TechSpot

Help with backdoor trojan

By jacobjack001
Sep 26, 2008
  1. i am on vista...i scanned with AVG yeseterday, and it said that i was infected with 2 backdoor trojan (with the number 10 after it i think)...one of the files infected was an uninstall.exe and another one was in a temp folder...the temp folder was taken care of easily, but the other one i was having trouble getting rid of it...after a while AVG got rid of it...then i scanned my computer again and it said that there were no more viruses...

    is the virus still lingering on my computer? or did AVG get rid of it completely?

    i also scanned my computer today with malwarebytes and it said that there were no viruses

    the reason i thought something was wrong was because yesterday i could not access various web pages (it would just say 'could not load, try again'...so i scanned and then i found that i had a virus...even after i removed it i was still having trouble accessing web pages...today, i am not having as much trouble loading web pages as i was yesterday (yesterday nothing was working)

    Please help me! thanks!
     
  2. SpiritWind

    SpiritWind TS Rookie Posts: 164

    Backdoor trojans

    Hi :

    When it comes to Backdoor trojans, best to follow the Advise of trained,
    experienced, certified, Volunteer "Microsoft Most Valuable Professionals" in what is
    written at http://aumha.net/viewtopic.php?f=26&t=28580 .
     
  3. momok

    momok TS Rookie Posts: 2,265

  4. jobeard

    jobeard TS Ambassador Posts: 9,322   +622

    I disagree with SpiritWind's appeal to a pseudo authority reference using
    FUD (Fear, Uncertainty and Doubt) to highly recommend a wipe-clean and reinstall
    approach.

    Modern firewalls not only ip/port usage, but also which specific programs can or can not
    use them. With the default firewall rule being DENY, you need only to ALLOW the
    programs of your choice to make outbound connections.
    An outbound connection to port 25 or 110 by your email program is just fine, but
    some slob.dll would always be suspect.
    Thus you will see any trojan attempting to 'call home'.

    BTW; Trojan refers to how it gets onto your system, not what the payload does once installed.
    Your scans have done what they can to search out and destroy
    'what is known' -- you might still have something that is unknown (today).
    The effects usually inflict symptoms and pain -- so that's a good barometer.

    There's always issues with everything in security and if you're looking for a Silver Bullet,
    perfectly safe hermetically seal system, then get two cans and a ball of string --
    there's no such thing as Absolute security on any computer hardware+OS in existence.

    The object is to do the best you can to reduce risk. For example, I get
    paranoid regarding my bank account and business data on my laptop.
    Therefore, I use a PGP tool to encrypt/decrypt the files as needed and never
    leave a decrypted version on the HD when hiberating or shutting down the system.
    This protects my accounts should the system get lost or stolen.

    On the 'better class' of FWs, there's three actions; ALLOW, DENY, CONTINUE,
    and the latter can be used to LOG traffic and still defer final action further down the
    list of rules. If possible, add one to the TOP of the FW rule list.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...