Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor: BAT/Zapchast.I: how to remove


  • Please log in to reply
No replies to this topic

#1 EggplantErin

EggplantErin

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:34 PM

Posted 10 January 2011 - 09:01 PM

Hello,
Seems I've got a bug. Hubby reported yesterday that his account was acting strange -- would not allow him to open any programs. We run Windows XP Professional on our home computer.

I ran a scan with MS Security Essentials. It found nothing amiss.

Then I ran a full scan with Windows Live OneCare Safety Scanner. It found three severe threats, one of which I was able to rid us of today. His account now seems to work fine -- programs open, he can get online, etc. BUT, I ran the OneCare scan again this evening, and it found the same two threats. For some reason, OneCare can not clean them up, and offers no suggestions.

Here is all the info the OneCare gave me:

Backdoor: BAT/Zapchast.I
located in C:\documents and settings\hubby\my documents\downloads\hallmark.exe (rarsfx)\run.bat

and

Backdoor: Win32\IRCFlood
located in C:\documents and settings\hubby\my documents\downloads\hallmark.exe (rarsfx)a.reg\(utf-161e)

Any help you could give about how to go about removing these bits of nastiness would be very much appreciated.
I am grateful for your expertise.

Sincerely,
Erin

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users