Re: backdoor.trojan

---

• From: dennis.pong@xxxxxxxxx
• Date: 26 Apr 2006 13:05:37 -0700

---

David,

I think the problem is not really the generated .exe files that were
detected by Norton AntiVirus, as I mentioned in the very first email.
The problem lies in the area where a hidden self-automated file or an
unknown entry in registry or a line in win.ini or system.ini, which I
highly doubt, would just occasionally generate some .exe files that
will be detected as virus. And partially due to the scaning environment
is under f:\ where my windows is running, some of the files were in use
/ protected such that the scanner has no avail in touching those files
even they might potentially be the "Source Virus"

The McAfee scanner did delete a total of 3 files that were considered
as viruses. But I am not sure if it's the "restore" by Windows (I
guess I've to turn it off it's the case) or whatever reason that there
seem to be still a continual automated generation of those .exe files,
which are viruses.

Dennis



David H. Lipman wrote:

From: <dennis.pong@xxxxxxxxx>

| Hi David,
|
| I've done all that you have instructed and have successfully had McAfee
| deleted some of the Trojan files. However, as i rebooted into windows
| again, I still saw "backdoor.trojan virus found" alert by my Norton
| Antivirus program.
|
| I'm guessing that is probably because when I ran the scan in normal
| mode, some of the files were in use/protected that the scanner simply
| couldn't have done anything to it.
|
| And when I ran it in safe mode, since the windows that I have which is
| affected by trojan is in f: drive, by default, the scanner ran would
| ONLY be scanning C:. So I got an error when I tried to run it from f:
| drive in the command line.
|
| I am guessing there must be a way to go around this. Otherwise, the
| scanner is of no use if trojan existed in drive other than the default
| C.
|
| Thanks,
| Dennis

Dennis:

Please post the fully qualified name and path to the file identified as being infected.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

.

---

• Follow-Ups:
  • Re: backdoor.trojan
    • From: dennis . pong

• References:
  • backdoor.trojan
    • From: dennis . pong
  • Re: backdoor.trojan
    • From: David H. Lipman
  • Re: backdoor.trojan
    • From: dennis . pong
  • Re: backdoor.trojan
    • From: David H. Lipman

• Prev by Date: Re: backdoor.trojan
• Next by Date: Re: backdoor.trojan
• Previous by thread: Re: backdoor.trojan
• Next by thread: Re: backdoor.trojan
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Web Application Testers. ... > automatically alerts you to the latest security vulnerabilities please see: ... Platforms: ... A Windows/MS-DOS CGI scanner which scans for 65 remote ... Windows 2000 and Windows NT ... (Vuln-Dev) Re: Web Application Testers. ... > automatically alerts you to the latest security vulnerabilities please see: ... Platforms: ... A Windows/MS-DOS CGI scanner which scans for 65 remote ... Windows 2000 and Windows NT ... (Pen-Test) >>>> RUN FILES <<<< ... Cannot Run Exe Files In Xp ... Run Batch Files From Batch File ... Run Exe Files On Mac ... Windows Xp Files Will Not Run ... (alt.home.repair) Re: N-TV mit Kommentar zu "Online Durchsuchungen" ... Virenscanner und Firewall würden vor allem Bösen ... Das wird bei Windows ähnlich sein. ... nach verwendete Scanner, gering. ... Sondern mal zeigt der Scanner von Hersteller A bei Virus 1 einen ... (de.comp.security.misc) Re: duplicate entries in device managers. ... > I suspect my problem might be a digital research scanner I ... > tried to install, but I really thought I removed everything ... with Windows XP? ... In case you're not familiar with System Restore, ... (microsoft.public.windowsxp.help_and_support)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)