Jump to content

Trojan warning


shawdreamer
 Share

Recommended Posts

No doubt more of the tech learned amongst us (Sidrick & Peeewee to mention a few) will have already had dealings with this particularly annoying Trojan:

 

Backdoor:Win32/Cycbot.B

 

AFter a good hour of repeated scans and false "System clean & protected" reports from MSE I eventually had to resort to a System restore point before the initial recording of the Trojan in MSE's history (which much to my suprise was a good week ago)

 

Nothing I attempted with MSE made a blind bit of difference and thats with MSE's latest virus definition and windows security definition.

 

MSE would simply detect the infection (wether via popup window report or during a system scan) and request system cleaning permission which naturally is given, at the end of the cleaning MSE reports that either the infection had be quarenteened or removed successfully and report "system fully protected"

 

shortly after (usually about 10-15 minutes)MSE would again detect the infection and your back to sqaure one (repeated attempts only resulted the same)

 

Googling the Trojan gave me more reason for concern (feel free to yourself) and even MS have rated it as highly serious due to the amount of external access it gives someone to the infected computer.

 

various PC forums advised the extreme of format and reinstalling of my OS to confirm eradication but as I only got a Win7 key and not the actual disc with my new laptop (thats what was infected btw) thats out the question, which just left me with a system restore hope.

 

on the system restore front, so far..... so good.

 

no alerts or detections despite 2-3 full scans in the last hour or so.

 

reason for this post.

 

If any non-techie types (kinda like me) come across a alert for this Trojan dont be tempted to ignore it or assume your chosen AV can cope with it....its a persistant and particularly nasty little Trojan if any of the googled reports are anything to go by.

Link to comment
Share on other sites

i keep telling people this but they dont listen

 

Host file modification cuts 99% percent of the rubbish out there if updated.

 

takes less than 5 seconds

 

it stops pop ups adverts even known bad ips and websites

 

have a look

 

http://www.mvps.org/winhelp2002/hosts.htm

 

for 5 mins reading can save days in restoring

Link to comment
Share on other sites

I had this on a customers PC the other week,

Into safe mode, Run Malware bytes, kept coming back, so i assumed there was a rootkit on the system

Run combofix, followed by an OS repair (id had damaged one or more sys 32 fils)

All sorted, A courtesy call back this week confirmed all was well :)

Link to comment
Share on other sites

I had this on a customers PC the other week,

Into safe mode, Run Malware bytes, kept coming back, so i assumed there was a rootkit on the system

Run combofix, followed by an OS repair (id had damaged one or more sys 32 fils)

All sorted, A courtesy call back this week confirmed all was well :)

 

 

my System Restore method still seems to be holding solid, 2 further scans have turned up feckall, only fortunate that I didnt have to lose something important in the restore.

 

additional to the MS statedment on the Trojan the majority of forums also say that on previous OS running systems it also disables IE7+8 thus blocking you from seeking internet related assistance.....devious little bugger, least Win7 and the latest edition of MSE doesnt seem to allow that symptom on mine.

Link to comment
Share on other sites

i keep telling people this but they dont listen

 

Host file modification cuts 99% percent of the rubbish out there if updated.

 

takes less than 5 seconds

 

it stops pop ups adverts even known bad ips and websites

 

have a look

 

http://www.mvps.org/winhelp2002/hosts.htm

 

for 5 mins reading can save days in restoring

Spybot S&D also adds a healthy amount of sites/ips to the HOSTS to blacklist :thumb:

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...