Spyware, Viruses, & Security forum

General discussion

Help with W32 Backdoor virus please.

by BowHunter777 / August 4, 2007 3:47 PM PDT

Hi Guys
I need some help with a virus. My anti-virus has found 3 viruses in as many days, their listed as 1.A0443180.DLL W32Backdoor 2.A0443205.DLL W32Backdoor 3.A0443206.DLL W32Backdoor.DLL.
Once their found the AV deletes them, it says because they could not be cleaned.After that I run a complete scan just to make sure the AV got it and then everything seems fine until the next day on start up, thats when their being found, one a day for the last 3 days.So I'm just wondering if somebody may have an idea as to where their coming from also with the numbers being so close in each one what that may mean.My O/S is WinXP Intel Celeron(R) CPU 2.80GHz 513MB.Ram.
As usual any help would be greatly appreciated.

Discussion is locked
You are posting a reply to: Help with W32 Backdoor virus please.
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Help with W32 Backdoor virus please.
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
What AV are You Using & What Other....
by tobeach / August 4, 2007 4:07 PM PDT

scanners/removers have you got onboard?
Although it takes longer, try running AV again after rebooting to safe mode. Write down exact paths (locations) AV indicates they're at.
Any new or un-recognized programs in CP>add/delete programs List? Happy

Collapse -
My AV
by BowHunter777 / August 4, 2007 5:16 PM PDT

Hey Tobeach
My AV is through my IP but it's Radial Point.I've been using it for a few years and it's a really good AV,although for some reason it won't run in safe mode.It's also my anti-spyware but I use Adware 2007 and SpyBot S/D. As far as any new programs,I don't have any but a friend of mine tried install a program, I think it was called "Tweak Now"?,something like that but when he did my AV alerted me to a virus same kind( W32 Backdoor)so I got rid of the program right away and that was about a week ago.

Collapse -
In addition
by tomron / August 5, 2007 11:33 AM PDT
In reply to: My AV
Collapse -
AVG A/S
by BowHunter777 / August 5, 2007 4:29 PM PDT
In reply to: In addition

Hey Tomron
Yea I have AVG anti spyware and from time to time I do run it in safe mode. I ran it a couple of days ago and results were pretty much as usual, a few minor infections of spyware.Actually today is the first time in the past few days that I've started my comp. and my AV hasn't popped up with "Found Virus" message.In my first post I included the numbers associated with the virus' found,is there a reason why the numbers asso.with the virus's are so close?,what I mean is could they (the 3 of them)been the same or do you think their defenetly all different, as in from different sources ?.

Collapse -
You had a backdoor Downloader Trojan....
by tobeach / August 5, 2007 4:44 PM PDT
In reply to: AVG A/S

which would, after landing, try to download additional malware like keyloggers or other types. Possible that it had a list of 10 or more malware to try to D/L but perhaps only a few would be effective on your particular machine according to the tests it would run on your security before trying for additional.

Glad to hear clean now but I would run AVG AS daily for a few days &/or do an online scan for peace of mind. I would also worry if a copy is in system restore files where you might re-activate it by restoring to a point before clean. Good Luck! Happy

Collapse -
Yea....
by BowHunter777 / August 5, 2007 10:23 PM PDT

Thanks Tobeach
Thats what I'll do, run the AVG A/S for a couple more days.When you mentioned doing an online scan, do you mean like a Trend micro scan that you can run for free from their site?. If so is that a good one to run or do you know of something better you can suggest?.Either way thanks a lot for your help. Also if Tomron happens to read this thanks a lot for your help also.

Collapse -
(NT) Yes, Trend Micro online scan is good.
by roddy32 / August 5, 2007 10:49 PM PDT
In reply to: Yea....
Collapse -
(NT) Pleased if I Helped. Thanks for Reply. G'Luck! :D
by tobeach / August 6, 2007 3:30 PM PDT
In reply to: Yea....
Collapse -
Sh&%!! looks like I spoke to soon.....
by BowHunter777 / August 6, 2007 4:08 PM PDT

Once again my AV found a virus when I started it this morning and it is exactly where you mentioned Tobeach, in the system restore.This is the number associated with it:C:\SYSTEM VOLUME INFORMATION\_Restore
{95A3FFF1-3E3A_/A0443221.EXE.
I'm just about to go and run an online scan at Trend Micro so I'll post the results.When you mentioned that I should worry if it's in System Restore is that because it's harder to detect?.

Collapse -
You need to disable system
by roddy32 / August 6, 2007 4:13 PM PDT
Collapse -
OK.....
by BowHunter777 / August 6, 2007 6:39 PM PDT

I disabled system restore the turned it back on.I ran a scan it came up clean so hopefully I got it.Thanks a lot for your help Roddy32.

Collapse -
(NT) You're welcome
by roddy32 / August 6, 2007 7:12 PM PDT
In reply to: OK.....
Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?