Trojan Horse and backdoor.poison

Page 2 of 2 FirstFirst 12

  1. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #11

    Just so you understand the 'nature' of backdoor.poison Backdoor:W32/PoisonIvy

    Warning! Backdoor Trojans

    These are the most dangerous, and most widespread, type of Trojan.
    Backdoor Trojans provide the author or ‘master’ of the Trojan with remote ‘administration’ of victim machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more.

    If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums.
    You should consider them to be compromised.

    They should be changed by using a different computer and not the infected one, if not an attacker may get the new passwords and transaction information.

    Banking and credit card institutions should be notified of the possible security breech.
    More info can be found below:
    How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
    How to report ID theft, fraud, drive-by installs, hijacking and malware? Security | DSLReports, ISP Information

    Download Combofix from any of the links below, and save it to your desktop.<--Important
    Link 1
    Link 2
    Link 3

    Click on this link Here to see a list of programs that should be disabled.
    The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
    Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
    Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
    This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
    • Double click combofix.exe and follow the prompts.
    • When finished, it will produce a log for you. Post that log and a HiJackthis log in your next reply
    Note: Do not mouseclick combofix's window while its running. That may cause it to stall
    Please be patient while the scan runs, at times it may appear to stall.
    When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
    After rebooting ensure your Security applications have been re-enabled.

    In your next reply post:
    ComboFix.txt
    ***A guide and tutorial on "How to use Combofix" can be found here:
    ComboFix: A guide and tutorial on using ComboFix
      My Computer
    Quote Quote

  3. infotech
    Posts : 12
    Windows 7 ultimate 32bit
    Thread Starter
       New #12

    Finally i solved the problem myself. I am listing these steps so that it could be a least help to others like me if possible.

    1) First i installed the Software named "Spy-bot search and destroy" and uninstalled other antispyware software like avast malwarebytes etc.
    2) Turned system protection off, because this trojan can restore itself from system restore points. Delete those recovery points
    3) Reboot the computer in Safe mode.( type "msconfig" in run program and look for the options)
    4) In safe mode start the "spy-bot search and destroy program. Scan everything that the program will provide in option
    5) scanning will take time and it will show some infected registry. Click fix found option.
    6) Type %temp% in Run program and delete those temporary files( Skip system files)
    7) Now type msconfig in run program and uncheck the safe mode option
    8) Reboot the computer in Normal mode and now you can turn on system recovery and install Antivirus and do a scan and be happy now.
    i hope i helped you. I tried these steps and i got my clean laptop again.
      My Computer
    Quote Quote

 
Page 2 of 2 FirstFirst 12

  Related Discussions
Trojan Horse?
in System Security

Lately my HP 6620 is slow. Ran defrag, chkdsk, McAfee, Malwarebytes, Max Secure Spyware, System Mechanic (will not do a full analyze anymore). Ran Spybot Search & Destroy and it stops for quite awhile on Win32.bicololo. Googled this and it says it's a trojan. I can't find it anywhere in the...
Trojan Horse
in System Security

Hello All Norton pick this up and can't Delete it.:mad: a0ee3d65141.Class ( Trojan Horse ) Need "Help" On how to get rid of this!:hot: Thanks for your help:geek:
Typical, giving error of sshnas21.dll missing at the startup of my windows 7 ultimate. I use MSE as anivirus, which caught it and declaired it has been removed. But, after reboot, its clear that its not gone, giving error of sshnas21.dll missing. Currently I am scanning with MRT (Aug 2010)...
Hey. I was checking virusses, but then I was something really strange. AVG antivirusscanner 8.5 gave a Trojan horse in 'svchost.exe'... But that's a Windows file, right?
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 16:17.
Find Us