Is this a Trojan???

Discussion in 'malware problems & news' started by Wasabi, Jun 13, 2002.

Thread Status:
Not open for further replies.
  1. Wasabi

    Wasabi Guest

    I have ZoneAlarm 2.6.362, ZA has these icons that show which programs are being used, but i've notice a change! The icons for my Yahoo Messenger and AIM now have a hand in it, like u get when u share a rescource. When i scroll my mouse over these icons it say that it is listening to a port. AIM is listening to port 5180, while Yahoo messenger listens to port 5101. Yet, I don't have a network nor sharing files/printer, which is why these icons seem odd to me in the first place. So, i've also scanned my computer with NAV (the lastest update) and the pccillin online scanner, it came up with nothing. Why are these programs listen to these ports, could it be some sort of trojan? If so, what could it be?
  2. Checkout

    Checkout Security Rhinoceros

    Feb 11, 2002
    IM programs are servers, and will listen on ports. There's nothing necessarily to worry about, except for known vulnerabilities in both these IMs. For peace of mind, you should obtain a good anti-trojan package. Several are listed at Wilders' Anti-Trojan page at

    The only thing that really bothers me is that you say this is a change.


    Edit due to typo city
  3. Wasabi

    Wasabi Guest

    I got a question.... i know aim a little better than yahoo, but my aim is set to connect on a certain port, and its default is 5190. Why would it be listening on port 5180, when its not set on that connection port .... is that normal? Plus i do not allow server connection for aim in ZA. I've also notice when i just have aim ready to log on.... it pops up in the ZA as a sharing icon and is listen to that port, but i haven't logged on yet. Should i be concern with this, or am i just trippin? Also what vulnerabilities are there for aim and yahoo that i should be concern about?
  4. Wasabi

    Wasabi Guest

    I just wana say one more thing..... i went on another computer i have that has aim, yet when i go online and use aim with the same connection (different computer) i don't get that hand sharing. It also not listen to a port. Does this sound suspicious to u? Anyways, if it is a trojan is there any free software that is good for finding it and removing it? Cuz i don't wana be spending much money for those other anti-tojans when the free Ants 3 is about to come out.
  5. Paul Wilders

    Paul Wilders Administrator

    Jul 1, 2001
    The Netherlands

    Let's start at the beginning; download and install a (free) trial version of fe TDS3, update the signatures (radius), and perform a full scan, all files and extensions included.

    Please post your results.


Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.