1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

what happened here

Discussion in 'Virus & Other Malware Removal' started by paranoid bob, Sep 4, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. paranoid bob

    paranoid bob Thread Starter

    Joined:
    Sep 4, 2004
    Messages:
    37
    I'm new at this and security is my main issue before I go "surfing". Last night while trying to download a zip program, my av kicked up and started scanning. While this was happening, Zone Alarm started connecting to Zone Labs without prompting( I had disconnected at the start of the alert). AVG
    found and "healed" the infection. It was "trojan horse irs back door.sd ...bot.34.bo". After, I checked ZA logs and found three programs activated but not by me and I don't use them.All three were asking for access
    to the internet but I denied them. I'm paranoid bob,remember? Those programs were: (i) files and transfer settings wizard, (ii)trivial files transfer and (iii) run dll as an app. I'm running XP and recently formatted but haven't had a chance to do updates(dial-up takes forever). Wwhat happened? Was I hacked? What are these programs used for and why did they activate without me asking? Remember, I'm a newbie, so make it easy for me to understand and I thank you ahead of time for any help.
     
  2. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
  3. paranoid bob

    paranoid bob Thread Starter

    Joined:
    Sep 4, 2004
    Messages:
    37
    thnx Nok1,
    I have did what you said and saved the log file for hijack this. Please tell me
    what I do next and how to post a log file
     
  4. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    Please copy the log here and someone will help you. Make it a new hijackthis log though.
     
  5. Flags

    Flags

    Joined:
    Sep 9, 2001
    Messages:
    1,930
    Bob: Be sure that you updated HiJackThis, then run another scan. Highlight the entire scan results and press Control+ C. This will copy the selection to your Clipboard.
    Navigate to this posting and click Post Reply. Left click in the reply window, and press Control+ V. This will Paste whatever is on our clipboard into the reply field.
    One of the experts will advise you further about what to do then.
    Good luck.
     
  6. paranoid bob

    paranoid bob Thread Starter

    Joined:
    Sep 4, 2004
    Messages:
    37
    Sorry folks, but I got impatient. I have formatted and lost everything. I thank you for your help and wonder what you can tell me about those programs. Anyways, now I know where you are and I'm sure it won't be long before I'm back with more questions.Don't go too far away.
     
  7. paranoid bob

    paranoid bob Thread Starter

    Joined:
    Sep 4, 2004
    Messages:
    37
    Thank You folks,
    I apologize for my impatience but I pulled the plugs and went to a knowledgable friend with my tower. After some tests and yet another format we finally found the problem. Sasser. Now it's gone and I'm updated with better av protection and firewall.
    I'm still learning and I'm sure I'll be around with more questions and more problems. It's good to know that there are people there to help.
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/269970

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice