jamers
Jul 4 2007, 03:43 PM
| | Seems, there is a variant of backdoor.Sdbot family of worms and IRC backdoor Trojans that is disguised as Microsoft Security Adviser. This is quite nasty because it infects system files and is very difficult to remove. Trend Micro has a nice online tool called House Call but this trojan survived that so you have to look elsewhere to remove it. No telling what the triggers are but I simply removed the files and the registry keys pointing to them and now I can't even get into my BIOS.
Search for msscan.exe if you have it then find RegRun on the net and they claim it removes msscan.exe. Greatis claims RegRun removes msscan.exe but they also claim it is different (W32.Kedebe.B@MM) worm than Anubis reports.
I will post additional information as soon as I find out if I can recover in a non-destructive fashion. If anyone finds instructions or free tools that might help recover once the trojan has already disabled keyboard and mouse please post here. |
Reply
jamers
Jul 6 2007, 02:13 AM
This trojan is affecting the boot sector or is located in the boot sector. It is also apparent that the buggar encrypts the master boot record. Since the only action I took was to remove the keys in the registry and delete the files this must be the case explaining why it is so difficult to remove. Can't boot without it, use it and it respawns. Very nice, I just hope there is no way it could be hiding something in my bios. Time will tell, I'm about to start reinstalling right now.
Reply
jamers
Jul 17 2007, 05:22 PM
QUOTE(jamers @ Jul 5 2007, 10:13 PM)  This trojan is affecting the boot sector or is located in the boot sector.
It is also apparent that the buggar encrypts the master boot record. Since the only action I took was to remove the keys in the registry and delete the files this must be the case explaining why it is so difficult to remove. Can't boot without it, use it and it respawns. Very nice, I just hope there is no way it could be hiding something in my bios. Time will tell, I'm about to start reinstalling right now. BIOS settings were changed so there was no way to access without first clearing CMOS. CRAP. Never allowing DIV-X to install from anywhere but the makers. I suggest you all do the same.
Reply
Recent Queries:--
backdoor trojan symptoms - 9.99 hr back. (1)
-
msscan remove - 19.12 hr back. (1)
-
cache:kv8_uqxt3lcj:www.trap17.com/index.php/could-be-infected-hidden-trojan_t43465.html ttrojan infects bios - 153.34 hr back. (2)
-
ms av msscan - 791.24 hr back. (1)
Similar Topics
Keywords : twist, backdoor, trojan, suspect, trojan, infects, bios, settings
- Antivirus Xp 2008 - Recent Trojan Threat
find symptoms and fix (10)
Bogus Grand Theft Auto Iv Contains Trojan
(7) Well not really surprise that hackers are targeting this game after scoring $310 million
dollars in the first day, and what gets me is that people were downloading the pc version days
before it came out, So either complete stupidity on the fact people though it came out early or the
fact they didn't know that these games would loaded with malware goodies. Nonetheless, I think
its time gaming companies start taking cheat codes out of games and write protect files and that way
they can't be over written. SOURCE ....
Pop-up Virus / Trojan Problem
Constant pop-up, won't go away (10) Hi Guys, Lately I have had this same annoying pop-up dialog box pop up that says: QUOTE NOTICE:
If your computer has been running slower than normal, it may be infected with Viruses, Adware, or
Spyware. Adwareremover2007 will perform a quick and completely FREE scan of your system for
malicious programs. Download AdwareRemover2007 for FREE now! I have scanned it with Avira
AntiVirus and ad-aware2007. They both returned infected files, which i deleted, but i still have the
pop-ups. Any ideas?....
New Rootkit Uses Old Trick To Hide
Info on Trojan.Mebroot (2) Well it seems Trojans and root kits are making a deadly combination this especially with a technique
thats pretty darn old. QUOTE The malware, called Trojan.Mebroot by Symantec, installs itself on
the first part of the computer's hard drive to be read on startup, then makes changes to the
Windows kernel, making it hard for security software to detect it. Well at least I understand
how or where root kits become effective a bit more, but really you think if everyone is aware of it
they would have found a way to patch that hole. I guess not since 5000 computer....
New Aim 6.5 Has Trojan- Win32.tibz.ez
(1) I just recently redid me computer and installed a new OS and i went to install AIM ( I HATE AIM BUT
I KNOW A LOT OF PEOPLE THAT USE IT ) I installed it as normal and my anti-virus went off showing {
win32.tibz.ez } trojan theres no way i could have got a virus that fast. I installed my OS and
updated and then installed and update my zonealarm suite. Then i when to install AIM and my
anti-virus went off and the AIM installer got a error "installation of a component has failed (error
code: IS-2008 ). But the funny thing is after I get the error I can still use AIM and it ....
