Constant huge download

  • Thread starter Thread starter Ike
  • Start date Start date
I

Ike

Business, T7700
Avast! A-Squared Defender
NetGadget shows UP and DOWN traffic.

Booting this morning, a download began. It had a lot of
priority, because emails and other online events were
extremely slow. It finally ended after 30 minutes...

A2 and Avast are set for manual updates, not automatic.

And it's not Tuesday...

Let's assume there's nothing evil on this machine.

I want to take control of such things. What can I do to
identify the program that initiated that download?

Thanks!
 
No strange services or processes running, that I could
recognize.

Task Manager -> Networking shows "Loopback Connections
for Xdrive" at 0.15%, but Xdrive (the online backup
product) is not installed on this laptop. It may have
been at one time (assistant uses it as well).

Services show "Xdrive Service" -- stopped.
Processes show no Xdrive.
Search found no Xdrive app or files.
In Registry, found instances of Xdrive and deleted.
 
I called to check and you are correct, but he believes
Xdrive had been uninstalled. Some bits and pieces showed
up with Regedit, and I deleted them.

Even after rebooting, the Network Activity display
indicates that "Loopback connection for Xdrive" is still
connected and running.

I'm not convinced that Xdrive is causing this activity,
but there's still constant net traffic. What's changed
is that it is not all download, but UP/DOWN in equal volume.

This computer is strictly business and does only
low-risk things. There are no games or videos on it, and
no odd downloads. But the net activity continues, though
a scan with A-Squared and Avast found nothing.
 
Ike said:
I called to check and you are correct, but he believes Xdrive had been
uninstalled. Some bits and pieces showed up with Regedit, and I deleted
them.

Even after rebooting, the Network Activity display indicates that
"Loopback connection for Xdrive" is still connected and running.

I'm not convinced that Xdrive is causing this activity, but there's
still constant net traffic. What's changed is that it is not all
download, but UP/DOWN in equal volume.

This computer is strictly business and does only low-risk things. There
are no games or videos on it, and no odd downloads. But the net activity
continues, though a scan with A-Squared and Avast found nothing.
Click to expand...

Sounds like your computer got hijacked and is a part of a herd bot. Have
you run any root kit detection/removal software like Spybot Search and
Destroy?

Alias
S
 
Alias said:
Sounds like your computer got hijacked and is a part of a herd bot. Have
you run any root kit detection/removal software like Spybot Search and
Destroy?
Click to expand...

Alias talking about a herd. The only "herd" he knows about is SHEEP.
 
Back
Top