EverCrest Message Forums
my profile | rules | faq | forum home
who's online | search | chat
You are not logged in. Login or Register.
EverCrest Message Forums » EverCrest Forums » Innoruuk's House of Ill Repute » Virus : Trojan Backdoor.mard?
Author
Topic: Virus : Trojan Backdoor.mard?
Khyron
Hello, my mushy friend...
posted 01-27-2003 08:19:38 PM
I have AVG antivirus. Last night I ran a full virus scan and found four files infected with the trojan 'BackDoor.Mard'.

The four files were :
C:\MIRC\Backup\MIRC32.exe
D:\Laptop Backup\MIRC\MIRC32.exe
D:\Laptop Backup\MIRC\Backup\MIRC32.exe
D:\Laptop Backup\MIRC\Backup\MIRC32.exe

AVG claims it healed all of them.

Ever since then, however, I keep getting 'virus found' popups saying they found a virus in the same four files.

I can delete the Laptop Backups just fine (They're old backups from when I last formatted the Lappy), however I should note that on the Laptop itself I had Norton until 2 days ago, and Norton never found any virus.

Is AVG malfunctioning?

Khrynn - Mage, Goon Squad, Mal'Ganis
Profile Message Ignore User
Report Reply
Delphi Aegis
Delphi. That's right. The oracle. Ask me anything. Anything about your underwear.
posted 01-27-2003 08:23:50 PM
I stopped listening when you called a laptop "Lappy".

That's just wrong.

Profile Message Ignore User
Report Reply
Yuri
posted 01-27-2003 08:29:24 PM
That peticular virus basicly shows a projection of those four files and eludes the virus program to say that those are the file whereas the real virus is a different file entirely. I'd recommend running a online virus check to see if it finds anything different. If it doesn't.. Well.. Reformating fixes everything
Profile Message Ignore User
Report Reply
Khyron
Hello, my mushy friend...
posted 01-27-2003 08:46:42 PM
I ran two more virus scans, repaired four more files, and now it appears in c:\System Restore Information\ which I assume is a safe place for it for now
Khrynn - Mage, Goon Squad, Mal'Ganis
Profile Message Ignore User
Report Reply
Pilikia
Producer of Pocket Peachis!
posted 01-27-2003 09:20:48 PM
Something I can help with!

I have AVG too, and I also found this trojan. From what I've been able to dig up, it seems it's relatively new and not all the virus scanners are running checks for it yet. Here's a page with some decent information on how to get it out of your registry:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=BKDR_MARD.A

I folowed those and it's not coming up in my virus scan anymore, though I did have to reboot twice before it stopped.


Edit: with further research, it seems that AVG is saying that it's a bug with their new update. Here's the email they sent out to two people who said they also got the trojan:

quote:
Dear Sir/Madam,

We are very sorry about the problem
Reported problem will be solved in the next update of AVG 6.0
Anti-Virus

Best regards,

Miroslav Koutny
AVG Technical Support

[ 01-27-2003: Message edited by: Pilikia ]

Profile Message Ignore User
Report Reply
All times are US/Eastern
Hop To: