Runaway modem - Solution and question

Original Post: Within the past few days, when I log onto the internet (dial up via either MSN or NetZero), my download times are excrutiatingly slow and many MSN functions will not work. When I check the Dial Up connection icon, it shows that more data is being transmitted than is being received. Sometimes a 3:1 ratio.

I have run Nortons Virus and scrubbed one virus (W32.SWEN) and a trojan (BACKDOOR.SDBOT). Adaware comes up clean as does Spyware Doctor.

At first I thought it may have been tied to using the same MSN connection for both my laptop (the problem) and my desktop workstation and the excessive SEND was tied to MSN synchronizing. But since the problem also exists while on NetZero, I'm totally befuddled.

Maybe the modem itself is broke? Spyware maybe?

This Board Proposed Solution: You may be a good candidate for a firewall. I agree that the 3:1 ratio is unusal. I can give you only limited instructions about firewalls, since I don't use one. Most posters recommendation Zone Alarm. There is a free version, which may be a good place to start. According to many posters it appears that the current version 5.? has problems, therefore version 4.X, where X is 5, should be used. Search these forms for both "firewall" and "zone alarm", for additional information. P.S. I am not suggesting this as alternate position to "pskelly's" post, but as an addition. If you susopect your modem, try running modem diagnostics is there are any.

Status Update: I ran Hijackthis and found some suspicious activity. Installed Kerio Personal Firewall and that seemed to solve the "runaway modem" problem. When I checked the Kerio log I saw it blocked activity related to a BACKDOOR Trojan. Further investigation led me to 2 executable files: FMENASS.EXE and NBMGT.EXE, both related to the W32.SDBOT that Norton "supposedly" cleaned. I cleaned the registry of those items and deleted the EXE files. So far sooo good.

One further question though: I have a file named SYSCDD2.EXE running. Kerio blocks it and repeated Google searches don’t turn anything up on this. Any ideas what SYSCDD is?