backdoor.mapsy again

  • Thread starter Thread starter Crash
  • Start date Start date
C

Crash

I still can not remove this trojan, after many scanes, trying with turning
off and on system restore...
Norton finds it, deletes it and sysmap is again found in my system32
folder.Norton detects only one file and I manualy delete the registry key
which is created on every startup! Is there any solution?
Thank you
 
Are you running xp? If so, turn off system restore before deleteing the
file. There may be a copy of it lurking in the restore files. Casper
 
I still can not remove this trojan, after many scanes, trying with turning
off and on system restore...
Norton finds it, deletes it and sysmap is again found in my system32
folder.Norton detects only one file and I manualy delete the registry key
which is created on every startup! Is there any solution?
Thank you
Click to expand...
Since this is a trojan rather than a virus, try Spybot.
Free download from
http://www.safer-networking.org/index.php?page=mirrors

Install, update with the latest definitions and run.

Taff...........



www.sounds-pa.com | www.thecomputerworkshop.com
 
I have seen it and tried it for many times
Click to expand...

You may be getting reinfected, as opposed to still having the infection
on your computer. Check any file sharing programs, to ensure they don't
allow writing to directories they shouldn't be. Check/reset any account
passwords.

See http://www.claymania.com/safe-hex.html, for more info, and links.

Regards, Dave Hodgins
 
David W. Hodgins wrote:
[snip
You may be getting reinfected, as opposed to still having the infection
on your computer. Check any file sharing programs, to ensure they don't
allow writing to directories they shouldn't be.
Click to expand...

this perplexes me... are there really file sharing apps (besides ftp
servers) that support pushing files to your system?
 
this perplexes me... are there really file sharing apps (besides ftp
servers) that support pushing files to your system?
Click to expand...

Built right into windows file sharing, via netbios, which is why I don't
have any network clients installed. Just tcp/ip and my network card
driver.

You can run it on a Mac too, if you want.
See http://www.colby.edu/info.tech/howtos/network/dave.html

For each folder, you can specify the access type as read only, or full.
If it's your root, windows, or system directories, that shared, with
full access, your system is wide open.

Same type of problem exists with Kazza, or any p2p software, that is
set to allow writing to directories containing any auto execute files.

Regards, Dave Hodgins
 
David said:
Built right into windows file sharing, via netbios, which is why I don't
have any network clients installed. Just tcp/ip and my network card
driver.

You can run it on a Mac too, if you want.
See http://www.colby.edu/info.tech/howtos/network/dave.html

For each folder, you can specify the access type as read only, or full.
If it's your root, windows, or system directories, that shared, with
full access, your system is wide open.

Same type of problem exists with Kazza, or any p2p software, that is
set to allow writing to directories containing any auto execute files.
Click to expand...

see, i still don't get it....

it seems like you're confusing the capabilities of windows file sharing
with those of p2p file sharing apps... none of the p2p apps i've seen
have supported the push methodology at all, they only do pull - such
that you cannot receive files you didn't request (though you *can*
request files and regret it later)...

or put another way, they provide the functions 'list shared files',
'request file', 'grant request', and 'deny request' - no 'offer file',
no 'send file without permission' or anything like that... nor can i
see any reason for a p2p app to provide such functions... i certainly
haven't seen that kind of functionality in winmx, or overnet/emule...
and it certainly wasn't there in napster... that functionality doesn't
map to established usage scenarios as far as i can tell... have i
missed something? am i thinking of an entirely different class of p2p
app than you?
 
i certainly
haven't seen that kind of functionality in winmx
Click to expand...

Neither have I. However, with a secondary winmx connection people can
"download" files from your shared directory when you are behind a nat
device without the need for any port forwarding, So in order to
successfully traverse the nat device, the initial connection must have
been made from your own end. I don't know the technical details but
that seems equivalent to an ftp server "push".


Jim.
 
James said:
Neither have I. However, with a secondary winmx connection people can
"download" files from your shared directory when you are behind a nat
device without the need for any port forwarding, So in order to
successfully traverse the nat device, the initial connection must have
been made from your own end. I don't know the technical details but
that seems equivalent to an ftp server "push".
Click to expand...

well, strictly speaking, winmx isn't purely peer to peer... everything
goes through a server, much like back in the days of napster... there
is a persistent connection to the winmx server which helps those nat
traversing connections take place...

it still isn't a push, however, because people can't push unrequested
files to your system, they can only accept or deny your requests to
receive files...
 
it still isn't a push, however, because people can't push unrequested
files to your system, they can only accept or deny your requests to
receive files...
Click to expand...

OK. I was thinking of "push" in terms of the instigator of the tcp
data transfer connection (as in active ftp) not in terms of getting
and putting.


Jim.
 
it seems like you're confusing the capabilities of windows file sharing
with those of p2p file sharing apps... none of the p2p apps i've seen
have supported the push methodology at all, they only do pull - such
that you cannot receive files you didn't request (though you *can*
request files and regret it later)...
Click to expand...

You're correct. I was mixing up the abilities of p2p and file sharing.
I've never used any p2p software myself. My experience is limited to
removing it, and the spyware that usually accompanies it.

Regards, Dave Hodgins
 
Back
Top