False Alarm - Backdoor.graybird ?

Hi,
Can someone help me with this problem. Yesterday, while surfing the web, my Norton Antivirus suddenly inform me that there is a trojans (Backdoor.graybird) in my system. After that, i do a full scan and it prompt me to close all my Internet Explorer since it detects some "risk". When i checked the file, it stated that IEXPLORE.EXE is infected. If i never open any Internet Explorer, no virus is found. May i know why is it so? Is it a false alarm? However, if i open the Internet Explorer while scanning, it will definitely detect the virus. I have scan the system with ad-aware, spybot and microsoft spyware but no threat is found. Please help me with my problem since i am using my system for online banking etc.

Thank in advance. I have attached a Hijack Log for your reference.

 

Welcome to MajorGeeks.com!

Please follow forum guidelines and perform cleaning steps in the sticky thread before posting HijackThis logs.

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis:

Downloading, Installing, and Running HijackThis

 

Hi,
I have done what is on the Sticky thread - "READ & RUN ME FIRST Before Asking for Support". But no virus or spywares are found.

However, the above problem still exists for me everytime i reboot my system. I have searched the web for solution and some people said that there are some conflict between spysweeper and norton. Can someone pls analyse my Hijack log for any "hidden" bugs? Thank in advance.

 

Post the logs from the requeted by the tutorial.

 

Can you tell me where can i find the log file for the various s/w?

 

HijackThis is in teh HijackThis folder you created per the tutorial, the other 2 logs are were ever you saved them. You did save them?

 

Thanks for your help these few days... I managed to get them solved. Frankly speaking, none of steps in the STICKY THREAD "READ & RUN ME FIRST Before Asking for Support" can enable me to detect the virus. Even the popular Norton can miss it as well. Can't imagine that? Although it can detect a trojan in normal mode, but it cannot find the file which the trojan hide. I have also tried scanning with Adware Pro, Microsoft Antispyware, Spybot. None of them find something unusual. Finally, i managed to get it solved by running Ewido Anti-Malware. Thank for your recommendation. I saw the software in the website. It does helps a lot. The virus is backdoor.graybird.bh. It disguise itself as supportSvc.exe in C:\WINNT and C:\WNNTSYSTEM32. Hope this is useful to anyone who got into the same situation as me.

 

Still post the logs, there are many forms of malware that hide themselves from AV applications. If you had 1 there is a good chance there are others,