1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Download6

Discussion in 'Virus & Other Malware Removal' started by GuessWho, Sep 5, 2004.

Thread Status:
Not open for further replies.
  1. GuessWho

    GuessWho Thread Starter

    Joined:
    Aug 25, 2004
    Messages:
    8
    I think that I've somehow contracted some type of trojan on my computer. I've noticed a few months ago back when I was using AOL that everytime I logged on, the second I connected online I got the "blue screen of death" and if I did CTL-ALT-DEL and closed AOL then rebooted I was able to connect again without incident (although sometimes it did reoccur after the reboot and I would need to boot again).

    Anyway, now I'm connected to a high-speed LAN and after some inspection of my machine I noticed that a dial-up adapter had been installed under the name download6. I never installed this adapter, but after some research online I learned that download6 is some type of remote administration tool. I even found a download6 file in my Windows directory but it wasn't listed under Add/Remove programs. I deleted the adapter, as well as the one for AOL, and the download6 file. This all happen about a week ago.

    This week I've noticed that my system's clock somehow loses minutes and starts running behind. I've seen that on 2 separate occations, when I've gone to shut down, the computer stalls abnormally and then doesn't shut down completely. I happened to check my network setting and noticed that both the AOL and the download6 adapters were back somehow!

    Long story short I figure someone has hijacked my system and may be running processes on it remotely over the internet. Has anyone heard of this or possibly know how it can be corrected.

    I've run McAffe, which caught nothing. I'm running Windows ME with the free version of ZoneAlarm as my firewall. If it helps, I've noticed some suspicious sounding program called ptsnoop.exe loading at startup. I don't know what this program does but soemhow it loads even when I do a "clean boot".
     
  2. Elvandil

    Elvandil

    Joined:
    Aug 1, 2003
    Messages:
    51,988
    The one with the suspicious name is the safe one; ptsnoop.exe is part of a modem driver.

    SpybotS&D can detect most trojans and keyloggers. Run a full scan with an updated version.

    http://www.safer-networking.org/en/index.html

    There's an online trojan scan here:

    http://www.windowsecurity.com/trojanscan/

    There are a lot of programs that purport to keep your system clock set that are really just packages for adware. Spybot should catch those, too, but use Ad-Aware as an adjunct to be sure all are caught:

    http://www.majorgeeks.com/download.php?det=506
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/270328

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice