how can you tell if trojan downloaded your files?

Welcome to MGs!

No the really is no exact way to know what it may have done. If you were using Task Manager to look for processes, just note that it does not show all process that can be running.

You may want to consider running our standard cleaning sticky thread (the READ & RUN ME) to make sure you have no other malware on your system. Often tmes problems do not come alone.

 

There is Date Created, Date Modified, and Date Accessed times. Date Accessed will change even when you view it to find out the last access time. This is really of no use to you.

If you are worried about bank files, you really need to run the READ & RUN ME. There are many password stealing trojans floating around that go after banking info. They also do a good job hiding.

That's the way things go. And ZonaAlarm may find things they do not. I would not have all three of these antispyware applications running permanently. Which did you pay for?

 

There are many different trojans and you may not necessarily find them in ZoneAlarm's logs because sometimes they attach themselves to valid applications (like Internet Explorer) to run and ZoneAlarm would see them as whatever the valid application is. You could spend hours checking your ZA log and also tracking down IP addresses to see who they belong to.

Download GetRunKey125b.zip to your PC someplace you can locate it. Then extract the files from the ZIP. Locate the getrunkey125b.bat file and double click on it to run it. It will create a file named runkeys.txt in the root of drive C: (C:\runkeys.txt) . This log will also popup in a notepad window which your can just close. Upload the runkeys.txt file here as an attachment. This will only take a minute to do and will look for one of the password stealing trojan types.

You still really need to get started now running this Sticky thread READ & RUN ME FIRST Before Asking for Support

 

What version of Windows do you have? Some only allow the columns to be Created & Modified?

They are still running whether you scan or not and they are eating up valueable system resources. In addition they can conflict with each other making it difficult for the other to detect/remove problems.

 

What SP level of XP Pro! I know that SP1 does not allow a column for Last Accessed time. Not sure about SP2 right now and I don't have one available right now to check.

It is running whether scanning or not. They are run services too.

 

Why are you using msconfig to block so many things from loading?

 

First why do you want to block them? If you never use them, then uninstall them. There are better tools for control startups if you just want to sometimes allow things to run and other times not.

The log was okay. But it is not a malware scanning tool. It just looks for a few things, one of which is a certain password stealer.

If you are so concerned about malware problems, you really need to get started ASAP on running the READ & RUN ME now. You are wasting time. If you are clean that's great! But the best way to find out is to run the procedures.

 

Startup CPL is nice but it will only control startup processes not services.

The service named Server is a normal Windows service (lanmanserver).

There is no way to know what files (if any) may have been stolen form your PC.