September 12th, 2007, 21:24 PM
BTSTAC~1.EXE gone awry - Trojan, malfunction?
Anyone have any idea if this bluetooth program can either go awry or be hijacked? I've been searching online for info, but haven't found anything conclusive. I can stop the process, but need more info to determine exactly what to do. Haven't used the bluetooth for a couple weeks, so not sure why it would be running.
Problem info and suspicions:
Computer 1 -
I'm running XP Home, 933mhz, 512 mb (small, I know, maxed out, but for office stuff)
Internet connection is Hughes Net satellite, 6000.
I've been put under fair access (throttled) twice in two weeks for going over the 200MB download in a 24 hour period. Problem is, I didn't do the download, nor did it come from my computers on purpose. Wireless is shut off, so no access from outside.
I've been checking my usage regularly to see if I could find the culprit. Today, refreshed and noticed an 8MB download in a previous hour (current hours weren't showing). I had been playing CIV IV on the fast computer (computer 2), so know I didn't do it. I keep auto updates off, and do them myself at intervals, so it wasn't that. Only my virus database updates by itself, and that is too small to be 8 megs.
Went to other computer and CTR/ALT/DEL to find that BTSTAC~1.EXE was taking 97%. Immediately disabled and unplugged satellite modem to that computer. It was the only process taking any memory. My antivirus was enabled, and I had a Firefox window open to view my usage. Not sure where the info is going, but checked my Local Area Connection Status and large amounts of packets, 60,000, had been sent and received.
Here is what I have done to detect if any spyware, adware, trojan, etc., was on the computer.
Ran Uniblue's SpyEraser, Registry Booster programs (fixed registry errors, and two items on SpyEraser, weren't related to this problem so didn't make note of them)
Ran SB S&D, nothing monumental to report there, the usual ad cookies
Ran Avast Anti-Virus scan, thorough (took all day on that machine)
All came out clean other than the usual cookie warnings, none of which were a problem.
Adjusted Services and Startup to make sure that nothing was running that I didn't want to be running there. Have to keep those clean because of the minimal resources. I didn't notice any new ops selected to start.
I'm still not 100% this is my usage leak, Hughes seems to think it has to be me, but I'm not finding anything and they did admit there may be a modem problem, but unlikely.
Any info to help me head in the right direction to diagnose this would be very appreciated. I've spent a couple days with no luck so far.
Forgive the rambling, trying to provide enough info and am a bit bleery eyed with all the "investigating" I've done. About ready to start beating my head into the cement wall. . . .
September 13th, 2007, 13:03 PM
She who must be obeyed
Sounds like someone is stealing your bandwidth. Is this a wireless connection? If you password-enable it, that will keep others off.
Also, check your bluetooth settings. Turn discovery OFF.
I doubt it's a spyware/virus issue.
And don't beat your head against the cement wall. Hughes tech support is the one being less than helpful. Beat THEIR heads against the cement wall.
Last night, I shot an elephant in my pajamas. How he got in my pajamas, I'll never know.