Backdoor Trojan Virus -
Remove it now!
|
|
The backdoor trojan virus affects all versions of
windows. This virus was first seen around the start of 1998.
As with any back door type virus, you will want to get rid of it as fast
as you can.
What this
type of Trojan dose is open an actual back door through a port on your
computer. |
It then allows access to your computer through this port.
This is when a hacker can then get into your computer system and steal any
important data you may have.
The damage level for the backdoor trojan virus has been known to be
medium. This means the damage to your computer. However, anything that can
access your system should be considered high damage all the way around. This
virus has been seen at a fairly high rate around the world.
This virus will create a copy of itself into the %Windir%
or %System% folder in windows. It will also take and load itself into the windows
registry so it will run every time you start a windows session.
This virus has also been known to load fake error messages
that you may have never seen before from windows.
An unsuspecting user will then think a program they are
running at the time is causing the problem. Once this happens the virus is then
free to do its job and deliver its pay load.
Removal for backdoor trojan virus.
This virus is not too hard to remove and can be found with
a good anti virus program.
Make sure you download and
update your virus program before
attempting any virus scan. After the virus scan finds the backdoor trojan
virus, you must
delete the file. There can also be evidence found in the windows registry and
the Win.INI file.
Note to Win Me and XP users. When trying to remove this
virus you will want to disable system restore.
System restore will make backup copies of all files on your
computer along with the virus files.
Registry Removal.
Side Note: Please always remember
to back up the system registry be for you attempt anything. Changing the wrong
thing can make windows not start.
There may also be code entered into the system registry
that you may need to remove. This virus does not embed itself deep into the
system registry with lots of code. It is usually found in the windows run
values.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\
RunServices
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
Check any of these registry keys and
their sub keys for any mention of the virus and delete them.
WIN.INI file
You may also have to delete the virus
name from the win.ini file.
Side Note: Please always remember
to back up the win.ini file before you attempt anything. Changing the wrong
thing can make windows not start.
Windows 95, 98, ME.
Go to run from the start menu and
type in:
edit c:\windows\win.ini
When the file opens look for anything
under the [windows] part of the win.ini file
You may see something similar to:
run=[Trojan Name]
Delete this trojan name and leave the
run=
System.INI File
There may also be values entered in
this file as well.
Go to run from the start menu and
type in:
edit
c:\windows\system.ini
Look under the [boot] section for any
virus name entries.
It will show itself like this.
shell = Explorer.exe [Trojan Name]
Again just delete the Trojan
reference and leave the rest. Remember to click save and then you are done.
Reboot your
computer and then run another virus scan to double check everything. If you are
still having problems with this virus then you may want to go through the steps
again.
As with any backdoor virus, leaving this on your system will cause your
computer system to be left open to attacks from the internet.
back from backdoor trojan virus
|
