dan19_83 Posted April 12, 2005 Share Posted April 12, 2005 I was dowloading something off of a website today and i clicked on a link and guess what. I got a big fat virus. A good one too i must admit cause i've spent all freaking day trying to get rid of it and just will not go away . It's called the backdoor.haxdoor virus i think. i've tried everything, ad-aware, spybot, stinger, symantec, but if anyone has anysuggestions, then that would be great. Link to comment Share on other sites More sharing options...
Dak Posted April 12, 2005 Share Posted April 12, 2005 hmm, symantech isnt the best AV available, try downloading AVG free updating the virus definitions and scanning your pc, its one of the best AVs. if that doesnt work, then try the following: #uninstall the program that you installed at the same time that the virus appeared (as the program itself might be installing the virus -- i remember spending ages trying to get rid of Cydoor before realising that flashget download-accelorator was installing it everytime that my pc booted up) #turn system restore points off, (right click 'my computer' and select properties. click 'turn off system restore' under the 'system restore' tag) #restart in safe mode (repeatadly poke F8 whilst your pc boots up) #bring up the task manager (ctrl-alt-del) and look, under prosesses, for JSDAPI.EXE, select it (if its there) and click 'end prosess' #scan again with AVG. failing that, download microsoft antispyware beta and repeat the prosess with m$ antispyware inplace of AVG. if that doesnt work swear loudly and hit your pc (dont forget to turn system restore back on after you have removed haxdoor) Link to comment Share on other sites More sharing options...
Dak Posted April 12, 2005 Share Posted April 12, 2005 oh, ad-aware is no longer supported, if it actually is just ad-aware that you have then you should download and install ad-aware SE Link to comment Share on other sites More sharing options...
Newtonian Posted April 13, 2005 Share Posted April 13, 2005 I was dowloading something off of a website today and i clicked on a link and guess what. I got a big fat virus. A good one too i must admit cause i've spent all freaking day trying to get rid of it and just will not go away . It's called the backdoor.haxdoor virus i think. i've tried everything' date=' ad-aware, spybot, stinger, symantec, but if anyone has anysuggestions, then that would be great.[/quote'] I will post you help tomoro Dan....too tired to think at the moment No worries though,just make sure you always scan before opening files.Invest in a good AV like mcafee.Trust me on that one. Link to comment Share on other sites More sharing options...
Dak Posted April 13, 2005 Share Posted April 13, 2005 AVG and avast are two of the very best antiviruses going. and theyre free zone alarm is one of the very best firewalls going. and its free. i believe kerio firewall is also highly recommended, and also is free. the only anti-malware program you can justify paying for is an anti-slyware* one -- the free antislywares, even m$-antispyware, are not 100% comparable to the payed-for ones such as spysweeper. even then tho, you can get away with using the free ones as long as you know a little about computers. ---------------------------------------------------------------------------- *slyware = spyware, adware, dialers, browser hijackers etc. Link to comment Share on other sites More sharing options...
The Thing Posted April 13, 2005 Share Posted April 13, 2005 Go search your registry, either for the key (if you know from websites, but you probably don't know cuz you are asking here), or for the startup programs. OR you can go to MSConfig and look at the start up and boot INI. If you are going to do anything boot your computer in safe mode. OR go online and try to find a solution for that virus. If nothing, no AV works, reinstall your system if you have to. AND if it's anything like W95.CIH, which attacks the boot sector AND BIOS, well, then you'll have to find an alternative. Link to comment Share on other sites More sharing options...
Dak Posted April 13, 2005 Share Posted April 13, 2005 haxdoor leaves the bios alone. its a relatively lame infection, although it was apparently bitching when it first came out. to be honest should be no problem for AVG. mannualy deleting the registry keys shouldnt be nessesary, but if it is: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\debug and HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ MPRServices\TestService\MPRServices\Testservices should be deleted after the scan. dont screw with your registry if you dont know what your doing. Link to comment Share on other sites More sharing options...
The Thing Posted April 13, 2005 Share Posted April 13, 2005 Yes. If you are going to play around (or delete a virus's registry entries) in the registry, backup(export the registry) first onto a seperate disk (like an external if you have one) before you proceed, unless you are confident with your skills with the registry, in which case you should also backup. Link to comment Share on other sites More sharing options...
