Fw: Help with a home computer problem.

From: dmitriw@Home
Date: Sun Apr 15 2001 - 20:00:08 PDT

Next message: Chris Jordan: "Re: Yet another Linux bind worm ?"

Previous message: root: "Re: Yet another Linux bind worm ?"
Next in thread: Chris Ess: "Re: Fw: Help with a home computer problem."
Reply: Chris Ess: "Re: Fw: Help with a home computer problem."
Reply: claymore: "Re: Help with a home computer problem."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Last night, I was downloading some Science Fiction and Astronomy
graphics.  To my surprise, a
> > window popped up saying, "unable to find eggdrop.conf file".  I quickly
> > disconnected my machine from the net and discovered that an entire new
> > directory had been created.  I deleted everything in that directory.
Looking
> > up eggdrop on Google, I found out that it's probably a program that
would
> > have allowed somebody to use my machine as a proxy for IRC
conversations,
> > allowing that person to participate in IRC but with my IP address as an
> > anonymizing intermediary.
> >
> > The only file left after my deletions is the install log:
> > [04/13/01 19:20:10]  SubEgg v3.0a (1.4.2) by Quake_WrZ
> > [04/13/01 19:20:10]  Compiled 6/18/2000
> > [04/13/01 19:20:10]  Registering extentions . . .
> > [04/13/01 19:20:10]  WIN: C:\WINNT
> > [04/13/01 19:20:10]  No command-line specified - using eggdrop as
default
> > [04/13/01 19:20:11]  Registering extentions . . .
> > [04/13/01 19:20:11]  Installing files . . .
> > [04/13/01 19:20:12]  Installing files . . .
> > [04/13/01 19:20:36]  Installing basic TCLs . . .
> > [04/13/01 19:20:37]  Installing basic TCLs . . .
> > [04/13/01 19:20:47]  Creating Task Manager Object . . .
> > [04/13/01 19:20:47]  Moving config file to eggdrop path . . .
> > [04/13/01 19:20:50]  Creating Task Manager Object . . .
> > [04/13/01 19:20:50]  Starting Loader . . .
> > [04/13/01 19:20:50]  Moving config file to eggdrop path . . .
> > [04/13/01 19:21:20]  Setup complete
> >
> > I've looked for references to eggdrop and SubEgg in the registry, and in
> > autoexec.bat and config.sys and all through the hard disk: nothing
found.  I
> > also checked for any files added or modified in the last 24 hours and
deleted
> > one suspicious executable.  There are also no environment variables set
up
> > referencing eggdrop that I could identify.  I can see no suspicious
programs
> > running when I go into task manager.
> >
> > I'm concerned that my machine may be compromised somehow, but I need to
be
> > online all day working from home.  Is there anything else I can do to
make sure
>>  my machine is secure?
> >
> > Any help would be appreciated.
> >
dmitriwat_private

Next message: Chris Jordan: "Re: Yet another Linux bind worm ?"
Previous message: root: "Re: Yet another Linux bind worm ?"
Next in thread: Chris Ess: "Re: Fw: Help with a home computer problem."
Reply: Chris Ess: "Re: Fw: Help with a home computer problem."
Reply: claymore: "Re: Help with a home computer problem."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 08:14:31 PDT