Suspicious activity. How to find it?

[Zecha]

Could be that some of your games are connecting to web resources that Bitdefender falsely flags a number of times, as seen before. Could be.
And I would suggest you don't relate all glitches and slowdowns to malware. Software can have a number of factors causing them you know

I understand what you say. Every time I use bitdefender and I install the game named Rocket League my Bitdefender thinks he is a malware or because he is trying to change some files on a folder and he blocks it until I allow the access.
But after I allow the access I dont have any problem.
Threats I received wasnt related to the game I think because that threat I receive only on first install of the game on actual windows.

Those random threats came from nowhere.

I dont relate only glitches and slowdowns to malware. But I relate and changing of settings and things like that.
I have 2070 Super and 3600 and I dont think I have problems on these to be defective.
Bugs are not always malware. They happens to everyone. But when I have bugs and I have other settings im suspicious
Im trying to figure in the time will pass if is something malicious or not.

I had many strange things but I forgot them haha.

 

[Parsh]

Every time I use bitdefender and I install the game named Rocket League my Bitdefender thinks he is a malware or because he is trying to change some files on a folder and he blocks it until I allow the access.

Just wanted to share something I'd learnt earlier. Bitdefender Protected Folders feature by default protects the 'My Documents' folder among other folders.
Some games try to use this folder and get blocked and alerted.
So if that's a case, you may either remove that folder from Protected Folders (not advisable) or add the game to exceptions if you're sure about it.

 

[Zecha]

Just wanted to share something I'd learnt earlier. Bitdefender Protected Folders feature by default protects the 'My Documents' folder among other folders.
Some games try to use this folder and get blocked and alerted.
So if that's a case, you may either remove that folder from Protected Folders (not advisable) or add the game to exceptions if you're sure about it.

But if I have packet loss is a problem with my internet? Because right now I saw in the game 30-50% packet loss. What that means?
I updated the game and maybe they have some problems im not sure.

Regarding protected folders, I pressed allow. I think the bitdefender put the game on exceptions and is all fine now.

 

[Parsh]

What does packet loss mean? Oftentimes, packets don’t successfully make it through the network to their destination. Internet packet loss, sometimes called latency, occurs when packets get lost in transit during their voyage. Wi-Fi packet loss is likely to occur in private, wireless networks because when things are sent through the air, it’s easy for them to get lost or dropped. This becomes even more likely on long-distance internet connections because the packets have farther to go and, by extension, more room for error.

Unsuccessful packets slow down network speeds, cause bottlenecks, and throw off your network throughput and bandwidth.

What causes packet loss?

• Network congestion between server and your device
• Network hardware problems
• Software bugs
• Overloaded system in use
• Malware
• Inadequate infrastructure or network configuration ..

Packet loss can increase CPU load due to increased processing needed w.r.t. the extra network overhead.
You can refer to the link in quotes and this video for more info and troubleshooting.

 

[Zecha]

Today I was trying to recover my paypal account with my email.
My email is pld.....@yahoo.com and after I choose to receive on my email the security code, I put my email there (pld.....@yahoo.com) I pressed Next and after I have options where to receive the security code.
But instead of my email or phone number, I have ***gf@ya***.co.kr.
Somehow someone has enter on my email (if I can guess) and he changed second emails and stuff.
So wherever I log in they receive access (I think).

So how can I get rid out of this? Is there any solution to delete that on my email?

Im not sure what (***gf@ya***.co.kr.) does mean. If is something changed on my email or no.

 

[Zecha]

Can I find keyloggers with netstat on command prompt? Has that 100% efficiency?
I found a video on youtube by malwarefox.
Malwares are not keyloggers? Sorry but i dont know exactly what is a keylogger. If can be a malware.

Edit: I tried with netstat -bno and I searched for every IP address from the command prompt to google and all they were from companies except 3-4 which they are invalid on the IP find website.
All they are named Discord on command prompt.
But when I typed the Ip on website for Origin was for steam, when I typed the Ip for steam was for my IP Provider on my country etc.
So not 100% sure if they are correct and if all 3-4 they are from discord and maybe the website doesnt detect the discord ip address.

