TSR PSNOOP

[Doug-inNC]

For the longest time I've been having problems with the performance of my PC when browsing the internet. It seems to go to sleep from time to time. I press a link or a favorite link and it just sits there for a couple of minutes. Only one of my PCs has this problem.. the other one works fine.

Today I discovered an application running (by pressing cntl+alt+del) ... I believe it was PSNOOP. I closed that program and now my internet response is great. Actually the overall performance of the PC is improved.

Do you think the PSNOOP program was really the cause of the poor internet performance, or just a coincidence?

I don't see this program in my start up folder. Does anyone have an idea on how to stop it from loading when I boot the PC?

Thanks
Doug-inNC

[Xayd]

Well of the top of my head PSNOOP sounds like a port sniffing or packet filtering trojan.

Got a firewall?

If not, get one. http://www.zonelabs.com

Xayd

[MadMax]

Psnoop is a small program to analyse Gravis UltraSound patch files. It displays all of the included information, and can export the included sounds to WAV, AIFF, or raw data format files. The exported data files will have names with note suffixes (e.g. flute_G3.WAV ) which makes them easy to use with midi2cs.

Executables are included for DOS, Windows 32 bit console mode, and for Linux

Taken from
http://ds.dial.pipex.com/town/plaza/ag81/freesoft.htm

Run MSCONFIG
Look in the Autoexec.bat and Startup tabs

[Statica]

Quote:

Originally posted by MadMax Psnoop is a small program to analyse Gravis UltraSound patch files. It displays all of the included information, and can export the included sounds to WAV, AIFF, or raw data format files. The exported data files will have names with note suffixes (e.g. flute_G3.WAV ) which makes them easy to use with midi2cs. Executables are included for DOS, Windows 32 bit console mode, and for Linux Taken from http://ds.dial.pipex.com/town/plaza/ag81/freesoft.htm Run MSCONFIG Look in the Autoexec.bat and Startup tabs

Hey folks, XayD is right, dont assume the program to be what it is supposed to be just because of the name of the executable. Its very easy to wrap a trojan around a harmless file or to have it load under different alias' (We have BO2K to thank for that knowledge). If its the file its supposed to be, well and good, if not you have a problem. In any event scan for trojans and/or virii.
There are a few triggers to thinking its malicious .. its obviously using ur CPU / internet connxn. and am assuming u arent actively working with your snd card.

Cheers.