Backdoor that I can not remove.

Discussion in 'malware problems & news' started by bahnean006, Aug 1, 2005.

Thread Status:
Not open for further replies.
  1. bahnean006

    bahnean006 Registered Member

    Joined:
    Aug 1, 2005
    Posts:
    4
    Well this is the first time I could not get rid of a virus so this is getting me a little mad but anyways. I'm infected with the backdoor.graybird trojan and I can not get rid of the darn thing so I come here to you kind people to lend me a hand. Heres my hijackthis log for you to gase upon to help me in this stressful situation.


    ~snip - to remove HJT log - snap~


    Thank you so much in advance.
     
    Last edited by a moderator: Aug 1, 2005
  2. FanJ

    FanJ Guest

  3. bahnean006

    bahnean006 Registered Member

    Joined:
    Aug 1, 2005
    Posts:
    4
    yeah I have seen that. None of the files that the say exist on my pc. There three files that my AV finds and they are erver.dll, erver_hook.dll, and I forgot the last but it also contains the word "erver". I have no more ideas on what to do because I'm not the best on this. So please give me an alternative for me helping you to help me.
     
  4. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi bahnean006, and welcome to the forum.

    As FanJ has mentioned, we no longer do unsolicited HJT log review and analysis here at Wilders, so I have removed the log from your post.

    You could first try an on-line scan (preferably two) :
    Housecall.Trendmicro
    Panda
    Kaspersky Lab - Free Online Virus Scanner

    Then try the steps in our General Cleaning Instructions thread to see if you can clean your system.

    If you are still having problems after doing the above, you can post a HijackThis log at one of the following sites that still do HijackThis log review and analysis:

    CastleCops
    Net-Integration
    TomCoyote
    SpywareInfo
    geekstogo
    Gladiator Security Forums

    Please let us know how you make out, or if you have any questions.

    Regards,

    snap
     
  5. bahnean006

    bahnean006 Registered Member

    Joined:
    Aug 1, 2005
    Posts:
    4
    Well guys I got rid of it myself. Thank you very much for the attempt to help guys.
     
  6. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    That's great to hear, bahnean006.

    Can you tell us how you removed it? It could help someone else that might come by this thread with the same problem.

    Regards,

    snap
     
  7. bahnean006

    bahnean006 Registered Member

    Joined:
    Aug 1, 2005
    Posts:
    4
    Well what I did was I found all its registry keys and whatnot and deleted them all and use asviewer to see if there was any others..which there was it was running on startup a file called erver.exe..which of course is no where on my computer..well visualy speeking..so i got that out of my regitry..oh I'm doing this all in safe mode with networking(to use housecalls free virus scan) mind you. Removed three things Erver.dll, erver_hook.dll, and erver.exe(I think). I would suggest not looking for the files i have listed..because you would only be wasting your time, my extensive searches concluded that each file name differs from computer to computer..but this is what I basicly did, So if I help anyone in the future some how with this large run on sentance I will feel quite good for saving the trouble for someone else..

    Good Bye,
    Bahnean006
    aka Danny
     
Loading...
Thread Status:
Not open for further replies.