Could You Be Infected With Hidden Trojan?
continuation of DNS hijack (9) This post is the continuation of my previous post DNS Hijack SearchAtHand.com Browser Result
Removal but deserves its own topic. This trojan, not new but something that's been going
around the web for few years, seems to be quite strong and hard to get rid of. The reason is that it
randomly changes its full file name when a weak anti-spyware attempts to remove it improperly. I
have been using Spybot Search & Destroy and Norton Anti-Virus Corporate Edition for many years and
have never seen such a resilient torjan. Recently I have tried AVG Anti-Spyware but it too....
Trojan /spyware Protection---best---low Resource Util.
PROTECTION LOW RECURSES UTIL . (5) My eyes have been completely opened to all this spyware/Trojan junk... /ph34r.gif"
style="vertical-align:middle" emoid=":ph34r:" border="0" alt="ph34r.gif" /> I'm behind a
hardware firewall in my Router----running Windows firewall----using the very latest Nortons AV....
I seem very secure against "viruses" /blink.gif" style="vertical-align:middle" emoid=":blink:"
border="0" alt="blink.gif" /> But this spyware/trojan thing..... /tongue.gif"
style="vertical-align:middle" emoid=":P" border="0" alt="tongue.gif" /> Oh my! /ohmy.gif"
style="vertical-a....
Question About Trojan Horse
how to remove them? (14) hi this is the 1st time i am here, so sorry if i posted in the wrong section i received a url thru
msn messenger, i clicked on it and i got trojan horse on my pc i cant remove it with AVG virus scan
this is the report: http://i88.photobucket.com/albums/k199/jinwun/viruss.jpg can anyone help me?
thanks in advance. Welcome to the Trap. I will move it for you. ....
How Do I Completely Remove Trojan Viruses
anti-virus put them in virus vault (32) I have AVG anti-virus on my PC, and a few weeks back it found a trojan virus on my pc. It put it
into the virus vault but could not heal it. How do I completly remove a trojan virus? Or even can
I? Do I have to download specific software to remove it, or is there some more complexe way of
going in to the system?....
Why Do People Trojan?
(14) It is so retarded how people will send files with trojans attached, lucky for me, my antivirus is a
king at detecting. But anyways, like 40% of averything i download has a trojan or keylogger, i mean
come on. Why do you have to steal peoples accounts and know info about people, why cant they get
there own lives? Just a warning, use caution, people attach trojans to alot of things. Get a good
antivirus if you like to go on downloading sprees like me =P. I was looking one up online and it
showed that you can look at the saved internet exploror passwords too. My Norton prot....
Trojan Emits Bogus Google Adsense Ads
Trojan Emits Bogus Google AdSense Ads (5) Trojan Emits Bogus; Google AdSense Ads A Trojan horse program is churning out bogus Google ads
promoting products Google eschews—gambling, cheap Viagra, girlie photos and adult dating. The
ads, being targeted at small publishers, are identical to Google AdSense ads except that referral
graphic buttons are being converted to text, apparently due to a bug in the Trojan, according to the
publisher who reportedly discovered the Trojan. That publisher, Raoul Bangera, told Techshout.com
that the non-contextual and risqué content of the ads are what set them apart from....
Get Rid Of Trojan Horse
Think I got one.. (16) Hi everyone! I think I got the virus Trojan Horse, I have a Norton Anti-virus, and he
detected the thing!!! He says its in the system32 directory, but he couldn't delete
it. Does anybody knows how to get rid of this sh*t cause think it lowers my inet speed! and
comp. performance. Thanks alot! xxx Moved to Security Issues area. Original post did not
belong in tutorials section. ....
Trojan Removal
How to/Best software for removal (11) On this topic: http://www.trap17.com/forums/Help-Running-...mize-t8569.html I was told that I
have a Trojan. I downloaded a program called ScanSpyware and am scanning for Trojans. Is this a
good program for me to keep, or is there something better?....
Looking for twist, backdoor, trojan, suspect, trojan, infects, bios, settings
|
*RANDOM STUFF*
*SIMILAR VIDEOS*
Searching Video's for twist, backdoor, trojan, suspect, trojan, infects, bios, settings
*MORE FROM TRAP17.COM*
|
advertisement
|
|