So I tried Netcut (that website posted a time ago) which detects who is using my internet and now Netstat -bno and both they were negative.
If I can make a bootable windows on a stick I will try to clean install windows as soon as I will understand what you have said to me @Parsh some posts ago about the steps I must follow.

 

[Zecha]

So I bought a Xiaomi Mi 9T in april this year, I used the phone only with mobile data and few days ago I connected to the wifi and start updating android version.
After some days I saw that battery drain is big. After 24 hours after charging and using only 60 minutes on screen I have left 50% battery.
Maybe is because I connected the phone to the wifi and the wifi is virused or something.
I use a Oneplus 5T by almost 3 years and I use that phone only on wifi and I have 0 issues with battery or phone in general.
But this Xiaomi had problems few days ago after I connected to the wifi.

Can I find somehow the problem? It is better if I can resolve the problem instead of finding.
I mean if I can change the cable, the router, the IP from internet provider or something like that.
Can I do something about that?
Thanks!

 

[Ink]

Purchase of the Xiaomi Mi 9T was brand new, refurbished or second-hand?

In my experience Mobile Data (4G) uses more battery than a WiFi connection. Updating Android firmware can be slightly more resource intensive than idle, and run down the battery by 5-10%.

It may be a known bug in the OS firmware update, in some cases things break or battery drain is higher than usual.

You may want to Factory Reset your Mi 9T after a proper backup. Restoring the phone back to it's original defaults, on the new OS update. Only install apps from the Google Play Store and install a Free Antivirus such as Bitdefender Antivirus Free for Android, or any known reputable vendors such as Avast, Kaspersky, Sophos, Norton etc. Avoid Free AV from unknown companies.

You may also turn off your router for 30 seconds, then turn it back on.


If you continue to have problems, don't hesitate to open a Malware Removal Thread here:

Support

malwaretips.com

 

[ForgottenSeer 85179]

Beside the tips from Spawn, does your Wi-Fi block telemetry etc.?
As Xiaomi are known for tracking and if you block things, then it try again and again to reach the Xiaomi server which drain your battery.

 

[Freki123]

@Zecha maybe first take a look at the xiaomi forums if it's a know problem. I own a different xiaomi and they have pulled some updates due to different problems. I never update it before atleast one week pass so they got time to fix stuff (or stop the rollout).
From memory: I saw quite a few times "battery drain problems" on different phones when they rolled out new updates.

https://c.mi.com/

Tldr: I think xiaomi just f... up an update and it not an virus or so.

 

[Zecha]

Purchase of the Xiaomi Mi 9T was brand new, refurbished or second-hand?

In my experience Mobile Data (4G) uses more battery than a WiFi connection. Updating Android firmware can be slightly more resource intensive than idle, and run down the battery by 5-10%.

It may be a known bug in the OS firmware update, in some cases things break or battery drain is higher than usual.

You may want to Factory Reset your Mi 9T after a proper backup. Restoring the phone back to it's original defaults, on the new OS update. Only install apps from the Google Play Store and install a Free Antivirus such as Bitdefender Antivirus Free for Android, or any known reputable vendors such as Avast, Kaspersky, Sophos, Norton etc. Avoid Free AV from unknown companies.

You may also turn off your router for 30 seconds, then turn it back on.


If you continue to have problems, don't hesitate to open a Malware Removal Thread here:

Support

malwaretips.com

When should I turn off my router? Before factory reset?
Can I do backup only for images, contacts and whatsapp conversations?
Is there any problem if I backup my images?

The phone is brand new from popular vendor on my country. Best in technology.
The person who is using Mi 9T is using all the time mobile data (4G) even when he turns off the display.
I recently installed Facebook on that phone, before having problems with battery and on battery consumption it look like facebook is on top every time with battery drain.
About 20% of battery drain goes to Facebook and only 5% on screen.

So can I try only to disable mobile data when she is not using the phone and delete facebook to see if the problem is solved?
Without factory reset the phone. I dont want to do that right now because she wants to have her apps and contacts etc.

 

[Zecha]

@Zecha maybe first take a look at the xiaomi forums if it's a know problem. I own a different xiaomi and they have pulled some updates due to different problems. I never update it before atleast one week pass so they got time to fix stuff (or stop the rollout).
From memory: I saw quite a few times "battery drain problems" on different phones when they rolled out new updates.

https://c.mi.com/

Tldr: I think xiaomi just f... up an update and it not an virus or so.

thanks for the info. I will try to test the battery on weekend.

