Security Basics mailing list archives

Re: MSN virus

From: Todd Haverkos <infosec () haverkos com>
Date: Sat, 06 Feb 2010 16:25:51 -0600

xiandu () latech edu writes:

Hi, Todd, Dana and other friends

Thanks for your suggestion again.

I tried two solutions:
1. reset the password; (have not seen its effects)
2. downloaded avira from CNET and installed in the PC and detected
several viruses: TR/Hijacker.Gen Trojan and recognition pattern of the
(harmful) BDS/Backdoor.Gen back-door program. (not sure if they are
the MSN virus).

I will see what happens in the next few days.

Standard advice upon a confirmed malware infection is to rebuild the
box if you want to be sure you've gotten everything. You
unfortunately can't trust the tools to find everything, let alone
fix/remove everything without causing some destabilizing issues in the
OS.

Backup data to an external drive, repartition, reformat, and reinstall
the OS from original optical media behind a hardware firewall that's
all by itself on the network (to avoid reinfection from other machines
that may be infected on the network), bring updates current, install
antivirus, bring its definitions current, scan the external drive
with your data on it with that antivirus, and then copy your data
back. Reinstall and update your pograms and you're all set.

It's no fun, but it's the only way to really know you've got a
trustworthy system again (and, surprisingly it often takes less time
than chasing the rabbit down every tentacle of a serious malware
infection).

Good luck!

Best Regards,
--
Todd Haverkos, LPT MsCompE
http://haverkos.com/

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

MSN virus xiandu (Feb 04)
- Re: MSN virus Henri Salo (Feb 04)
  - Re: MSN virus Ramki B Ramakrishnan (Feb 05)
- Re: MSN virus Todd Haverkos (Feb 04)
  - RE: MSN virus Lozano, Renato (Feb 05)
  - Re: MSN virus xiandu (Feb 05)
  - Re: MSN virus xiandu (Feb 05)
    - Re: MSN virus Todd Haverkos (Feb 08)
- <Possible follow-ups>
- Re: Re: MSN virus taser3000 (Feb 05)