New Haxdoor virus? Help please!

Discussion in 'Malware Help (A Specialist Will Reply)' started by LittleBill, Jan 22, 2005.

  1. LittleBill

    LittleBill Private E-2

    Running AOL 9.0 Optimized on Windows XP Professional

    I've looked all over the internet for info on this particular Haxdoor virus. I ran AVG and it showed the virus name as Backdoor.Haxdoor.3.g. but it could not remove it. I've found info on how to remove other strains of the Haxdoor virus by deleting certain files and registry entries, and I deleted the files that were listed but some of them were not present on my computer and some of the registry entries weren't either. There are some files on my computer that I think might be associated with the virus but I'm not sure and don't want to delete them without knowing. I haven't gotten the blue screen of death like I had been getting before, but my cursor still kinda blinks and does weird stuff. I accidentally found a temporary way around this by pressing cntrl-alt-del and opening the task manager box. For some reason the cursor quits acting crazy after that, until I reboot. I'm guessing that parts of the Haxdoor virus are still on here. Is there any way to find out for sure which files to delete and which registry entries to delete? I'm getting very frustrated with this and I'm thinking seriously about reformatting the hd and reinstalling XP, but I'd hate to do that.

    One more thing I forgot. The last time I ran netstat, it showed 6 listings. At times there are a few more. At one point yesterday, there were about 15 listings. How can I tell which of these are supposed to be there and which are not, besides the obvious one that made reference to AOL in the address? Any help on this would be greatly, and I mean GREATLY, appreciated.
     
    LittleBill, Jan 22, 2005
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I think you should run thru our standard procedure given below and let's see what we find out.

    First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal
    If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

    NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.


    After doing ALL of the above if you still have a problem:

    Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

    Now post a HijackThis log as an attachment to your message (Do not post the log inline). All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

    To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT
     
    chaslang, Jan 22, 2005
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds