Discussion in 'malware problems & news' started by pin, Nov 5, 2002.
i need some info on this trojan. any help would be appreciated!
Is your listing a possible typo? Would it be Backdoor.sdbot
my friend detected this in AVG with the slash and everything, so it's probably an AVG specific name.
thanks for the link so quickly, i am thankful.
he found a strange file ms_vxd (not sure of extension), and he got rid of it. no idea if it's related. and he cleaned some stuff in his registry.
apparently he detected that he DOSing his university mail server (?). i told him to run tds3.
Was your friend running a firewall that detected and blocked this outbound traffic to the mail server?
Your suggesting they run TDS3 was a good one and it should find anything suspicious.
I am not absolute certain.....perhaps CM could comment further....however..that particular trogan may infect the system restore feature.....an therefore hang around even once its been cleaned........TDS may well detect/clean all of it.
normally I don't comment on this subject....so please excuse me if I am in-correct.
he's not even sure his firewall was running. but sounds like no.
he also found a file RAT.Net-Devil 1.4b from tds
Sounds like he has his work cut out for him cleaning his system. Trojans are not my area of expertise, but as snowman commented, hopefully TDS will clean it all. Hopefully someone more familiar with these particular trojans will jump in with further suggestions. You may want to suggest he check some of the online sites for removal tools and/or manual removal instructions (registry keys).
As for the firewall, your friend may want to check and make sure it has not been corrupted in anyway by these trojans and is functioning properly.
Note: BitDefender (anti-virus) offers several free anti-virus programs for messengers..irc....etc.........I've no idea of their abilities regarding prevent since I never used the products.....but sure would be worth looking into for anyone using such programs.......an the price is right....hey,,,may even clean the trogan mentioned.
thx for all the help. i have given him the advice presented here.
Separate names with a comma.