I figure you’re getting pretty frustrated by now. I‘m just trying to make sure all traces of the Backdoor.Haxdoor are gone. I’m glad you’re sticking with this as Haxdoor is not something you want to ignore.
Once again run a TrendMicro Scan. This seems to be the only one detecting something although hopefully this time it won’t. Because Ewido reported C:\Program Files\AVPersonal\INFECTED\A0095715.EXE.VIR -> Backdoor.Haxdoor.cn : Cleaned with backup
- I’m hoping Ewido removed the file from that directory and that’s why when you tried to delete it manually – it wasn’t there.
If it does find something - post all information it gives you.
If TrendMicro reports it’s still detecting Backdoor.Haxdoor, do the following:
Download the free MWAV antivirus tool from here: ftp://ftp.microworldsystems.com/download/tools/mwav.exeSave
it to the desktop and run it.
Follow the prompts to scan your system for viruses.
Then please post for me the log of infected files from the BOTTOM panel of the scan window.
A definition I found for Active X – “A technology developed by Microsoft for sharing information among different applications, ActiveX supports new features that enable it to take advantage of the Internet. For example, an ActiveX control can be automatically downloaded and executed by a Web browser. ActiveX is not a programming language, but rather a set of rules for how applications should share information. It allows you to create cross-platform, language-independent controls”.
At one time you had the ability to download Active X controls. I say this because your HijackThis log shows 3 (legit ones) are present on your system. If your security settings for the Internet zone are set at Medium (which is the default) you should see a warning pop up (under the address bar) on the Internet Explorer page saying “To help protect your security, Internet Explorer has restricted this file from showing active content that could access your computer. Click here for options”
. At this point you should click in the warning bar and then select ‘Allow Blocked Content
’ (Note: only do this if you know the application is legit such as Panda ActiveScan). At this point the Active X control will be downloaded to your system.
When you tried the use the Panda Active scan – Did you see what I mentioned above? If not, how were you notified that you don’t have active X controls?