[Need Help With Bandwidth Problem]

First, be ABSOLUTELY CERTAIN that the only instance of "services.exe" is in your C:\WINDOWS\system32 directory, if you have one anywhere else as well, it's a bad guy and you'll need to post into our Malware Removal forum about it. A secondary services.exe or service.exe anywhere other than system32 can be any number of infections, including the MyDoom infection, so be ultra sure that you only have one of this and it's in the proper directory.

Services.exe (the real one) is the Windows Service controller and is responsible for starting and stopping windows services as required by the system or user configuration. It does require Internet access at times but it shouldn't be constantly downloading. It's possible that what you're seeing are Broadcast packets from this and not actual TCP packets, what protocol are you seeing with this activity (TCP, UDP, ICMP..etc), and how much of it is there? Have you done a WHOIS on the IP addy it's connecting to, to see where it's connecting?

There is only 1 instance running. I did do a WHOIS on the IP even though im not sure what a WHOIS really does but it gave me the location of the place and a website and a bunch of other info i don't really understand. it's anywhere from korea to russia to colorado. but heres the problem at any one time theres anyhwere from 3-35 IP's that services.exe is connecting too. I'm not sure what you mean by TCP packets or how to tell what protocol im seeing. i can tell you however that within 2 hrs services.exe has recieve 8,000 kb and sent 20,000 and it they increases anyhwere from .5-3 kb each second. i know for a fact that if i leave my connection on that it will continue to dl and ul. I did that last night and i checked my connection in the morning using the computer icon in the bottom right corner of my screen and its was at 900,00 packets sent and about 950,00 recieved. it is never that high even when im dling programs or music. i'm running XP as my OS.

[Need Help With Bandwidth Problem]

For the past week now there has always been something constantly downloading/uploading on my computer. After a few virus scans using AVG and Spybot I removed some things but still couldn't fix the problem. I also took a look at a few hijackthis logs before and after the virus scans but i couldn't find anything that really stood out (i'm no pro but I can sometimes figure out whats going on, what should be there and what shouldn't) I just today downloaded a "bandwith watcher" called Netlimiter 2. it shows you what programs are using the internet to download and upload and at what speeds. I found the program to be constantly downloading and uploading to be services.exe. I don't beleive it to be a virus or anyhitng like that because i ran all those virus scans and the services.exe that is doing all the downloading/uploading is located in c:\windows\system32\services.exe. can someone help me with this. why is it dl/ul so much, what is it dl/ul, and how can i stop it.

Thank you -Phil