Possible virus/malware Windows 7

[AWS]

I've been noticing some really strange traffic via my router lately. Do not know how it even got there tbh. Been making sure to scan anything that I've downloaded and they've all come up clean. And it's been through safe channels.

 

 

I've run Avast and it's come up clean, I've run Super Anti Spyware and it came up clean same with Malwarebytes.

 

Here's what I've run into:

 

http://extremetechsupport.com/data/MetaMirrorCache/e03aaa85f1a5f0986a26301f872df15d._.png

 

http://extremetechsupport.com/data/MetaMirrorCache/ef6fd4eaf647e931df946a718f3aca51._.png

 

 

 

http://extremetechsupport.com/data/MetaMirrorCache/47e1d50331ad06b97ae6b20526545e52._.png

 

 

 

http://extremetechsupport.com/data/MetaMirrorCache/48d673df6c66d4109ebca91f1782b8bb._.png

 

 

This is really concerning.

 

 

What I've been through so far:

 

 

Seriously Google... /facepalm

 

Was trying to look up 'glen morgan not doing home x files' and it wouldn't load. Checked my internet speed and it was normal, running around 23mbps. Purposeful slowdown anyone -_-? This happened on both Chrome and Firefox. Was looking for a recent X Files

revival article. Thanks for nothing, AT&T.

 

Ok did some more looking and this is just getting weirder and weirder.

 

Looks like my router is being ddos'd somehow.

 

INF 2015-06-04T22:29:38-04:00 fw,fwmon src=87.120.37.199 dst=0.0.0.0 ipprot=6 sport=443 dport=443 TCP SYN Packet Dropped

 

The above is what keeps on showing up. Blocked the bastard. But I ran into a few others yesterday that did this too.

 

But I'm wondering if the above might have caused the slow down via Google search. Best guess is that maybe they were ddos'ing Google at the time? And my router happened to be in the way...

 

Checked the times when it was around: It seemed to go from 10:29pm to around 10:44pm.

 

Any other ways to stop this stuff would be welcome. As I'm at wits end here O_O.

 

I've run anti virus scans recently and they've come up clean. Will be double checking though to make sure things are ok.

 

Edit: It's still continuing. This is really starting to **** me off. I'm beginning to wonder if I've been compromised somehow.

 

Edit, Edit: Did a reboot/reset and it worked for a bit. But sadly the damn address came back AGAIN and is once again TCP SYN attacking. This is really making me angry now.

 

Did some more digging and it seems to be connected to Google Chrome some how, I double checked things and it hasn't shown up via Firefox.

 

This new traffic I found today was via Firefox. So now it's looking more and more like a virus, malware or spyware.

 

 

Any help would be greatly appreciated. Thanks.

 

Also, the blanks on the pictures are where my ip address would be, edited those out for security reasons. That was a HUGE red flag to me, seeing it drop TCP SYN packets to another ip address I've never visited.

 

Edit: Just finished a Spybot scan and it came up clean too. This is driving me nuts.

 

 

 

View this thread