Anirak wanted some advice on removing Trojans.

The moosoft reference will probably be your best port of call, but it's not a 100% solution. moosoft specialize in Trojan intrusions but even they can't combat a Trojan they haven't seen before.

I know of people that specialize in break and enter Trojan software that is taylored as one offs, soes not to be detected. Hopefully they can go undetected indefinately. The secret services use them all the time *wink* to spy on people, there was a recent story here on AntiOnline about the FBI using a Trojan horse to monitor a suspect.

You can take measures yourself to prevent and remove Trojan software without relying on third parties, such as moosoft. The most important thing is to try an prevent someone getting a Trojan onto your system in the first place. Next, if you do have a suspicious Trojan lurking, you have got to identify its source, so you can prevent reinfection.

Use an Intrusion Detection System (IDS) to keep tabs on your system. Lookout for the sneaky ****s that use r00tkits to hide their tracks (I've run someone elses botfarm by not protecting a 24/7 high bandwidth server at work ) ... Make sure you have got a system backup on a GHOST image or maybe you'd prefer to spend loads of time reinstalling your OS from the original disks.

=====

Zero out your disk, so you can be sure a hidden copy of the Trojan isn't lurking, stored on some unused space on the disk.

i.e. with Linux do this dd if=/dev/zero of=/dev/hda

Restore your usual disk image from your backup like this

dd if=/dev/cdrom/myimage of=/dev/hda

=====

If you are connected to the Internet and your machine is mega lagged (slowed down) just run a simple check

netstat -a (make sure you aren't using IRC,WEB-BROWSER etc )

You will see all the connections your PC is making with the rest of the world, and if you see millions of connections on loads of ports you can be pretty sure some ****o is using your box as a proxy.
*ROFL*


PZ