Backdoor- Win32/Poisonivy.gen!A Trojan detected by McAfee

[Joel5]

I am using a Asus Eee PC 1001HA laptop at my place. I usually use it to work on my academic project and thus many times I have to plug my pen drive to store required data. But this has lead to a Backdoor: Win32/Poisonivy.gen!A Trojan on my laptop. The Trojan has already deactivated my McAfee anti-virus when McAfee detected it. Help me to remove this Trojan.

[KAMANA]

As in your description you have stated that McAfee anti-virus is disabled by the trojan then I would suggest you to uninstall McAfee anti-virus from your computer system. If you are unable to uninstall it then use the Control Panel to uninstall the anti-virus from Add/Remove Programs. Use some other Anti-virus like AVG, Avast, Norton and such. Before installing any new anti virus make sure that it is updated.

[Snake08]

The Win32/Poisonivy.gen!A Trojan derives from the Family of Win32/Poisonivy trojans which carry a backdoor within them to allow the attacker to gain remote access of your machine. To be successful in getting the remote access of your machine the trojan infects some of the system processes to be hidden away by the anti-virus scan.

[Steve123]

The Backdoor- Win32/Poisonivy.gen!A is also detected as Mal/Behav-204 trojan. This backdoor trojan is also recorded by Microsoft as a Severe threat due to the potential of backdoor access. The trojan makes use of its backdoor to connect to the remote server using the services of the TCP. After the connection is established the trojan sends user data to the hacker on a remote computer. This backdoor trojan is also known to connect to:

• pop11.hopto.org
• heike.kicks-ass.org

[KALLIYAN]

The trojan was successful in loading to your system because most likely your Windows Firewall was disabled. Thus you need to first enable your Windows Firewall. Install a new reliable anti virus and boot your computer to Safe Mode. Use the Safe Mode to scan your computer for the trojan and delete it.