PPRuNe Forums - View Single Post - Trojan Horse IRC/BackDoor.SdBot.MYX
Thread: Trojan Horse IRC/BackDoor.SdBot.MYX
View Single Post
Old 11th November 2005 | 13:26
  #3 (permalink)  
Oracle
 
Joined: Jul 2000
Posts: 65
Likes: 0
From: UK
Cool NASTY TROJANS
MTOW - sorry for your serious infection - I've been dealing with several friend's computers (unprotected by anti-spyware and suitable AV software) during the last few months and the chances are that if you have a solid infection, you will be better off saving all your data to disc and then reformating the computer using your manufacturers disks. Often some form of restoration can be achieved by using the removal methods suggested, but in the end (with virulent trojans like this one) your WIN XP will end up looking (and working) like a swiss cheese! They also usually send themselves to all your friends if you use MS Outlook!

Remember also that nearly all trojans and their relatives in the Virus world will also infect your System Restore file - so if you are going to have a go removing it ensure that you switch OFF System restore first (SETTINGS/CONTROL PANEL/SYSTEM/SYS RESTORE) or the nasty will reinfect your system immediately after it next reboots!

It might indeed be possible (if you are lucky) to use Norton Internet Security (spyware edition 2005) TO 'PRE-SCAN' your hard drive before/during installation of said AV software. No guarantees that this will get everything though or leave your computer usable at its former speed.

Safest bet is to make (regular) hard copies of your data to disc and reformat your hard drive and then when you start up again, with your re-installed WIN XP SP 1 or 2, AND BEFORE doing anything else, fully install Norton IS/AV (or whichever AV prog you choose) - using pre-scan if available during installation process, reboot, update your Av software and then scan the beast again before you do anything else. Next, reset system restore and then create a RESTORE POINT (good to do regularly during your restoration work so that you can backtrack at anytime to the last stage if there is a cock-up). Next, update WINDOWS to the latest Service Pack (2) and essential updates (WINDOWS UPDATE on the main menu). On completion, reboot and create another SYS RESTORE point. I would also recommend you then install MICROSOFT's own ANTISPYWARE BETA from their website (www.microsoft.com - search SPYWARE BETA) before doing anything else as this programme will innoculate your newly restored system and protect it to a large degree from nasties creeping back in. You then have the choice of loading your own commercial anti-spyware programmes (WEBROOT SPYSWEEPER and SPYWARE DOCTOR are very good) or get freeware like SPYBOT and AD-AWARE which you can find doing a google search. WWW.CNET.COM (downloads tab) is also a very good place to find all available freeware and commercial software with gradings and recommendations for use. If you haven't a commercial firewall programme you can also download ZONEALARM - which in it's free version will keep an eye on incoming/outgoing traffic (especially if you are on broadband/ADSL) and can be used to halt all traffic in and out if you are away fro a while. The ZONE ALARM PRO (cash required) is good at the whole range of anti-spyware etc protections.

Lastly - I would NOT activate your Antivirus software until you are 100% happy with your computer and have reached the end of the grace period - as otherwise you may waste the limited number of activations per AV disc iif it all goes to custard again!

If you have an account with either Mcafee or Norton (mcafee.com/SYMANTEC.COM) you can also scan your computer directly from their websites to try and find the nasties and remove them. REMEMBER to turn off your system restore beforehand though, unless you have reformatted and reloaded your WIN XP!

Hope this helps - good luck!
Oracle is offline