Have I been infected?

  bruno 17:06 16 Nov 2009

I just had an e mail from Sky telling me I have overrun my 2gb limit for last month. On checking my usage using Tautology, I find that I am already ove the top on this month, with two more weeks to go. I have been on to Sky with no luck yet, but while talking to the girl I noticed that I used up over 10mg with nothing supposed to be on. I have since measured about 1 mg every three minutes being used. As I am doing nothing I am suspicious that my computer is being used by an outside source. I don't know the best thing to use to trace such a thing and would appreciate any advice I can get. I am on XP Home which I reinstalled about a month ago and I scanned it with Kaspersky first the uninstalled that and went back to my old favourite AVG, also Spybot search and destroy. Any suggestions?

  mfletch 17:12 16 Nov 2009

How are you connecting to the net

If wireless check you have it protected with a key

  bruno 13:49 17 Nov 2009

It is a wireless router but I only use it with the direct wired connection and have not enabled the wireless part. I also tried removing the aerial as a safeguard. I put on all the recommended things when I installed it.

  gazzaho 14:33 17 Nov 2009

If you have at minimum WEP wireless security enabled then your wireless connection should be safe, WEP is quite easy to break however and WPA or WPA2 should be used where possible. As you have disabled wireless altogether on the router that wouldn't appear to be the cause of the problem.

I don't use SKY, I have cable and the modem has lights for down and up stream traffic which flash when the Internet is being used, do you have anything similar? If so then you should be able to determine if the Internet is being used when you're not on the computer. As you have a router then presumably you have a network, is perhaps someone else using the Internet on another machine?

Do you use some kind of peer to peer program which can cause a continual connection. I don't use the BBC iplayer but from what I've read it uses a peer to peer network for downloading programs, if you have a continual connection these programs can still be using your connection as long as the machines they're installed on are switched on.

  Sea Urchin 14:47 17 Nov 2009

>> but I only use it with the direct wired connection and have not enabled the wireless part <<

My router was wireless enabled by default - so you need to be quite sure that your is not.

  bruno 17:45 17 Nov 2009

Thank you all for your help and advice. I am glad to say I have managed to cure it, in spite of almost 8 hours talking to Sky tech 2 "experts". One told me I must connect to their usage department but the Indian gent I spoke to today reckons this department does not exist, but to keep trying on line as their engineers were trying to get it working.!!!
I decided to give it one more scan and downloaded Stopzilla which found various cookies etc (about 7), but also two trojans which were hiding on the hard drive I keep only for back-up. I had used a programme for backing uo all my drivers and they were in there.
I had to pay 9 dollars to buy the system so it would remove them. Sure enough, I deleted the folders from my drive and rebooted and the fault has been cured.
Hope this helps someone else in the future.

  bruno 17:37 19 Nov 2009

A small adition to this post. The Trojan came back after half an hour. I had stupidly forgotten to turn off System Restore, something I knew about, but forgot, so I had to do it all again and it has been ok for 24 hours.

  gazzaho 03:01 20 Nov 2009

The trojan may be detected in the restore file but it's dormant there, it can't do any damage. Once the system is scanned and cleaned by an anti virus program and the only place it detects it is in the system restore file your system is safe. The only way it can reinfect is to run the restore point after the infection has been removed. The recommended way of doing it is to clean the system then turn off and on restore, then rescan to be sure. This Page explains it better than I can (click here) have a read.

It might be worth downloading and running MBAM (click here) and SuperAntiSpyware (click here) from time to time along with your anti virus software.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Alienware 17 R4 2017 review

Is this the future of VR and AR?

Best iPad buying guide 2017

Comment regarder le Bureau des L├ęgendes en ligne ?