Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Trojan Horse and backdoor.poison

10 Dec 2013   #11
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Just so you understand the 'nature' of backdoor.poison Backdoor:W32/PoisonIvy

Warning! Backdoor Trojans

These are the most dangerous, and most widespread, type of Trojan.
Backdoor Trojans provide the author or ‘master’ of the Trojan with remote ‘administration’ of victim machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more.

If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums.
You should consider them to be compromised.

They should be changed by using a different computer and not the infected one, if not an attacker may get the new passwords and transaction information.

Banking and credit card institutions should be notified of the possible security breech.
More info can be found below:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
How to report ID theft, fraud, drive-by installs, hijacking and malware? Security | DSLReports, ISP Information

Download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
  • Double click combofix.exe and follow the prompts.
  • When finished, it will produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
After rebooting ensure your Security applications have been re-enabled.

In your next reply post:
***A guide and tutorial on "How to use Combofix" can be found here:
ComboFix: A guide and tutorial on using ComboFix

My System SpecsSystem Spec
11 Dec 2013   #12

Windows 7 ultimate 32bit

Finally i solved the problem myself. I am listing these steps so that it could be a least help to others like me if possible.

1) First i installed the Software named "Spy-bot search and destroy" and uninstalled other antispyware software like avast malwarebytes etc.
2) Turned system protection off, because this trojan can restore itself from system restore points. Delete those recovery points
3) Reboot the computer in Safe mode.( type "msconfig" in run program and look for the options)
4) In safe mode start the "spy-bot search and destroy program. Scan everything that the program will provide in option
5) scanning will take time and it will show some infected registry. Click fix found option.
6) Type %temp% in Run program and delete those temporary files( Skip system files)
7) Now type msconfig in run program and uncheck the safe mode option
8) Reboot the computer in Normal mode and now you can turn on system recovery and install Antivirus and do a scan and be happy now.
i hope i helped you. I tried these steps and i got my clean laptop again.
My System SpecsSystem Spec

 Trojan Horse and backdoor.poison

Thread Tools

Similar help and support threads
Thread Forum
Trojan Horse?
Lately my HP 6620 is slow. Ran defrag, chkdsk, McAfee, Malwarebytes, Max Secure Spyware, System Mechanic (will not do a full analyze anymore). Ran Spybot Search & Destroy and it stops for quite awhile on Win32.bicololo. Googled this and it says it's a trojan. I can't find it anywhere in the...
System Security
Trojan Horse
Hello All Norton pick this up and can't Delete it.:mad: a0ee3d65141.Class ( Trojan Horse ) Need "Help" On how to get rid of this!:hot: Thanks for your help:geek:
System Security
Infected with Trojan horse giving known error
Typical, giving error of sshnas21.dll missing at the startup of my windows 7 ultimate. I use MSE as anivirus, which caught it and declaired it has been removed. But, after reboot, its clear that its not gone, giving error of sshnas21.dll missing. Currently I am scanning with MRT (Aug 2010)...
Performance & Maintenance
Trojan horse in svchost.exe... What?
Hey. I was checking virusses, but then I was something really strange. AVG antivirusscanner 8.5 gave a Trojan horse in 'svchost.exe'... But that's a Windows file, right?
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 13:38.
Twitter Facebook