New
#1
System Sending Signals That I'm In Indonesia
The thread title might be misleading: I don't KNOW that my system is sending signals that I am in Indonesia, but I believe it might be.
Something is very wrong and here are the symptoms seen and steps taken to discover what it is:
(1) I have TweetDeck with a filter set up to see certain tweets, and I noticed what should be about 2 tweets per second down to 2 tweets per minute. The tweets are curiously quite Asian, and some tweets show up with foreign script characters (I assume they are Indonesian, based on item #2)
(2) Whenever I am suspicious about something, it's an automatic virus scan. Although my normal antivirus running is MSE, I also start Malwarebytes free as a 2nd look. This time I started it immediately, and it was updating its version (seems it does it all the time) with the setup asking for "Indonesian" instead of default "English." That cinched it for me that something was amiss.
(3) While the virus scans ran, I checked Control Panel->Region and Language: that was set as it should be ("United States" everything)
(4) I ran "sfc /scannow": nothing wrong there
(5) I suspected a proxy set at the machine and there was no indication of any proxy
(6) I checked the administration of the router, and there was nothing out of the ordinary (suspicious)
(7) I have WinPatrol, but I am not finding anything alarming or where it indicates a change
(8) A look at Hijack This log did not suggest anything unusual.
(9) A computer restart and starting up Malwarebytes free again this time showed English
(10) The tweet stream however is still not normal, generally Asian tweets. There is nothing in the Twitter setup to indicate that I set a location that is not in the United States. I have verified this in the Twitter browser interface (Profile & Settings).
(11) I have noticed that my Chrome browser is taking a longer time to full a request for a URL. I was thinking it was a network problem (although I have 55 Mbps service via cable). I am suspecting my requests are going through a foreign (proxy?) server, although everything I've done so far shows no malware.
(12) I will continue to do more analyses, such as running Sophos antivirus (formerly rootkit?) software.
Any suggestions to find out what's going on?
This can't be exclusively a problem related to interaction with Twitter, because why would a Windows setup for Malwarebytes earlier prompt me for setting up in the Indonesia language, even though it's missing now?