July 2nd, 2003 07:07 PM
i am grateful for all suggestions received but still tangled up in my problem. i understand the process for down loading latest virus def. ,re-starting in safe mode,stopping trojan process for win.XP and scanning with norton anti-virus but the explanation for editing the registry is a little difficult to come to terms with. i dont feel confident in modifying it as i could do something wrong. also on my alert tracker it is displaying blocked stealth udp port -iyyrhoaqz1 is this the hacker or just a normal add block. once again thanks all for your time and help with this. can you ask too many questions on A/O ?????
July 2nd, 2003 07:28 PM
I know you may feel a bit uncomfortable in modifying your registry but it's no big deal really if you know what you are doing. I say follow the directions given as to how to edit the registry, just ensure you back up the registry before just in case.
If something goes wrong there's always the option of reinstalling your o/s and as usually stated if you are not sure if any malicous damage was done then it is always wise to reinstal your o/s, since am not sure if you know whether or not any real damage was done.
If you know that no real damage was done then just do the edit registry process just becareful when doing it.
This pretty much sounds like someone is scanning your computer for an open port. Here is a site that does a good job on explaining this.
also on my alert tracker it is displaying blocked stealth udp port -iyyrhoaqz1 is this the hacker or just a normal add block
There's no such thing as asking too many questions on A/O. Without questions A/O would seize to exist.
can you ask too many questions on A/O ?????
Oh, and just one question. Why did you create a new thread?
- The mind is too beautiful to waste...
July 2nd, 2003 07:41 PM
Editing the registry is no big deal... fire up regedit and be sure to check what you're editing before you actually do it.
BTW, whats the worst that can happen if you do screw something up... ? You learn from it and the next time you need to edit your registry, you'll know what not to do....
Check this site out for lil tuts, cool tricks, and other neat things about the your registry.. http://www.winguides.com/registry/
Also what version of BACKDOOR.sdbot do you have? (.I, .M, etc.) I checked out the Symantec website for an auto repair but since i don't know which one you have... you need to go check it out yourself....
= Cheers, jag291 =
July 2nd, 2003 08:24 PM
thanks cutty again for the info, will try modifying my registry. to answer your question regarding creating a new thread i can only say that computer illiteracy is by my side for the time being.. i will hopefully work it all out with the great help i receive from all who have responded at A/O............... a thanks also to jaguar291. the trojan version is IRC/BACKDOOR.Sdbot found in file C;\WINDOWS\system32\system32.exe.....
July 2nd, 2003 09:14 PM
PS. You can use the export registry option under [Registry] to save a backup of your registry. This is considerably quicker than re-installing your OS.
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier