Re: OT : Please Help Security Guys ! (Backdoor issue)

Run malwarebytes as well on that workstation

It should tell you which trojan/virus and delete it.

Don't panic!
Sent via BlackBerry from T-Mobile

-----Original Message-----
From: "Edouard Zorrilla" <ezorrilla_at_tsf.com.pe>
Date: Mon, 26 Apr 2010 15:35:55
To: oluwaseyi ojo<sameoj_at_gmail.com>; Ryan West<rwest_at_zyedge.com>
Cc: Andrey Tarasov<andyvt_at_gmail.com>; <Charles.Henson_at_regions.com>; <ccielab_at_groupstudy.com>; <nobody_at_groupstudy.com>; <security_at_groupstudy.com>
Subject: Re: OT : Please Help Security Guys ! (Backdoor issue)

Explorer.exe was sending the traffic, it means another executables could
have been compromised as you said. I guess we are in a trouble,

Regards

----- Original Message -----
From: "oluwaseyi ojo" <sameoj_at_gmail.com>
To: "Ryan West" <rwest_at_zyedge.com>
Cc: "Edouard Zorrilla" <ezorrilla_at_tsf.com.pe>; "Andrey Tarasov"
<andyvt_at_gmail.com>; <Charles.Henson_at_regions.com>; <ccielab_at_groupstudy.com>;
<nobody_at_groupstudy.com>; <security_at_groupstudy.com>
Sent: Monday, April 26, 2010 11:17 AM
Subject: Re: OT : Please Help Security Guys ! (Backdoor issue)

> First the backdoor must have been attached to an application so check your
> processes and carefully look to see the process being used by each
> application installed on that system. If found uninstall the application,
> clean the system with a strong antivirus then re-install that application
> again.
>
> If these still did not work, google: anti trojan,trojan guard, trojan
> hunter
> or trojan cleaner. This will detect the backdoor.
>
> If this still did not work, formatting the system will be your last option
> and you must carefully backup your information by ensuring you do not back
> the back door too.
>
> Regards.
>
>
> Ojo Oluwaseyi O. CCSI#33076,LPT,CEI
>
> On Mon, Apr 26, 2010 at 7:02 PM, Ryan West <rwest_at_zyedge.com> wrote:
>
>> I think you misunderstood me. I was asking what did you find, what was
>> the
>> process showing up on the new machines?
>>
>> > -----Original Message-----
>> > From: Edouard Zorrilla [mailto:ezorrilla_at_tsf.com.pe]
>> > Sent: Monday, April 26, 2010 1:57 PM
>> > To: Ryan West; Andrey Tarasov; Charles.Henson_at_regions.com
>> > Cc: ccielab_at_groupstudy.com; nobody_at_groupstudy.com;
>> security_at_groupstudy.com
>> > Subject: Re: OT : Please Help Security Guys ! (Backdoor issue)
>> >
>> > You are right Sir, I am sorry it was my bad !,
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Mon Apr 26 2010 - 22:43:14 ART