Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan horse backdoor.generic threat, please how do i remove it?


  • Please log in to reply
1 reply to this topic

#1 amk87

amk87

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:58 PM

Posted 16 April 2013 - 04:31 PM

Hi,

 

My laptop has come up with a "resident shield alert" telling me a threat has been detected.

 

I can load the image on here for some reason but it says

 

File name: C:\Windows\Sky Tel.exe

Threat name: Trojan horse BackDoor.Generic16.CMTG

                       Detected on open.

 

Remove threat as Power User

 

It then offers 3 options;

  • heal
  • move to vault
  • ignore

 

I'm not sure if it is even valid? When I press heal, It tells me it cant be healed. If I ask it to move it to the vault (not sure what that is!) it warns me that this can cause system unstability or crash!

 

I have windows vista and my laptop is an advent 8115 and very old! I think 6 years now, but it has served me well.

 

If anyone can help me remove this threat I'd really appreciate it, I don't want to lose all my history

 

Thanks

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:58 PM

Posted 16 April 2013 - 08:17 PM

Hello, what tool is saying this?

SkyTel.exe related to the Realtek Voice Manager used by some of their audio chipsets.
 
The proper location is   C:\Windows\System32\Sky Tel.exe
Yours appears to be a malware location.

Move it to the vault (not sure what that is!). This is the Quarantine:it attempts to move the file to a safe location that is managed by the antivirus software.It moves the file to safe storage under control of the antivirus program - so it can't harm your system - but it's there in case a mistake was made and you need to restore that file.

 
I feel it is important you know this... One or more of the identified infections is a backdoor trojan. This allows hackers to remotely control your computer, steal critical system information and download and execute files. I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation. Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? When Should I Format, How Should I Reinstall We can still clean this machine but I can't guarantee that it will be 100% secure afterwards.

Let me know what you decide to do.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users