Spyware, Viruses, & Security forum

General discussion

Manual Uninstall of Backdoor Trojan

by Jradamsinc / December 31, 2004 12:38 AM PST

I have a backdoor trojan, a new one according to Symantec. I have run Norton my anti virus twice with Live Update, had it deleted it twice and it is still there. How would I manually uninstall it? What other registry keys need to be eliminated? It keeps coming back without me even going back on the internet.
1999 Dell Dimensions, 13.6 GB, 128 RAM
Thanks

Discussion is locked
You are posting a reply to: Manual Uninstall of Backdoor Trojan
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Manual Uninstall of Backdoor Trojan
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
System Restore
by dawillie / December 31, 2004 12:54 AM PST

if you are running ME or XP you will need to disable System Restore, re scan and eliminate.
Enable System Restore.
Please post back with results and, if this does not work, post back with the EXACT name of the Trojan including the path where it resides, as well as what your OS is.

Collapse -
backdoor trojan
by Marianna Schmudlach / December 31, 2004 1:44 AM PST

What is the name of the trojan and where does Symantec find it?? (Exact path} Which Operating System do you have?

Collapse -
Backdoor.Trojan
by Jradamsinc / December 31, 2004 8:15 AM PST
In reply to: backdoor trojan

Backdoor.trojan is all it says. I have been finding a Misb3796.bud link all over the place. I run my Adaware, Spybot and my Norton Virus Scan but nothing yet. I scanned on Symantecs site (took forever) and it gave me a few removal tools, which I ran but all said system clean......very perplexing. I believe my son went to sites in neverland that he was not supposed to because with this backdoor, it appears to be IE highjacker with a dialer attached. Fortunately it can't dial out because I use broadband. When it first appeared yesterday I was told to run Live Update, which I do religiously, but I gather this may be a new one because it was not picked up when I did my update on Wednesday the 29th. This happened on the 30th so I think it is relatively new.

Collapse -
No HJT logs here - but
by Marianna Schmudlach / December 31, 2004 8:32 AM PST
In reply to: Backdoor.Trojan

what you could do is,

Please go to http://www.computercops.biz/downloads-file-328.html

and download HJT this -

Open 'My Computer', then double-click to open C:\ (or the drive letter that your Windows is installed)
In the menu bar, click File-->New-->Folder.
That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis". Now you have C:\HJT\ or C:\HijackThis\ folder. Put your HijackThis.exe there, and double click to run it and Press "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Click: "Save Log" (generates: "hijackthis.log")

Next, HijackThis | Config [button] | Misc Tools [button]
Click: Generate StartupList log [button] (generates: "startuplist.txt")

Next, go to one of the links below. (You have to register before you can post your log !)

http://castlecops.com/forum67.html

or

http://www.spywareinfo.com/forums/

There are the experts and they will tell you what to do.

Good Luck!

Collapse -
I Found It
by Jradamsinc / January 4, 2005 10:04 PM PST
In reply to: No HJT logs here - but

Thanks Marianna,
I'm still waiting to hear back from the forum as to what to click off in my Highjack This.I did however, find this little ******. All my Spy Sweepers, Adaware and Spybot seemed to find it in one form or another but the kicker is it was hiding in my Norton Firewall!
I clicked it off in task manager and it popped back up SYMPROXY....when I disconnected from the net I was able to control it. Thanks for all your help.

Collapse -
Interesting......
by Marianna Schmudlach / January 4, 2005 11:54 PM PST
In reply to: I Found It

you are NOT alone - look at Google

Do you have a link to your post in the HJT forum??

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!