  TCP    HDI:4544               localhost:4545         ESTABLISHED     3268
  [firefox.exe]

  TCP    HDI:4545               localhost:4544         ESTABLISHED     3268
  [firefox.exe]

  TCP    HDI:4546               localhost:4547         ESTABLISHED     3268
  [firefox.exe]

  TCP    HDI:4547               localhost:4546         ESTABLISHED     3268
  [firefox.exe]

  TCP    HDI:5354               localhost:1726         ESTABLISHED     1556
  [mDNSResponder.exe]

  TCP    HDI:5354               localhost:1729         ESTABLISHED     1556
  [mDNSResponder.exe]

  TCP    HDI:5354               localhost:1728         ESTABLISHED     1556
  [mDNSResponder.exe]

  TCP    HDI:5354               localhost:1727         ESTABLISHED     1556
  [mDNSResponder.exe]

  TCP    HDI:10080              localhost:2653         ESTABLISHED     588
  [avgnsx.exe]

  TCP    HDI:27015              localhost:1725         ESTABLISHED     704
  [AppleMobileDeviceService.exe]

  TCP    HDI:27015              localhost:1043         ESTABLISHED     704
  [AppleMobileDeviceService.exe]

  TCP    HDI:1790               localhost:10080        CLOSE_WAIT      2520
  [GoogleDesktop.exe]

  TCP    HDI:2476               localhost:10080        CLOSE_WAIT      6028
  [iexplore.exe]

  TCP    HDI:2478               localhost:10080        CLOSE_WAIT      6028
  [iexplore.exe]

  TCP    HDI:10080              localhost:2657         TIME_WAIT       0
  TCP    HDI:10080              localhost:2664         TIME_WAIT       0
  TCP    HDI:10080              localhost:2661         TIME_WAIT       0
  TCP    HDI:11526              localhost:2666         TIME_WAIT       0
  TCP    HDI:11526              localhost:2659         TIME_WAIT       0
  TCP    HDI:11526              localhost:2660         TIME_WAIT       0
  TCP    HDI:11526              localhost:2663         TIME_WAIT       0
Logfile of HijackThis v1.99.1
Scan saved at 7:52:47 PM, on 2/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\SSH Communications Security\SSH Secure Shell\SshClient.exe
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
E:\Documents and Settings\admin\Desktop\hijackthis_sfx.exe
E:\Documents and Settings\admin\Desktop\HijackThis.exe
 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.7.805.16405 (GoogleDesktopManager-051608-133132) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

Open in new window

0
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

 
nvs_victorAuthor Commented:
Hello........

This looks interesting... this was created after I started downloading something 2 minutes after my first log  on netstat -b
  TCP    HDI:2767               c13-ss-2-lb.cnet.com:http  ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:2769               c13-ss-2-lb.cnet.com:http  ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:2771               c13-ss-2-lb.cnet.com:http  ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:2847               peer-akamai-content-232.net.flrnet.org:http  EST
ABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:2867               peer-akamai-content-235.net.flrnet.org:http  EST
ABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:2911               peer-akamai-content-233.net.flrnet.org:http  EST
ABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:2921               www.zondervan.com:http  ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:1043               localhost:27015        ESTABLISHED     3020
  [iTunesHelper.exe]
 
  TCP    HDI:1725               localhost:27015        ESTABLISHED     1852
  [iTunes.exe]
 
  TCP    HDI:1726               localhost:5354         ESTABLISHED     1852
  [iTunes.exe]
 
  TCP    HDI:1727               localhost:5354         ESTABLISHED     1852
  [iTunes.exe]
 
  TCP    HDI:1728               localhost:5354         ESTABLISHED     1852
  [iTunes.exe]
 
  TCP    HDI:1729               localhost:5354         ESTABLISHED     1852
  [iTunes.exe]
 
  TCP    HDI:2689               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2697               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2699               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2701               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2707               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2708               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2712               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2727               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2728               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2729               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2731               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2739               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2747               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2766               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2768               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2770               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2846               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2866               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2910               localhost:10080        ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:2920               localhost:10080        ESTABLISHED     1852
  [iTunes.exe]
 
  TCP    HDI:4544               localhost:4545         ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:4545               localhost:4544         ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:4546               localhost:4547         ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:4547               localhost:4546         ESTABLISHED     3268
  [firefox.exe]
 
  TCP    HDI:5354               localhost:1728         ESTABLISHED     1556
  [mDNSResponder.exe]
 
  TCP    HDI:5354               localhost:1726         ESTABLISHED     1556
  [mDNSResponder.exe]
 
  TCP    HDI:5354               localhost:1727         ESTABLISHED     1556
  [mDNSResponder.exe]
 
  TCP    HDI:5354               localhost:1729         ESTABLISHED     1556
  [mDNSResponder.exe]
 
  TCP    HDI:10080              localhost:2920         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2910         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2866         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2707         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2708         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2731         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2739         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2747         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2699         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2712         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2729         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2846         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2766         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2727         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2770         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2768         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2689         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2697         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2728         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:10080              localhost:2701         ESTABLISHED     588
  [avgnsx.exe]
 
  TCP    HDI:27015              localhost:1725         ESTABLISHED     704
  [AppleMobileDeviceService.exe]
 
  TCP    HDI:27015              localhost:1043         ESTABLISHED     704
  [AppleMobileDeviceService.exe]
 
  TCP    HDI:1790               localhost:10080        CLOSE_WAIT      2520
  [GoogleDesktop.exe]
 
  TCP    HDI:2476               localhost:10080        CLOSE_WAIT      6028
  [iexplore.exe]
 
  TCP    HDI:2478               localhost:10080        CLOSE_WAIT      6028
  [iexplore.exe]
 
  TCP    HDI:2724               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2795               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2797               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2801               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2821               c18-rb-gtm2-tron-xw-lb.cnet.com:http  TIME_WAIT
      0
  TCP    HDI:2824               c18-dw-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2825               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2827               c18-dw-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2829               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2831               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2833               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2836               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2837               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2841               c18-dw-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2842               c18-dw-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2853               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2855               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2857               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2859               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2869               c18-dw-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2873               c18-dw-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2877               c18-dw-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2882               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2883               c18-ad-xw-lb.cnet.com:http  TIME_WAIT       0
  TCP    HDI:2895               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2897               ad1.rtm-1.vip.rm.ac4.yahoo.com:http  TIME_WAIT
     0
  TCP    HDI:2899               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2903               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2905               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2913               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2915               bs1b1.ads.vip.re2.yahoo.com:http  TIME_WAIT
  0
  TCP    HDI:2721               localhost:10080        TIME_WAIT       0
  TCP    HDI:2794               localhost:10080        TIME_WAIT       0
  TCP    HDI:2796               localhost:10080        TIME_WAIT       0
  TCP    HDI:2800               localhost:10080        TIME_WAIT       0
  TCP    HDI:2820               localhost:10080        TIME_WAIT       0
  TCP    HDI:2822               localhost:10080        TIME_WAIT       0
  TCP    HDI:2823               localhost:10080        TIME_WAIT       0
  TCP    HDI:2826               localhost:10080        TIME_WAIT       0
  TCP    HDI:2828               localhost:10080        TIME_WAIT       0
  TCP    HDI:2830               localhost:10080        TIME_WAIT       0
  TCP    HDI:2832               localhost:10080        TIME_WAIT       0
  TCP    HDI:2834               localhost:10080        TIME_WAIT       0
  TCP    HDI:2835               localhost:10080        TIME_WAIT       0
  TCP    HDI:2838               localhost:10080        TIME_WAIT       0
  TCP    HDI:2839               localhost:10080        TIME_WAIT       0
  TCP    HDI:2840               localhost:10080        TIME_WAIT       0
  TCP    HDI:2852               localhost:10080        TIME_WAIT       0
  TCP    HDI:2854               localhost:10080        TIME_WAIT       0
  TCP    HDI:2856               localhost:10080        TIME_WAIT       0
  TCP    HDI:2858               localhost:10080        TIME_WAIT       0
  TCP    HDI:2862               localhost:10080        TIME_WAIT       0
  TCP    HDI:2868               localhost:10080        TIME_WAIT       0
  TCP    HDI:2872               localhost:10080        TIME_WAIT       0
  TCP    HDI:2876               localhost:10080        TIME_WAIT       0
  TCP    HDI:2878               localhost:10080        TIME_WAIT       0
  TCP    HDI:2880               localhost:10080        TIME_WAIT       0
  TCP    HDI:2881               localhost:10080        TIME_WAIT       0
  TCP    HDI:2884               localhost:10080        TIME_WAIT       0
  TCP    HDI:2894               localhost:10080        TIME_WAIT       0
  TCP    HDI:2896               localhost:10080        TIME_WAIT       0
  TCP    HDI:2898               localhost:10080        TIME_WAIT       0
  TCP    HDI:2902               localhost:10080        TIME_WAIT       0
  TCP    HDI:2904               localhost:10080        TIME_WAIT       0
  TCP    HDI:2906               localhost:10080        TIME_WAIT       0
  TCP    HDI:2912               localhost:10080        TIME_WAIT       0
  TCP    HDI:2914               localhost:10080        TIME_WAIT       0
  TCP    HDI:10080              localhost:2890         TIME_WAIT       0
  TCP    HDI:10080              localhost:2850         TIME_WAIT       0
  TCP    HDI:10080              localhost:2884         TIME_WAIT       0
  TCP    HDI:10080              localhost:2922         TIME_WAIT       0
  TCP    HDI:10080              localhost:2848         TIME_WAIT       0
  TCP    HDI:10080              localhost:2864         TIME_WAIT       0
  TCP    HDI:10080              localhost:2886         TIME_WAIT       0
  TCP    HDI:10080              localhost:2860         TIME_WAIT       0
  TCP    HDI:10080              localhost:2874         TIME_WAIT       0
  TCP    HDI:10080              localhost:2908         TIME_WAIT       0
  TCP    HDI:10080              localhost:2892         TIME_WAIT       0
  TCP    HDI:10080              localhost:2900         TIME_WAIT       0
  TCP    HDI:10080              localhost:2844         TIME_WAIT       0
  TCP    HDI:11526              localhost:2919         TIME_WAIT       0
  TCP    HDI:11526              localhost:2924         TIME_WAIT       0
  TCP    HDI:11526              localhost:2819         TIME_WAIT       0
  TCP    HDI:11526              localhost:2918         TIME_WAIT       0