 

[Zecha]

I tested the battery of the phone and everything is alright.
from 99% to 95% in 35 minutes of youtube.
and I lost 5-7% after night in ~8 hours.
I deleted facebook and used only wifi.
Maybe the facebook was the problem.
Ty for helping.

 

[Zecha]

If I cant type on some websites on my phone could be a virus into my phone?
Because when I try to type, sometimes my letters keep deleting and instead of LPZE my phone is typing ZELP for example.
I have nothing to do about this problem? To get rid of viruses in general on my pc and phone.
I factory reseted several times my phone and pc but I think I still have the virus
As I said, I got the virus by clicking on a button that said Access the link.
My location on accounts is wrong too. At activity page on different accounts I have different locations on my country but not the right city.

 

[ichito]

You should spend some time and check apps rights in settings in panel called "manage applications" or something like that. Not all should use disk, contacts, camera etc. access. I propose you look on apps called NoRoot Firewall in app store which easly help you to manage needed and unwanted connections.

 

[Ink]

If I cant type on some websites on my phone could be a virus into my phone?
Because when I try to type, sometimes my letters keep deleting and instead of LPZE my phone is typing ZELP for example.
I have nothing to do about this problem? To get rid of viruses in general on my pc and phone.
I factory reseted several times my phone and pc but I think I still have the virus
As I said, I got the virus by clicking on a button that said Access the link.
My location on accounts is wrong too. At activity page on different accounts I have different locations on my country but not the right city.

Could be auto-correct, check the keyboard app settings.

Are you using a VPN?

 

[Zecha]

Could be auto-correct, check the keyboard app settings.

Are you using a VPN?

wasnt the auto-correct because he keeps deleting me letters and not auto-correct the word. I just typed erew after space wq949 and continue to delete some letters so I got only erew and second word I couldnt type. I should go to notepad, type there the word and copy paste.
Im not using VPN on phone and on PC neither.

Can someone tells me what links he got for typing on Google : "World of Tanks Bonus Codes" ?
Because I get a website named hokx / mygameplus / picodi etc.
And I want to know if everyone gets these searches when he type those words on google.
This is a random search but if I want to search for other things Is bizarre because I think I get other results.
Maybe I can know if I have a virus that redirects me to other websites on Google and I can start searching for that virus on Search engine on my browser or other methods.

Thanks again!

 

[ForgottenSeer 85179]

Can someone tells me what links he got for typing on Google : "World of Tanks Bonus Codes" ?
Because I get a website named hokx / mygameplus / picodi etc.
And I want to know if everyone gets these

This doesn't work with Google as Google (automatically) personalize results for every one. So person 1 get other results then person 2.

 

[Zecha]

Can someone tell me if this video is good and I can try what he said?

After I try these steps from the video (if its good and not a scam), I shoud try another steps on other devices before that video or after?
I still get some emails, for example I got one from facebook that said I can log in with a simple click or something like that because I had an attempt to log into my account.
But I dont remember to did that.
I want to eliminate every possible way that the virus can spread (if I have one).

Another question I have is : is it normal to have 5 search engines on my web browser (chrome on pc and phone)? I have yahoo bing google duckduckgo and one yandex(ru).
Should I do something to get rid of these search engines or they are normal to be there?
Again, do I have to change emails? (Creating new ones).
I dont know what to ask but I think I have something into my devices if I still receive emails and my devices are weird sometimes with crazy bugs. For example 1 time in many hours my page is scrolling up or down for 1 sec and he stops.

I hope I can fix this problem...
Thanks!

 

[Zecha]

If I connect a device to my wifi, for example my TV and I go to youtube without connecting to any account I get videos that I usual get on my pc with my account.
Is this a sign that Im infected?
Another strange thing is that I bought an iPhone and because Im scared I didnt connect to many things to that phone.
I only linked icloud account and I think this is the only thing. I use mobile data for internet.
But if I go to youtube I still receive things that I receive on my computer.

How is that possible? Without connecting any account on youtube, without searching for those things and without connecting to my home wifi.
I dont know how it works...
Maybe someone can tell me.