I just reformatted my computer a couple days ago and I haven't used it much since then. I just downloaded a NAV update and it told me I had the Backdoor.trojan virus. (http://securityresponse.symantec.com/avcenter/venc/data/backdoor.trojan.html) I was able to remove it, but how do I know if I have actually been infected or not? I don't recall clicking on the file and I do not have any noticable signs, except my little computers in the taskbar flash when I am on idle at a site. Is somebody hacking me?! Is it ok for Rundll32 to access the internet? That's one of the files it told me was infected. Somebody please help me!

Put a firewall on your machine and check the traffic log

I think you need to delete your Rundll32 and download a new one.
1. Removing Trojans in Windows 95/98/Me

To remove the Trojan

* Check the virus analysis for details on the Trojan and its removal.
* Go to Start|Programs|Sophos Anti-Virus and run the 'Sophos Anti-Virus' program.
* Select the 'Immediate' tab.
* Go to Options|Configuration... select the 'Action' tab, tick 'Infected files', select 'Delete' then click 'OK'.
* Click the 'Go' button on the toolbar to start the scan.
* Delete the files. Run another scan to check it has gone.
* Go back to Options|Configuration... select the 'Action' tab, then deselect 'Infected files' and 'Delete'. Click 'OK'.
* Reboot and run a final scan to be certain it has gone.

If the Trojan cannot be removed because the files are held open by the operating system:

* Reboot the PC from a clean startup or system disk.
* Delete and replace the infected files manually or using the DOS instructions.

http://www.sophos.com/search/index.cgi

Lisa,
If your system is running OK,if so, sit tight for a while and don't take any drastic actions.
Unless I am mistaken, NAV will identify with more specificity which trogan is the culprit.
The message you related is a non specific warning that there is a trogan present.
If you can get a more targeted trogan this site has a good list of them and their presence.
http://www.simovits.com/sve/nyhetsarkiv/1999/nyheter9902.html
It may be neccesary to re-install run32 as mentioned above, but you should at the very least get a good firewall such as ZoneAlarm
so you can keep track of this stuff.
GoodLuck
sheo

hello
dont let rundll on the internet at all

Trying To Trace the origin of Backdoor.Trojan

Hello,

I am running windows xp pro and have The Latest Zone Alarm As well as
the Latest Norton 2002 installed on my PC.

Norton detected the backdoor.Trojan in a file called
winlogon.exe under c:\windows\system virus 2 days late.
and sadly found out that the file c:\windows\system\winlogon.exe
has bypassed ZoneAlarm !!!!

I have deleted that file now and Norton doesn't detect anything
else on my pc, I hope this is sufficient.

2 days ago I was running KaZaA and downloading something, I have
a strong feeling the backdoor.trojan came through KaZaA, I would
just like to know how it was done so it can be safe again to use
KaZaA.

Note: of course I had to let kazaa bypass zonealarm.

was the file created for use with subseven? and how was it able
to get into my c:\windows\system dir without clicking on any
suspicious files?

I always scan my files b4 I execute them on regular basis.

I scanned all my hard drive and the only file that contained the
trojan was winlogon.exe nothing else !!!!

the reason this is making my head spin a little is because I have
the latest Norton plus Zone alarm not only that I am always 100%
careful about what components and programs are getting access through
zonealarm and then I find this stupid winlogon as access !!!!

Please if you have some information on how to prevent this in the future
let me know as I don't know what mistakes I have done other than using
KazAalite the one without spy ware.

thanks in advance,

Analyzer Analyzer_@hotmail.com

Please send me step by step instructi9on to remove this virus. My MRPEXE.EXE file is infected with this virus. I run Window 95 system.

Kishor Valia.

my shellex.exe is infected by the backdoor trojan how to remove the virus
i run windows 2000 xp

My NAV detected this virus on c:\windows\temp
in three files, i updated my Norton but sadly it didnīt repaired the files so i deleted them, so do you think my cpu is no longer in danger?
This matter really surpasses me...

Hi,
I use ME windows, and I have a trogan files in:

c:_RESTORE\ARCHIVE\FS997.CAB[A0082115.CPY]
C:_RESTORE\ARCHIVE\FS997.CAB[A0082113.CPY]

I do scan by pc-cillin its always says: unable to delete

The virus name:
TROJ_PSW_RING0.B

How can I clean my pc ( laptop).

thanks

Hello i tink i managed to get trojan virus via msn messenger, they guy that sent it now knows he hes it. my m8 says its a subseven trojan every time he presses ** in msn it brings up an anoying message and then i cant do nething until i clickon ok we have spent 2 days trying to get rid of it plz help wot do i need to look 4 to get rid of it??
p.s it also makes me automatically DL a file if he sends it to me plz plz someone help