Removing Backdoor.optix virus

  • Thread starter Thread starter DJ Ollie
  • Start date Start date
D

DJ Ollie

HELP!!!!
Have some how managed to pick up the BACKDOOR.OPTIX Virus
even though i have both a firewall and anti virus
software running. My anti virus software will pick up the
virus but it can not heal the files it has infected and
can only sent them to the virus vault. The problem is the
files are my WINIT.EXE & SYSINFO.EXE files that are
infected if it sends these to the vault it screws up my
system. I cant restore to an earlier setting because
there is a huge amount of work i have done recently that
i would loose. Can anyone help? Its got so bad that i
cant access most of my programs now because the virus
shield keeps popping up and messes up the accessing! So i
have had to use someone elses computer to send this.
Thanks in advance
Ollie
 
There is a very helpful virus removal newsgroup you may wish to post to:
news://msnews.microsoft.com/microsoft.public.security.virus

Symantec Security Check
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

Virus Removal Tools
http://securityresponse.symantec.com/avcenter/tools.list.html

Online Virus Removal Tutorials
http://www.symantec.com/techsupp/virusremoval/virusremoval_info_tutorial.html

Computer viruses: description, prevention, and recovery
http://support.microsoft.com/default.aspx?scid=kb;EN-US;129972

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/

----------------------------------------------------------------------------------


| HELP!!!!
| Have some how managed to pick up the BACKDOOR.OPTIX Virus
| even though i have both a firewall and anti virus
| software running. My anti virus software will pick up the
| virus but it can not heal the files it has infected and
| can only sent them to the virus vault. The problem is the
| files are my WINIT.EXE & SYSINFO.EXE files that are
| infected if it sends these to the vault it screws up my
| system. I cant restore to an earlier setting because
| there is a huge amount of work i have done recently that
| i would loose. Can anyone help? Its got so bad that i
| cant access most of my programs now because the virus
| shield keeps popping up and messes up the accessing! So i
| have had to use someone elses computer to send this.
| Thanks in advance
| Ollie
 
info on it from symantec.com

Several variants of Backdoor.Optix have been discovered.
All of them, when executed, open a port on the computer.
This allows a hacker to connect to the computer and perform
any desired actions. All variants discovered will also
attempt to terminate the process for several antivirus and
security products.

Some of the variants may execute additional files when the
file containing Backdoor.Optix is executed. Variants that
send messages using the ICQ network have also been
discovered. The messages are sent to the author of the
Trojan to tell them that an infected computer is online.

Many, but not all variants of Backdoor.Optix create a
Winstart.bat file that can contain various commands. These
commands could include recreating the Trojan if it is deleted.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows cannot find "logon.exe" 26
JS/Downloader.Agent 6
How to display 'Local Settings' subfolder under C:\Documents andSettings? 2
Desktop Icons 2
Can't get rid of Trojan Horse 5
For MVP: Trojan-horse associated with C:\WINDOWS\system32\wdmaud.s 1
Is there any External AV program? 14
Java/ByteVerify Help! 1

Back
Top