Open in new window

0
 
NetAdmin2436Commented:
Everything looks pretty normal to me, except 1 thing. You have McAfee and AVG on your computer. It's never good to have more than 1 anti virus program running on your computer as they typically conflict. This may or may not be the case here. Regardless you should remove one of them.

After you remove 1 of your anti virus programs and if it's still being slow....You might want to try to temporarily disable your antivirus to see if that's running interference.

Similarily, it looks like your McAfee has a firewall. If your using XP of Vista, then they have built in firewalls as well(assuming they are enabled). Same thing, it's not good to have multiple firewalls on the same computer.
0
 
nvs_victorAuthor Commented:
Ok. I took out McAfee. PC is still consuming the internet.

And it has more received than sent, at 2000 packets received, WITHOUT EVEN DOWNLOADING anything RIGHT after my computer restarted.

And it's non stop downloading and sending.

While this is happening, I got these logs. The other logs probably weren't taken while  it was downloading.
Logfile of HijackThis v1.99.1
Scan saved at 2:04:03 PM, on 2/14/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\toshiba\ivp\ism\pinger.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
E:\Documents and Settings\admin\Desktop\HijackThis.exe
 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\DLACTRLW.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImage\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.7.805.16405 (GoogleDesktopManager-051608-133132) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

Open in new window

0
 
nvs_victorAuthor Commented:
And here's the netstat -b
Active Connections
 
  Proto  Local Address          Foreign Address        State           PID
  TCP    HDI:1042               localhost:27015        ESTABLISHED     3388
  [iTunesHelper.exe]
 
  TCP    HDI:1047               localhost:1048         ESTABLISHED     2720
  [firefox.exe]
 
  TCP    HDI:1048               localhost:1047         ESTABLISHED     2720
  [firefox.exe]
 
  TCP    HDI:1049               localhost:1050         ESTABLISHED     2720
  [firefox.exe]
 
  TCP    HDI:1050               localhost:1049         ESTABLISHED     2720
  [firefox.exe]
 
  TCP    HDI:27015              localhost:1042         ESTABLISHED     1512
  [AppleMobileDeviceService.exe]
 
  TCP    HDI:1169               localhost:10080        CLOSE_WAIT      3284
  [GoogleDesktop.exe]
 
  TCP    HDI:11526              localhost:1225         TIME_WAIT       0
  TCP    HDI:11526              localhost:1227         TIME_WAIT       0
  TCP    HDI:11526              localhost:1236         TIME_WAIT       0
  TCP    HDI:11526              localhost:1224         TIME_WAIT       0
 
C:\Documents and Settings\admin>

Open in new window

0
 
nvs_victorAuthor Commented:
Ok.

I deleted the cookies of firefox, and then stopped using firefox just in case (now using Chrome).
That seemed to help.

However, I think the major culprit was Eclipse (for Java) uploading data? I stopped it, and it internet seems to be opened up now.

I'll close the question.

0
 
nvs_victorAuthor Commented:
Thanks for your time. I appreciate it.
0
 
NetAdmin2436Commented:
Cool, sorry i wasn't able to help more.....but I'm glad you were able to figure it all out. Thanks for the points.
0
 
nvs_victorAuthor Commented:
I should note that AVG found tracking cookies. And that's why I deleted them.

Thanks anyhow. It's a relief to not see my  internet used up like a monster.  
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now