Jump to content

Backdoor.nettrojan

natimage

By natimage
in Security Discussions

 Share

Recommended Posts

natimage Mentor

natimage

Posted
Posted

I'm sure none of you out there are as stubborn as I am that you would operate your computer without updated protection...but I thought I would share this with you anyway! And if you are without good virus protection...GET SOMETHING FROM SOMEWHERE. It's worth the $50 or so that you might have to spend. There are some free things out there as well!

 

Anyway...Backdoor.NetTrojan...I'm convinced I got the virus while connected to Gateway Chat support. Whether the guy that was helping me was a crooked little employee or somebody else hacked the connection...I'll never know. For a day or so I ran my computer with this virus. Then I realized that there was business going on in the background of my internet connection and I couldn't define the source of that business. I finally did a diskclean and then searched for all files accessed on my computer that day. That's when I came across the virus files.

 

I started to delete, then thought better of it. I figure if someone goes to enough trouble to create and dispurse a virus, it's not going to be that simple to get rid of. That was a good decision on my part. Then I downloaded and installed Norton Antivirus Trial version. Good thing, in that it found the virus. Bad thing, in that it deleted the source file and didn't clean up the mess that the virus had made. All of a sudden I could not open any application at all!!!

 

Here's a little quote from Symantec on this virus:

Backdoor.NetTrojan is a Backdoor Trojan Horse that allows unauthorized use of an infected computer. Backdoor.NetTrojan allows its creator to configure unauthorized access, as well as the filename and the port in use. This Trojan may also be referred to as the Distributed Trojan Horse Network (DHTN).
It adds registry values, modifies registry values and corrupts the shell= line in the system.ini file. It claims all of your .exe files (and some others) so that those type files will not work without the virus source file on your computer. Following through with Symantec's removal instructions before the virus file was deleted didn't work, as the virus simply rewrote everything that I tried to delete. AFTER the source file was deleted, my computer would no longer let me do what Symantec said to do, because of the virus corruptions. In the end, I found this little script online:
REGEDIT4

 

[HKEY_LOCAL_MACHINE\Software\Classes\exefile\shell\open\command]

@="\"%1\" %*"

 

[HKEY_CLASSES_ROOT\exefile\shell\open\command]

@="\"%1\" %*"

...copied and pasted this little script and named it regfix.reg and saved it to a disk. Obviously I was on a different computer, as mine wasn't working. Then I took that file to my computer and ran it from "My Computer" interface, as that was one of the only things that would work. This little script fixed about 99% of my registry entries! I think there are still a couple of entries that are messed up...but none that affect the daily use/performance of my computer. I had already fixed my system.ini file...so I was good to go!

 

Moral of the story...RUN GOOD VIRUS PROTECTION. But if you do ever get attacked by this particular virus, or if someone you know gets it...maybe this post will offer a little help. It's not really a hard virus to remove if you have all the information before you start removing it!!

 

Happy Surfing!!

Tracy

TCH-Don Grand Master

TCH-Don

Posted
Posted

Tracy, in addition to keeping your anti-virus program, up to date,

it is very important to have a back up system.

In my case, having lost all once. I now keep three versions of my back up.

Two on rewritable cd's, and one on a second hard drive.

Every week end I copy the hard drive version to the oldest set of cd's.

Then make a back up to the second hard drive.

I have two back up configs, one for data and one for program files and window, which includes the registry.

Even if I do not get hit by a virus, a good back up can help recover from a bad program install.

And just as important is a firewall.

If your anti-virus program allows it, use the auto update feature.

TCH-JimE Grand Master

TCH-JimE

Posted
Posted

Hi,

 

I would like to point out that having a CD drive is the much easier option, although no backup is infalliable, so its best to have several options open to you

 

Jim

boxturt Mentor

boxturt

Posted
Posted

Thanks for sharing that unpleasant experience with us. Sorry you had to go through it.

 

Hopefully we are all a bit wiser now.

 

 

p.s.

 

Would someone care to share the best way to do a pc backup?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...