Newtonian Posted April 13, 2005 Share Posted April 13, 2005 Dan its a little beauty, Its not really malicious it keylogs for passwords/ creditcard details etc,then emails them to some scumbag.Apart from that it wont harm your pc. As it does a really good job of hiding itself, a manual removal i imagine would be a little daunting and pointless if you dont delete all its parts.Before you remove it you need to turn off system restore(i hate it btw) because it hides in there as well and no Av software can clean your restore folder(just a little bit of info) so PM me with your email and i will give you a small AV that removes it auto. Then i rec you buy a good AV like mcaffee(around £40)or NAV 2005 money well spent! Obviously i cant supply you with these its illegal And thats it really just be carefull in future what you DL Link to comment Share on other sites More sharing options...
atinymonkey Posted April 13, 2005 Share Posted April 13, 2005 It's called the backdoor.haxdoor virus i think. i've tried everything' date=' ad-aware, spybot, stinger, symantec, but if anyone has anysuggestions, then that would be great.[/quote'] Here are two webstes that describe a step by step process for removing the virus and it's related entitys, they are quite simple to follow: - http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076689 http://securityresponse.symantec.com/avcenter/venc/data/backdoor.haxdoor.html Although it may help to download this bit of kit : - http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076689 to control browser based addons, and get rid of any malware manually. Edit: - The backdoor.haxdoor disables firewalls, so I'd recommend you physically disconnect from the internet as soon as you have a copy of the removal guides. If you have it, it's reporting back to the owner right now. Link to comment Share on other sites More sharing options...
dan19_83 Posted April 13, 2005 Author Share Posted April 13, 2005 wow, thanks everyone for yer quick and helpful reponses. I managed to sort out a few things that the virus messed up but there are still a few things left. I'll try and skim through everything that ye have posted and try and fix this damn laptop. Dan its a little beauty' date='Its not really malicious it keylogs for passwords/ creditcard details etc,then emails them to some scumbag.Apart from that it wont harm your pc. As it does a really good job of hiding itself, a manual removal i imagine would be a little daunting and pointless if you dont delete all its parts.Before you remove it you need to turn off system restore(i hate it btw) because it hides in there as well and no Av software can clean your restore folder(just a little bit of info) so PM me with your email and i will give you a small AV that removes it auto. Then i rec you buy a good AV like mcaffee(around £40)or NAV 2005 money well spent! Obviously i cant supply you with these its illegal And thats it really just be carefull in future what you DL[/quote'] I'll pm you my e-mail address now. thanks Because it's only a crappy laptop and i probably won't need it for much longer, i won't be investing in anything like Mcaffee but i will try and download the free stuff off of the internet (if i fix it). For future reference for anyone: I went onto a website and was able to get a free virus scan called panda. It was actually quite good, i'd recommend it to anyone who has a virus. http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm Just click on free scan and away you go! probably worth doing even if you don't think you have a virus. Link to comment Share on other sites More sharing options...
dan19_83 Posted April 13, 2005 Author Share Posted April 13, 2005 Here are two webstes that describe a step by step process for removing the virus and it's related entitys' date=' they are quite simple to follow: - http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076689 http://securityresponse.symantec.com/avcenter/venc/data/backdoor.haxdoor.html Although it may help to download this bit of kit : - http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076689 to control browser based addons, and get rid of any malware manually. Edit: - The backdoor.haxdoor disables firewalls, so I'd recommend you physically disconnect from the internet as soon as you have a copy of the removal guides. If you have it, it's reporting back to the owner right now. These look good, thanks for your effort. Thank you all. I'll be delighted if my laptop is ok after this, sounds like it will. Damn hackers! Link to comment Share on other sites More sharing options...
5614 Posted April 13, 2005 Share Posted April 13, 2005 Hmmm, seems I missed most of the action! Just one thing I picked up on is all the opinions on which firewalls/AVs etc. I like the norton internet security (NIS) 2005 firewall but do not like the NIS 05 AV so I use avast 4.6 -- I like that set up! I didn't like ZA (zone alarm) when I used it, although it's sufficient as an AV I just don't like it as much as NIS 05. Link to comment Share on other sites More sharing options...
ed84c Posted April 13, 2005 Share Posted April 13, 2005 my sugestion is just dont worry about it and go on. then just buy a new computer. after that just have fun or what ever you do. and if you get another virus then buy another computer Are you serious?! Anyway, also download microsoft antispyware centre (free) this will also prevent any unwanted spyware manafesting itself, and it is not very memory consuming either, so it wont slow you down! Link to comment Share on other sites More sharing options...
dan19_83 Posted April 14, 2005 Author Share Posted April 14, 2005 Hey I need some more help. I've managed to get rid of a few things that that virus meesed up but there are still a few things that i can't do on my laptop that I am worried about. 1. I can't right click on my desktop or any file on my computer but i can right click on the taskbar at the bottom of the screen. 2. When I go to control panel and try and change my desktop background, I can't click on any of the files in order to get a preview of the screen. (makes sense i hope). 3. When the virus installed itself it seemed to put in its own desktop. I have found my original desktop in my documents and settings. How do I activate this desktop on start up and not the one that the virus seemed to install? Any ideas? Link to comment Share on other sites More sharing options...
Dak Posted April 14, 2005 Share Posted April 14, 2005 how did you get rid of the virus? it might help us to know wether we're dealing with bits of the virus, the entire virus or just the artifacts left by the infection. please list everything that you did to get rid of it Link to comment Share on other sites More sharing options...
H2SO4 Posted April 15, 2005 Share Posted April 15, 2005 If all else fails, reformat. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now