Trojan Horse

  • Thread starter Thread starter Johnny
  • Start date Start date
J

Johnny

I have a laptop (IBM Thinkpad) running Windows 2000 Professional that
has been infected with a Trojan Horse (Backdoor.Optixpro.13). I know
this because I ran a Norton scan from their website since I can no
longer run my resident Norton anti-virus protection. The scan
indicated I had one infected file C:\WINNT\system32\initbold.exe has
been affected by the above Trojan Horse. First of all, when I scan my
computer looking for that file it is not found, I even opened up
hidden files to show up. Secondly, I can no longer run some .exe
programs as I believe the Trojan Horse has hijacked that function and
runs all .exe files through another unknown routine that selectively
kills some of them from running such as Norton. It also will not let
me load anything to my computer as it kills the installer, I tried
loading a trial version of Norton in hopes of cleaning the infection
but to no avail. The Symantec site does have a routine for getting rid
of this problem but as I said I cannot run Norton and the manual
instructions do not sync up with what their telling me I should find
in the registry. They indicate that there are registry entries I have
to modify and delete but they are not there based upon my scan. I
think the most important thing for me to fix initially is the .exe
file problem so at least I can then run anti-virus, without being able
to run or load anything I'm somewhat dead in the water.
 
Johnny said:
I have a laptop (IBM Thinkpad) running Windows 2000 Professional that
has been infected with a Trojan Horse (Backdoor.Optixpro.13). I know
this because I ran a Norton scan from their website since I can no
longer run my resident Norton anti-virus protection.
Click to expand...

did you follow the removal instructions from the Symantec (Norton) site?

follow this link and print it off or write all the applicable instructions
down and follow them exactly for windows 2000. The removal instructions are
about 2/3 of the way down the page.

http://securityresponse.symantec.com/avcenter/venc/data/backdoor.optixpro.13.html

You also need to look at how this Trojan got onto your machine.Learn some
safe hex
http://www.claymania.com/safe-hex.html
 
(e-mail address removed) (Johnny) wrote in
I have a laptop (IBM Thinkpad) running Windows 2000 Professional that
has been infected with a Trojan Horse (Backdoor.Optixpro.13). I know
this because I ran a Norton scan from their website since I can no
longer run my resident Norton anti-virus protection. The scan
indicated I had one infected file C:\WINNT\system32\initbold.exe has
been affected by the above Trojan Horse. First of all, when I scan my
computer looking for that file it is not found, I even opened up
hidden files to show up. Secondly, I can no longer run some .exe
programs as I believe the Trojan Horse has hijacked that function and
runs all .exe files through another unknown routine that selectively
kills some of them from running such as Norton. It also will not let
me load anything to my computer as it kills the installer, I tried
loading a trial version of Norton in hopes of cleaning the infection
but to no avail. The Symantec site does have a routine for getting rid
of this problem but as I said I cannot run Norton and the manual
instructions do not sync up with what their telling me I should find
in the registry. They indicate that there are registry entries I have
to modify and delete but they are not there based upon my scan. I
think the most important thing for me to fix initially is the .exe
file problem so at least I can then run anti-virus, without being able
to run or load anything I'm somewhat dead in the water.
Click to expand...


http://www.windowsecurity.com/articles/Hidden_Backdoors_Trojan_Horses_and
_Rootkit_Tools_in_a_Windows_Environment.html

It has solutions that may help locate the problem.

http://www.uksecurityonline.com/husdg/windows2000.php

The protection of the machine starts with the O/S and everything else is
secondary to it, including the AV, FW, router or anything else.

You should learn how to *harden* the O/S against attacks.

If using OE and IE you should learn how to secure them. It's out there on
Google.

Duane :)
 
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.optixpro.13.html
Click to expand...

Before you screw up your computer trying to follow those instructions
-- do steps 3 & 4 before 1 & 2, what heck is THAT? -- just get Trojan
Remover. http://www.simplysup.com/ Download and save it and then get
OFFline to install it.

It'll fix the ...exefile\shell\open\command on the install and go from
there. Just run the standard scan and follow the instructions using
the default settings. Let me know by email if you can't get it to
install, but I don't think TR is one of the programs it blocks (yet).

Carol
 
Back
Top