backdoor.trojan [Archive] - Glock Talk


View Full Version : backdoor.trojan

Packin' Heat
07-21-2004, 07:25
I cant rid my computer of this horrible thing!!!! I've been all up and down the street over at Symantec Security Response, but their procedure didnít work. Now the virus hasnít done anything "bad" per se, its just slowing me down a lot. Whatís nuts is that I keep on getting a warning from my Symantec telling me I have the virus, but when I run the antivirus, it comes up empty. Live update has been compromised, and the manual update via symantec "intelligent installer" seems to be ITS STILL HERE!!!!

;U ^9

07-21-2004, 07:53
Disable Norton and use a freebie scanner from or

Once you get the system clean you can repair Norton.

07-21-2004, 13:41
it may help to do it from safe mode.

07-21-2004, 22:16
Originally posted by David_G17
it may help to do it from safe mode.

Agreed. Alot of times you will find stuff in safe mode that you will not find otherwise. If all else fails you could pull the HD and put it in another machine that is clean and scan the HD as though it were just another drive.

I have never used them but doesn't Norton have or you can make rescue disks that you can boot from and scan before anything else starts? I suppose though that you would have to make those rescue disks before you have an infected machine. And I suppose you would have to remake those disks everytime an update was downloaded.

07-22-2004, 00:01
Originally posted by David_G17
it may help to do it from safe mode.
I agree. I recently had a nasty CoolWebSearch variant which was well embedded and prevented me from running CWShredder. It also locked up computer when I tried to open My Computer or control panel. Hi-Jack This and Spybot would run okay, but couldn't fix.
I booted to safe mode, ran CWShredder and got rid of problem.

07-23-2004, 04:00
If you are using ME or Xp, disable system restore, reboot then run your anti-virus. The virus or trojan may be in your restore directory.

Packin' Heat
07-23-2004, 07:09
safe mode and norton dosent work. sigh. gonna try the other stuff now.

07-23-2004, 07:14
Find someone with the same OS you're running and an anti-virus program.

Make boot disks (NOT rescue disks) from their computer.

Boot with those disks and scan like that.

This takes your hard drive out of the picture and you are not using an infected drive to scan. It also goes one step beyond the booting in safe mode. Safe mode is the best idea if you cannot boot with boot/scan disks from another, clean, computer.


07-23-2004, 07:35
What is the name of the trojan you have?
Do you run any spyware removers...such as spybot or ad-aware?
If it isn't average spyware i like moosoft for trojan trial available:

i would do all in safe mode~~ always a great place to visit in addition to housecall

07-23-2004, 21:58
Take a look at BartPE - a slick way of creating a bootable CD which you can add antivirus and antispyware apps to.

This *does* require a clean machine to download the PEBuilder app to (PEBuilder creates the boot disk image from software you already have or can download, thus avoiding legal trouble from redistributing code)

Then burn the bootable CD image it creates and use the CD to start thr infected computer. You can then run apps like Ad-Aware, McAfee Stinger, etc. against the hard drive without any hostile code active.

07-23-2004, 22:28
I got backdoor agent on my win2k box. It sucked to try and remove. I finally had to boot in windows recovery console and use a command line to delete the offending file (kbde.dll IIRC). Even booting from another win2k disk would not allow me to delete the file, only the recovery console would allow me to delete. Even in RC, I had to change the perm on the file.