• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

A virus that downloads uTorrent?

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
Cheator

Cheator

Member
Joined
Apr 21, 2004
Location
Ottawa, Canada
Hi everyone.

I'm currently not very happy at all with Limestone Networks. They have ads here that advertise a nice quad core server with 8gb of ram for 134 a month. Its a good deal so we took it... however it certainly doesn't seem like it.

We've had nothing but trouble. OS reload of the wrong OS, they gave us the wrong login so we were loging into someone else's IP KVM, their ticketing system is very buggy, and they took 2 days to reinstall the os!

So last night my buddy and I are trying to get to the server with no luck. RDP Is refusing onnections left and right. Then, we look at our bandwidth consuption. We've got NOTHING on this server, yet we'e used 500GB this month!!! we might have used 500 mb, but definatly not 500 GIG! Arg!

So we create a ticket with them, and they investigate. This is what they've come back with:

It seems that you've been attacked by a virus of some sort that has added utorrent to your machine. The file location below has been created and torrents have been downloaded with a lot of files totaling in over 70GB.

Below are the locations of the program and files. The first path is were utorrent is running from. The second is where the torrents and files are being downloaded to. It is running itself as svchost.exe *32 in your process list, I went ahead and killed that process. I am not sure if it will auto restart on reboot or on its own as I have failed to find any information regarding this trojan,virus or worm.

C:\Program Files (x86)\Common FIles\SpeechEngines
C:\Program FIles (x86)\Internet Explorer\SIGNUP

svchost.exe *32

I would suggest backing up any files and having us do an OS reload which will consist of a full format of the machine and a reload of the Operating System.
Click to expand...

I think my friend is right in that someone at the datacenter used our server as a torrenting box... he sat there, turned off RDP, and just downloaded to his hearts desire. Man this makes me angry! Whatdo you guys think? Bull**** or not?
 
Sounds to me it would be better if you loaded your own server OS, set the permissions so that only you have access.

Is the server located where you can physically touch it?

Do you know the administrators password? Do you have Aministrative rights?

What OS is it running? (looks like Windows from your post - what version?)

And I would really consider trying to get out of the contract.

If you want some help off line message me.

HTH...
 
You must log in or register to reply here.

Similar threads

jebba
Wet Rocks: Libre Single Phase Liquid Immersion Cooled Computer
Replies
0
Views
131
jebba
jebba
F
Pihole Build Thread - A Complete Walkthrough
Replies
2
Views
656
freakdiablo
F
don256us
Happy holidays edition with a 30 billion milestone!
Replies
5
Views
518
Holdolin
Holdolin
Kenrou
Set Your Calendars: Windows 12 is Coming in June 2024 with Arm Support and AI Features
2
Replies
21
Views
1K
mackerel
mackerel
don256us
We have a second 50 billionaire and you probably already know. ;)
Replies
4
Views
314
WhitehawkEQ
WhitehawkEQ
Back