I am running a Trojan scan from Sygate's online service and I got the following result:

Trojan 5000 OPEN Bubbel, Back Door Setup, Sockets de Troie

Can anyone help me with the following questions?
(1) Does that result mean that my computer has been hacked and my files on my computer might be stolen?
(2) What could be the reason that my computer has been affected with the above trojan horse?
(3) How to clean the above trojan horse? How to close port 5000? Any recommendation of Trojan Horse Removal program?

Thanks for your help in advance!

1. It could mean you have a trojan..If so I doubt any of your files were stolen. If anything was stolen, most likely it would be your passwords.

2. If you have a trojan, it could have come from an e-mail attachment, IRC, file sharing etc...

3. Go here and run an online scan:
Housecall
Let me know the results..

Hi a free program to remove trojans is "Swat it" or free for so many days are Trojan remover (http://www.simplysup.com/tremover/details.html) and Anti-trojan. I had a trojan and they all spotted it. It doesn't seem to do any harm to have them all installed together either.

Terry.

You mentioned closing port 5000.
Go to www.grc.com(aka Shields Up!) and look for "Unplug and Pray".It's a small patch that is free and easy to install.It's also very easy to use.You can open or close that port with that program.
Let me guess,you have Windows XP too?
Hope this helps.JB

Thank you all for your reply.

Tom41,
I have run the scan from Housecall and no trojan horse was found. I also run Trojan Removal, Anti-Trojan and TDS-3 and no trojan horse was found either, though port 5000 is open. Where can I find the password in my system, such as windows password file, yahoo or hotmail password if I choose remembering logging in info, some application password? Thanks!

Jim,
My OS is XP. Does port 5000 is open by default with backdoor program? I have not gone to grc.com yet.

Except for Trojan Horse, is there any other way that Hackers can attack my system and steal my files? Do they need to know the phone number where I dialed to the Internet or the phone number of the ISP I am dialing?

Thanks a lot for your help!

Hi Terry, Seeing that you are running XP, I doubt that you have a trojan. As Jim has indicated, It's Universal Plug and Play that is listening on that port.
You can either run the 'Unplug and Pray' utility or disable it manually.
To disable it manually, Click Start > Run > type services.msc and click OK
Scroll down and double click on Universal Plug and Play and first stop the service, then disable it.

Then run the Shields Up test at grc.com.
It should show port 5000 closed.