Printable View
Recently my friend's computer was infected by the Avalanche botnet trojan. He had installed Windows Vista operating system, Intel Quad Core Processor, Gigabyte motherboard, AVG anti virus. I am going to set-up a desktop computer at my place and I want to know as to what prevention should I take to protect my computer from Avalanche botnet and related trojans and malicious programs. And if in case my desktop is infected how to remove the infected threat. Which Anti virus should I install.
The Trojan: Avalanche botnet is a password stealing malicious program. This malicious program has the capability to out smart the Firewall of the system to gain access to sensitive passwords. Once it gains access of the user machine it then makes use of its backdoor to connect to the remote attacker to pass the sensitive data. According to Microsoft this is a very Severe Level Threat.
There are certain malwares that can surpass the Firewall settings as well as may go undetected by the installed anti virus. One such kind of the malware is the Avalanche botnet. The malware Avalanche botnet can be detected by verifying the following file existence in your system
This file is installed by the malware Avalanche botnet. If this file is found to be existing then it is advised to delete this file as well as run a full system scan to delete the threat.Quote:
c:\Windows\system32\sdra64.exe
There many network threats which are now being distributed in the form of Spam e-mails with malicious attachments. These mails are a good to mimic the mails of popular banks, network security firms or even most well known Computer companies. For instance the Avalanche botnet is a Trojan that is sent through a spam e-mail that is disguised as a mail from Microsoft regarding security issues. This e-mail is attached with a malicious content that inhabits the Avalanche botnet Trojan.
The Avalanche botnet trojan is a very severe threat to any computer system. As the basic definition for trojan states, this Avalanche botnet trojan also sends information of infected computer system to the hacker who designed the trojan. If by any means the user has visited or clicked any advertisements or downloaded any attachments from the hacker then the sdra64.exe file is downloaded to the systems folder. This malicious file then infects the svchost.exe, explorer.exe, lsass.exe, smss.exe processes of the system. To remove the Avalanche botnet trojan it is recommended to format your Windows Drive.
To get rid of any detected threats in the system scan your computer in Safe Mode. If the threat is still undetected then still it is possible to track it down using the Windows System Restore Utility. Though this utility would not actually track the threat but it would disable the current settings and apply settings of a secure safe point.