Re: Need Help:trojan horse backdoor virus

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Kelly (kelly_at_mvps.org)
Date: 01/28/05

• Next message: Michael Stevens: "Re: Creation of WinXP boot cd on Blank?"
• Previous message: Michael Stevens: "Re: uninstalling and reinstalling XP Home"
• In reply to: anelkapal: "Need Help:trojan horse backdoor virus"
• Messages sorted by: [ date ] [ thread ]

---

Date: Fri, 28 Jan 2005 01:04:03 -0600

Hi,

In addition to Rick's expert advice......

This is generally accompanied by having your IE search engine hijacked with
a .TV extension. More info here: You are needing to rid of this from your
System32 folder:
http://www.faqfarm.com/Computer/Virus/Backdoor/41846

Added note, most users claim that AVG rectifies the issue quickly. Either
way and in the meantime, run this combo and hope all goes well. If not,
feel free to repost:

Remove Backdoor.agent.ba when detected

1. use Notepad to see the file where regular explorer fails to see it.

2. remember to select view all file types

3. once you see the file in the open menu drag it to desktop

4. rename file to whatever (I renamed the infected file to "a" with no file
extension)

5. reboot in to Safe mode with dos prompt

6. delete file (del c:\...\a)

Run Ad-Aware SE, Spybot and HijackThis:
http://www.majorgeeks.com/downloads31.html

Note: Update each program, once installed, before running.

Free Online Virus Scan
http://housecall.trendmicro.com/housecall/start_corp.asp

-- 
All the Best,
Kelly (MS-MVP)
Troubleshooting Windows XP
http://www.kellys-korner-xp.com
"anelkapal" <anelkapal@discussions.microsoft.com> wrote in message 
news:A05DB1EB-BDE1-4500-A1AA-352B13B13B97@microsoft.com...
> For a few days I 've had this virus in My computer that won't go. I've 
> tried
> using McAfee vius scan and even Spyware Doctor to no avail. The message 
> reads:
>
> Trojan horse BackDoor.Agent.BA is found in file
> C:\windows\system32\logg.dll
>
> How do I ake it go?
>
> Yann. 

---

• Next message: Michael Stevens: "Re: Creation of WinXP boot cd on Blank?"
• Previous message: Michael Stevens: "Re: uninstalling and reinstalling XP Home"
• In reply to: anelkapal: "Need Help:trojan horse backdoor virus"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: Email programs that work. ... What am I missing? ... most, that this shouldn't be an extension, but should be a basic function ... this without needing an extension. ... (Debian-User) Re: Email programs that work. ... I have followed the request for this feature on Bugzilla. ... most, that this shouldn't be an extension, but should be a basic function ... I wonder why the developers are so reluctant to include ... this without needing an extension. ... (Debian-User) TIP #86 (was Re: Debug API in the core?) ... way to use and test them from Tcl, without needing a debugger ... Note that any script-level hooks might need an extension anyway. ... (comp.lang.tcl) Re: Email programs that work. ... most, that this shouldn't be an extension, but should be a basic function ... this without needing an extension. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ... (Debian-User) RE: movie clips ... If you want to try renaming first make sure that you can see the extension. ... In windows explorer click Tools>Folder options> View and untick "Hide known ... windows explorer to create a copy of it then right click -> rename file. ... MOS Master Instructor ... (microsoft.public.powerpoint)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > WinXP  > microsoft.public.windowsxp.general  > 2005-02