I’ve just noticed that I am infected by the Amanda Trojan. It is dangerous; as it hides very well, Avast Free is not removing or finding it, how does anyone feel; how could one could get rid of this Amanda Trojan? Thank You!
I run WinXP, SP2.
Please post a new topic in the “Viruses and Worms” subforum http://forum.avast.com/index.php?board=4.0.
If you read the “pinned” or “sticky” topics in that subforum, there are some things you may download and post logs with them, but I would suggest first to start the topic and wait for specific instructions.
Please read:
Support for Windows XP Service Pack 2 ends on July 13, 2010
http://support.microsoft.com/gp/lifean31
If avast does not detect it…how do you know you have this amanda trojan?
Some malware are harder to remove than others with some able to hide or resist efforts of antimalware software by embedding itself deep within windows. Have you tried Avast boot time scan? It is under “Scan Computer”~~~~~>“Boot time Scan.” There you should see a “Schedule Now” button and click it. Then restart your machine and Avast boot time scan should run before Windows load itself.
Theoretically it should have a much higher chance to clear out difficult malware, b/c it runs before any malware or windows for that matter is able to load itself. To be very cautious and safe, during the scan, only click on “repair,” Do not click delete though. It might be catastrophic if you accidently delete a infected Windows system files.
The boot time scan should theoretically work. If it doesn’t then you will need to do other things, but try that first and get back to us. Also install Windows XP sp3 immediately if you can. Using SP2 is a huge security risk.
Leave the boot time scan set to the default (ask) so you have the chance to view and query the detection first.
Thank you all for your help; I will try the boot time scan, thank you for that idea.
I know I have the trojan by accident, while looking @ ports stealthed by Avast firewall. One port, seen by Gibson’s Shields Up, notified that it was inhabited by amanda trojan.
are you behind a ISP box or router or both ?
Still, you should update your XP to SP3…!! 
Hi, thank you, I’m using my ISP’s modem that’s all.
Thanks; I would love to update to SP3, but can’t, as MS sees I don’t have an OEM copy, and stopped supporting anyway, thanks…
does it have a firewall…that is turned on by default, by your ISP…if so then it is that firewall that is tested
feks when i run this test at Shields UP i get the same result if i have my computer firewall on/of i also have a firewall in my Dlink635 router…it does not matter what i do with those firewall the test result is still the same…the reason is that it is the first firewall that is tested and that is located in my ISP thompson cable modem box…and the inside of that is off limit to me
Well, no big surprise then, if you use a non legit XP.
The Shields UP report does not say that you have the Amanda trojan…
what it is giving you is info on the firewall ports and telling you that the Amanda trojan use this port to communicate…when it is there
http://www.speedguide.net/port.php?port=28
Symantec malware info
http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=20121
Backdoor Amanda is a Trojan that opens up a backdoor program that, once installed on a system, permits unauthorized users to alter system files, view desktop contents, disabling user control, etc. BD Amanda operates over ports 11011, 20, 28, 10012, 10013, 23032 via TCP.
Wow what a gross misunderstanding lol
@firefox007
Here is a download link where you can get all the updates for XP
http://www.softwarepatch.com/windows/patch-notes.html
A bit time consuming to get all the patches that are post SP3 but…
Remember to apply the latter after you install SP3
In a business environment it is quite normal to have a disc pre-compiled ;D
Is this the five year old “Amanda” Trojan or is it a variant?
The “Amanda” Trojan has been around for about five years.
@Nesivos did you only read the first post ?
+1
@Nesivos
Read Pondus’ post!
Is anyone aware whether or not Avast antivirus has the ability to see & remove the Amanda trojan in particular? Thank you.