Unknown download continuing

I still have slow dial-up. Lately, I've noticed what appears to be a download in progress in the background, which prevents me from doing anything online, unless I close my internet connection and than reopen it. How can I find out what is being downloaded, so I can stop this process? I don't see anything obvious when I go into Task Manager. I use Sandboxie when online, so I guess whatever is attempting to download is eliminated when I close the sandbox. I haven't been adding any new programs or changing any preferences (to allow automatic updates), other than updating Firefox and Thunderbird. Any help would be appreciated.

 

I've never checked to see if it does it with the browser closed. I'll have to experiment, but it is sporadic, not something I can predict. I do have the problem at least once or twice a day, though. Windows Update has always been disabled.

 

Have you ran a virus check and also MBA-M to see if there is a nasty on there that may be calling home?

 

When I closed out my browser & sandbox, the downloading stopped and didn't seem to start up again.

I haven't added or changed any programs. The programs that do check for updates all do it very quickly and have never been a problem.

I did a TrendMicro spyware/antivirus scan, and nothing showed up. I haven't heard of MBAM before, but will stop at the library and download it today. The 10+MB download would take too long on my dial-up. I'll see what that discovers.

Thanks for the suggestions.

 

The FREE version is all you need. It is just a little over 6mb.

http://majorgeeks.com/downloadget.php?id=5756&file=9&evp=693ee0b20204960edfd909666f809b26

DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version if one is available. There are always new updates to the definitions.
* Once the program has loaded, select Perform full scan, then choose the drive(s) then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected if malware is found.
* When MBA-M finishes, Notepad will open with the log. The log can be retrieved by opening up MBAM and clicking on the Logs Tab at the top of the program .

Reboot the computer.

If it finds anything, post it in the Malware section and let Broni take a look at it. He is good at what he does. He may have you run something else besides that.

Don't download the advertisement that it shows. Just wait for the pop down bar to show up and download it.

 

I didn't anticipate that anything would get through the sandbox, and that is what I discovered after running the program. Here is the only thing that showed up:
Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

I doubt that any of those are running anything online. Does anyone know of a program I can run that will allow me to identify downloads? Any other suggestions would be appreciated.

Thank you.

 

I believe that I have solved this problem, though I'm open to any comments that prove me wrong. I started using Yahoo rather than Google, and the problem doesn't seem to be present anymore. I guess that Google is so interested in grabbing information from people that its search engine is only designed for high speed access. I realize that not many people use dial-up anymore, but those who do may want to stop using Google. Any thoughts from the experts?

 

Though it apparently worked last night, this morning I'm back to steady information sending and receiving. I tried IE, but that was the same as Firefox. If I don't have a browser open, the Internet works fine, but when I open a browser I am slowed down by this constant sharing of information. I just noticed that after about 1/2 hour of this garbage, I am no longer sending and receiving. I wonder if the problem is that I am using Sandboxie, so whatever needs to be downloaded is lost when I close the sandbox, and the next day I have to start all over again. Any suggestions? I can open a browser without Sandboxie, so that this doesn't continue, but I'd like to know what this is that is being downloaded before I just allow it to be put on my computer.

 

The problem continues. I probably won't notice it when I switch to high speed access in May, but I would like to know what is being downloaded without my permission.

I discovered that one of my hotmail accounts was hijacked, as I received an undeliverable notice about a message I supposedly sent to Russia. I changed my password, but I don't see how an online mail account would be impacting my computer.

Any thoughts on this?

 

I think I may finally be on the right path. I located a freeware program called NetLimiter 2 Monitor, and it identifies where the downloads and uploads are coming from. Apparently, the problem is with my Trend Micro Internet Security Pro. Though I had turned off the automatic updates, I had never done anything about proxy server. There is an option to use or not use a proxy server to connect with the Internet. I changed the setting to not use the proxy server and found that the Internet activity was greatly reduced, though not completely. The usage still seems to be coming from the Trend Micro Proxy Server. I would appreciate if someone could explain to me what this proxy server is, whether it is needed and what I could do to disconnect it, if it isn't necessary.
Thank you.

 

Wikipedia: Proxy Server

Define "needed ". They can come in handy for things like caching web pages, anonymity (security) etc. See the "Uses" section of the above web page.

One way would be to replace Trend Micro with Microsoft Security Essentials.

 

I still don't follow the purpose of the proxy server for an antivirus program. I could understand it running to check things when I am using the Internet, but what is it accessing when I'm not using the Internet?

Are you saying that Microsoft Security Essentials doesn't use proxy servers? My main problem with AV software is the constant updating of their patterns, requiring 40MB downloads (not possible on slow dial up). I have to turn off my automatic updates and then download that, once a week, at the library. What are the pros and cons between the Microsoft program and the Trend Micro program?

 

No difference. They need to update often. Every day there are bad guys doing bad things just waiting for unprotected people to get to them and mess them up.

 

In 2010, malware growth was up to 60,000 new samples DAILY.