Haxdoor

Discussion in 'Malware Help (A Specialist Will Reply)' started by Kuip, May 26, 2007.

  1. Kuip

    Kuip Private E-2

    First of all, thanks for the great malware removal guide! My PC was very sluggish (CPU load went from nothing to 99% due to the services.exe) and now it seems to work smoothly again. Then why this post?
    I noticed the line "Haxdoor Trojan, pptp form found!" in the Getrunkey-log. I don't think this is supposed to be there, right? And maybe you can find even more malware in the loggings. Could you tell me if I have a problem and how to handle it? Thanks in advance!

    Dave Kuipers
     

    Attached Files:

    Kuip, May 26, 2007
    #1
  2. Kuip

    Kuip Private E-2

    I must have spoken a bit too soon, because this morning my computer was all sluggish again. The CPU load doesn't peak at 100% anymore, but it still moves in the 0-70% range without any tasks running. Because of this cursor response is slow and it is impossible to, for examples, play games. I've got the feeling that the services.exe is causing most of this load...
     
    Kuip, May 27, 2007
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You don't have Haxdoor. You just have a non-english version of Windows. Your log shows this WAN-minipoort which is not Haxdoor. On English versions of Windows, GetRunKey filters out WAN-miniport (with only one lower case 'o' ). Since we don't know all other languages their was no allowance for this kind of spelling. I added it to my filter now! You can download the new version from the link in the READ ME and use it from now on.

    If you want to continue to look for malware, you must attach the other three logs than were requested in the READ ME:
    • CounterSpy
    • BitDefender Online Scan
    • PandaActiveScan
    However are you sure that your CPU load is not due to an antivirus or antispyware program scanning or updating. Also SmartDefrag will use CPU time and I even consider this feature to be something that is not used.
     
    Last edited: May 27, 2007
    chaslang, May 27, 2007
    #3
  4. Kuip

    Kuip Private E-2

    Thanks Chaslang!
    I'm really reassured knowing that I do not have Haxdoor on my PC. As for the sluggishness: my Sony Ericsson PC Suite appeared to be the culprit. After syncing my phone (over bluetooth) the PC stayed slow. I excluded it through msconfig and now it works smoothly again. So no virus or trojan after all!
    By following your cleaning guide, however, my machine is much faster at starting up and feels more responsive.

    Thanks again!
     
    Kuip, May 28, 2007
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Glad we could help

    We don't recommend using MSconfig (as seen in the READ ME) for permanent control of startups. If you don't want to uninstall the software because you need it to run sometimes, use a program like this: Startup CPL

    MSconfig is only meant to be used as a debugging tool.
     
    chaslang, May 28, 2007
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds