Detecting and removing trojans and malicious code from Win2K

Thursday, 19 September 2002, 1:03 PM EST

The amount of malicious code directed at Windows systems seems to be increasing on a continual curve [1]. IRC bots, backdoor Trojans and worms abound. It seems that few Windows systems, particularly Win2K, are immune from infection, regardless of how diligent the user or administrator may be. Many posters to public lists continue to report Code Red and Nimda scans, as well as port scans for popular Trojan applications, on an almost weekly basis.

The flip side of this is that users and administrators are also reporting that their systems have been infected or "hacked", without having solid evidence to support their assumptions. Many times, the reported activity may be, in reality, normal activity of an application on the system.

The purpose of this article is to recommend steps that an administrator can use to determine whether or not a Win2K system has been infected with malicious code or "malware" and, if so, to remove it. This article will specifically address network backdoor Trojans and IRC bots, but the information delivered in this article should assist the reader in a variety of situations.

[ Read more ]




Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //