Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

If a service is a Variant,family of worms and Trojans.


  • This topic is locked This topic is locked
4 replies to this topic

#1 Jove

Jove

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:07:36 PM

Posted 18 November 2008 - 06:30 PM

If a service has been identified as ; A variant of the IRCBot family of worms and IRC backdoor Trojans, . .and it is disabled, can it still be doing bad stuff ? like dirty things ? Like, Mean, Mean Nasty things ?

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


BC AdBot (Login to Remove)

 


#2 Zllio

Zllio

  • Members
  • 1,107 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 19 November 2008 - 02:59 AM

Hi Jove,

I always want to put by before your name :thumbsup:

Your last sentence makes it sound like you are describing something specific? What Mean Nasty things are you thinking of?

Zllio

#3 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:07:36 PM

Posted 19 November 2008 - 07:45 AM

Hello Zllio,

Mind you, I, . .ahhh, . . well to be frank, . . I pushed the panic button as usual, and since I am still learning the skills of navigating the various routes and pathways within the PC system, I should have looked a little further into this particular one, incidentally which I still haven't done yet.

In any case the question has been forming in my mind for some time, that was, . . as an example;

Posted Image


But although this may not actually be the variant form, it does provide a good example of my question.

I take it the path to executable does not provide the location nor any indication, as to, if this were a variant, reveal it ?

Hope my pictograph isn't confusing.




BTW, . . I posted a HJT, . .Can I un-click some start up items in Config. Utily. ?

Edited by Jove, 19 November 2008 - 07:58 AM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#4 Zllio

Zllio

  • Members
  • 1,107 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 19 November 2008 - 10:25 AM

Hi Jove,

With HijackThis, you can remove 04 items (but not global items). HijackThis creates a backup. However, if you uninstall HijackThis, it also uninstalls the HijackThis folder where the backups are located, therefore it's important to keep the backups.
Some programs that startup are simply programs you don't need at all and can be removed with add-remove programs.
Also, there is sometimes an option in a program to not load up at startup. If it's there, it will be found by opening the program and finding this option.
A couple of programs which allow you to control your startup items are at these links:
Windows XP Startup Tracker vs. 3.8
Startup CPL


As for your other question, the best thing to do when you are unsure of the validity of a program is to put it into Google and see what comes up. If there's a lot of conflicting information, then you will need to study the different pieces of information or post about it and ask someone here if they know what it is. It's good to use caution about disabling or turning off anything. If the sites that come up all shreak virus or trojan, then you can read about it in sites that give calm and thorough information about it like Symantec or FSecure. Sometimes it really is hard to tell if you have the real program or a variant that is a virus. In that case, knowing the file's size, as file size can narrow down some questions. Also, if you see a really suspicious looking file, only to discover it's been on your computer for the past 4 years and you're not having any weird symptoms, then chances are, it's all right.

I don't think I answered your question directly, but I hope this information was helpful.

Zllio

#5 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:07:36 PM

Posted 19 November 2008 - 02:16 PM

BTW, . . I posted a HJT, . .Can I un-click some start up items in Config. Utily. ?


you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

This topic is closed
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users