| Author |
Topic: It is called Backdoor.win32.servU.based.......... |
Linda Merrick
From:
Alberta, Canada
|
Posted 1 Nov 2009 7:23 am |
|
Hello and good morning.well i must cut to the chase.
it seems that i have picked up a virus/mallware?
It is called Backdoor.win32.servU.based
i have tried every thing to get rid of this pest.
You guys are my last hope in resolving this problem
thanks for taking the time to read this thread
Any and all helpis appreciated.
Linda |
|
|
 |
Mitch Drumm
From:
Frostbite Falls, hard by Veronica Lake
|
Posted 1 Nov 2009 7:30 am
|
|
Have you specifically tried malware bytes?
http://www.malwarebytes.org/
download the free version.
install it
go to the update tab and check for updates
go to the scanner tab and choose full scan |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 1 Nov 2009 11:35 am
|
|
Linda;
MalwareBytes Anti-Malware (MBAM) will remove this old threat. It has a history going back to at least 2004, making it one of the second generation backdoors. Whoever is in control of that malware is using it as a remote control point of access to your PC.
You should be prepared to reboot into safe mode, in case the malware has been case-hardened against standard removal tactics. This is done by restarting and tapping the F8 key constantly, until a boot menu appears. I would recommend Safe Mode with Networking. This will enable you to access the Internet to fetch program or definition updates for MBAM, or other security tools you may have.
Since I don't know how this malware entered your PC, my advice, after removing it for free, would be to pay (about $25) to register MBAM for life, which turns on automatic updates and a real-time process monitor, to prevent reinfection by known malware.
Further, you need to run an audit of the third party software that runs in your browsers, to find out if anything on your PC is out-dated, being exploited in the wild, and has updates available. If you have insecure versions of commonly exploited software installed and you operate your PC with Administrator privileges, you will be at risk of hostile takeovers by all manner of malware.
The most frequently exploited browser is Internet Explorer. The most exploited browser plug-in (or add-on) is Adobe Flash, followed by Adobe Reader and Acrobat, then Apple Quicktime, then Sun Java. Missing Windows Updates will leave your PC vulnerable to current threats in the wild. You can find out what, if any vulnerable software you have installed, by running the Secunia Online Software Inspector every other week. The results will tell you what needs to be updated, or uninstalled and provides links to get official updates for the covered applications.
You may wish to consider installing the latest version of Firefox and making it your default browser. It will import cookies and saved links from IE. Firefox does not recognize ActiveX, the frequently exploited proprietary technology from Microsoft, used in Internet Explorer browsers from the early days.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Clyde Mattocks
From:
Kinston, North Carolina, USA
|
Posted 2 Nov 2009 6:27 pm
|
|
Chalk up another one for the forum. My AVG has served me well for a number of years, but last night a nasty cluster of malware get into my computer, pops ups, bogus anti spyware ads coming up constantly. I couldn't access my AVG, Spybot or AdAware. Couldn't do system restore. It denied me every tool I could think of. I came here and after several tries thru all the junk, I was able to download the MalawareBytes and scan. Hallelujah, free at last!
_________________
LeGrande II, Nash. 112, Fender Twin Tone Master, Session 400, Harlow Dobro, R.Q.Jones Dobro |
|
|
|
Gordon Borland
From:
San Antonio, Texas, USA
|
Posted 6 Nov 2009 9:51 pm No good?
|
|
Do you mean AVG is no good anymore?
_________________
Gordon Borland
MSA D10,1974 Fender twin reverb |
|
|
|
Steve Norman
From:
Seattle Washington, USA
|
Posted 6 Nov 2009 11:18 pm
|
|
You have to update AVG a lot, same for any anti virus program
_________________
GFI D10, Fender Steel King, Hilton Vpedal,BoBro, National D dobro, Marrs RGS |
|
|
|
Clyde Mattocks
From:
Kinston, North Carolina, USA
|
Posted 7 Nov 2009 9:15 am
|
|
What I am saying is, my AVG has caught a lot of stuff in the past couple of years and kept me safe, but this one got around it big time.
_________________
LeGrande II, Nash. 112, Fender Twin Tone Master, Session 400, Harlow Dobro, R.Q.Jones Dobro |
|
|
|
John Cipriano
From:
San Francisco
|
Posted 11 Nov 2009 1:02 pm
|
|
It does have malware protection now but I have also seen it miss things. There's no silver bullet. AVG's probably as good as the rest of them, which is to say, just OK. I just had to clean a machine up with MBAM infected with something that probably came in the user's email, which AVG was scanning.
It's anecdotal but I never see people getting hit with this stuff while running Firefox (or Opera, or Chrome, etc). Those browsers have their vulnerabilities but most of the real-world infections I see start with IE. And the small percentage that don't come from Outlook and trojans.
So even though it's not security software per se you can be more secure with a different browser.
Again, AVG is fine but it's not going to protect you 100%...MBAM is great supplementary protection and not running IE (especially IE6) helps too. And a firewall is always called for. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
|
|
|
