Download6

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

GuessWho

Thread Starter
Joined
Aug 25, 2004
Messages
8
I think that I've somehow contracted some type of trojan on my computer. I've noticed a few months ago back when I was using AOL that everytime I logged on, the second I connected online I got the "blue screen of death" and if I did CTL-ALT-DEL and closed AOL then rebooted I was able to connect again without incident (although sometimes it did reoccur after the reboot and I would need to boot again).

Anyway, now I'm connected to a high-speed LAN and after some inspection of my machine I noticed that a dial-up adapter had been installed under the name download6. I never installed this adapter, but after some research online I learned that download6 is some type of remote administration tool. I even found a download6 file in my Windows directory but it wasn't listed under Add/Remove programs. I deleted the adapter, as well as the one for AOL, and the download6 file. This all happen about a week ago.

This week I've noticed that my system's clock somehow loses minutes and starts running behind. I've seen that on 2 separate occations, when I've gone to shut down, the computer stalls abnormally and then doesn't shut down completely. I happened to check my network setting and noticed that both the AOL and the download6 adapters were back somehow!

Long story short I figure someone has hijacked my system and may be running processes on it remotely over the internet. Has anyone heard of this or possibly know how it can be corrected.

I've run McAffe, which caught nothing. I'm running Windows ME with the free version of ZoneAlarm as my firewall. If it helps, I've noticed some suspicious sounding program called ptsnoop.exe loading at startup. I don't know what this program does but soemhow it loads even when I do a "clean boot".
 
Joined
Aug 1, 2003
Messages
51,988
The one with the suspicious name is the safe one; ptsnoop.exe is part of a modem driver.

SpybotS&D can detect most trojans and keyloggers. Run a full scan with an updated version.

http://www.safer-networking.org/en/index.html

There's an online trojan scan here:

http://www.windowsecurity.com/trojanscan/

There are a lot of programs that purport to keep your system clock set that are really just packages for adware. Spybot should catch those, too, but use Ad-Aware as an adjunct to be sure all are caught:

http://www.majorgeeks.com/download.php?det=506
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top