Cadmus Posted December 21, 2007 Share Posted December 21, 2007 Hi all, I know this doesn't pertain to the common discussion at all, but I'm not sure where to turn and this forum has been very helpful in the past. Last night my computer got a backdoor.graybird virus, and my Symantic scan that found it can't do anything to delete it because access is denied. Does anyone know about this virus, and how to get rid of it? The main problem is that something, I have no idea what, is causing the computer to run at excruciatingly slow speeds. Many programs simply will not open. Task Manager takes up 95% of the CPU usage, and when I try to open a program, it lists that program as taking up 95% usage but it never opens (or finally opens 20 minutes later, then doesn't respond). Again sorry this is far off topic, but Google searches only yielded information regarding Symantic deleting the file, but that doesn't seem to apply here. If anyone could help I'd greatly appreciate it. Happy Holidays... Quote Link to comment Share on other sites More sharing options...
djpretzel Posted December 21, 2007 Share Posted December 21, 2007 http://www.spywaredb.com/remove-backdoor-graybird/ Manual removal, or else you'll need a different tool, as Symantec doesn't seem to handle it... Also, move to tech help forum. Quote Link to comment Share on other sites More sharing options...
Cadmus Posted December 21, 2007 Author Share Posted December 21, 2007 Thanks, and yes thanks for the move too I wasn't sure where was appropriate. I'll try those instructions and see what happens... edit: what if none of those processes exist? I'm assuming to look for them in the Task Manager, but everything looks normal and none of those are present... Quote Link to comment Share on other sites More sharing options...
Katsurugi Posted December 21, 2007 Share Posted December 21, 2007 You are looking under processes and not applications, right? If you can't find it, then I would suggest that you restart Windows in safe mode and then run Symantec. Once it finds it there, then it should be able to remove it (if the reason before was because it was labeled as some process it couldn't kill). Hopefully, that'll do the trick. Google search around to find any variants of the trojan and I think you should be okay. Other freeware/shareware applications could be available to you as well. I know that Symantec does make some apps that are specialized in removing a particular virus if it's malicious enough. Quote Link to comment Share on other sites More sharing options...
Pyrion Posted December 22, 2007 Share Posted December 22, 2007 I know that Symantec does make some apps that are specialized in removing a particular virus if it's malicious enough. Graybird isn't. Graybird's also been around for quite a long time. This is all Symantec has on it (that's useful, anyway). Quote Link to comment Share on other sites More sharing options...
Cadmus Posted December 22, 2007 Author Share Posted December 22, 2007 Thanks for the info and help all. However, the computer is still being very sketchy. Through a painfully long process I successfully ran a full system scan with Adaware and one with Trend. Neither of them found the virus, which leads me to think that this may be a false positive...but something is still REALLY bugging my machine and making it crawl. So I restarted in safe mode, but something is blocking me from logging in. I've triple checked the log in name and password, but it keeps coming up saying invalid and won't let me enter in safe mode. Very strange. At this point I'm unsure what to do besides wipe the disk and start fresh...but I'd prefer not to do that. Any advice on the situation? And is there a way to do a 'lite' disk wipe, that keeps Windows installed? Thanks all. Quote Link to comment Share on other sites More sharing options...
Walrii Posted January 17, 2008 Share Posted January 17, 2008 You really probably are better off with a format/wipe. I looked it up real quick and since it is a trojan you can likely rest at night knowing that someone somewhere is using your computer for nefarious purposes (spam? piracy? child porn? seriously, what do you think zombie computers are used for). Plus, seeings how taskmanager is even acting up it sounds like it has at best just installed lots of spyware and at worst started to infect random executables. That being said, Windows XP (you didn't mention which version you are running) has a "repair" option when you boot with the XP install disk. The repair basically overwrites all important Windows files on your hard drive with fresh copies. It keeps your normal files though in tact (but remember that they MAY be infected with something). I've used it before when something bad happened and for the most part it kind of worked. I had to update Windows until things were okay (it thought that SP2 was installed and it really wasn't). However, I also know people who say they've tried the repair option and it never works on their computer. Your mileage will vary. EDIT: I notice that its no longer detecting the virus. So, maybe that's good? Still, it sounds like your computer could seriously use a wipe. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.