Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How To Get Rid Of Backdoor.flood?


  • This topic is locked This topic is locked
5 replies to this topic

#1 MickinPlymouthUK

MickinPlymouthUK

  • Members
  • 662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:01 PM

Posted 25 June 2007 - 10:04 AM

Today I clicked on a link in an e-mail saying "You have a greetings card", but instead of it being from some stunning woman as I'd hoped, nothing happened except I got a Virus Alert from my AVG. (sniffle)
I ran two full scans to try to get rid of it but it won't go.
The scan tells me the virus is a "Backdoor.Flood" whatever that means, and that it's sitting in my "C:\Windows\ststem32\script.ini" file.

The test result reads -
0 files healed successfully
1 file error while healing
Threats-1
Healed-0
Moved to virus vault-0
Deleted-0

So what shall I do now? (I'm PC-illiterate, Win XP Home)
Thanks

BC AdBot (Login to Remove)

 


m

#2 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:01 AM

Posted 25 June 2007 - 02:44 PM

Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

--------------------------------------------------------------------------------

Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How To start Windows in Safe Mode
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 MickinPlymouthUK

MickinPlymouthUK
  • Topic Starter

  • Members
  • 662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:01 PM

Posted 25 June 2007 - 03:37 PM

Thanks, but shall I uninstall AVG and AdawareSE Personal before installing Super Antispyware?

#4 buddy215

buddy215

  • BC Advisor
  • 12,605 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:01 AM

Posted 25 June 2007 - 03:54 PM

NO

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 MickinPlymouthUK

MickinPlymouthUK
  • Topic Starter

  • Members
  • 662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:01 PM

Posted 26 June 2007 - 08:07 PM

SuperAntiSpy and Bit Defender didn't get rid of it, so I posted a Hijack this log, what do I do now?

#6 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:08:01 AM

Posted 26 June 2007 - 08:18 PM

MickinPlymouthUK,

Since you have an open HJT log posted in the HijackThis Logs and Analysis forum, you shouldn't make any changes to your system.
Doing so, could change the results of the posted log, making it difficult to properly clean your system.

At this point, the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

I'm closing this topic until you are cleared by the HJT Team.
If, after your log has been cleaned, you still need help, please PM a Moderator and we will re-open this topic.

If you have any questions, don't hesitate to send me a PM.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users