How to remove BackDoor-ABF virus

[DeMario]

Hi every, I am facing problem with an virus in my pc. I am getting a popup of BackDoor-ABF virus infection on my computer. And I am not able to figure out how to clean this. This malware slowly gaining full control over the system. It is restricting me to open a numbers of application. Some applications that I use commonly like IE is taking long time to open. My system is getting more and more slower. I want some help here to resolve this problem.

[Milton.J]

This virus connects to the IP Address “91.211. [Removed].76 via a remote port 8000” and downloads the given files:

• %USERPROFILE%\Local Settings\Temp\3.tmp [Detected as TDSS.a]
• %USERPROFILE%\Local Settings\Temp\Nz0.exe
• %USERPROFILE%\Local Settings\Temp\Nzz.exe
  
• %USERPROFILE%\Administrator\RerZNy.bat
• %USERPROFILE%\Administrator\SpyoYs.exe
  
• %WINDOWS%\system32\sshnas21.dll

Try to delete the files from the above location and test back.

[Steve123]

The given registry keys are inserted to the system:

• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Providers\tdl
• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSHNAS
• HKEY_CURRENT_USER\S-1-(Varies)\Software\TOY5KNQ8OC
• HKEY_CURRENT_USER\S-1-(Varies)\Software\XML

[Big Fish]

You have to use a standard anti virus software program to remove your system virus. There are to many anti virus application that you can test out. You can test the same through downloading a trail antivirus like one from Norton. A internet security package will resolve the issue I think. Just remove the existing antivirus and scan with this one and then test back. I am quiet sure that will resolve the problem.

[srp204]

here is what I did go to safe mode F8and select command prompt
Once system is up and you are at command prompt type regedit
when regedit comes up -go to edit and click find in the space type abf.exe
Everytime it comes up with the afb.exe delete it don't be surprised to find there are up to 20 of these commands
just keep find afb.exe and deleting until the editor tells you there are no more afb.exe commands
Then just restart the computer and run a malwarebytes to clean up the system
Note you can not get to regedit with just safe mode it has to be safe mode command prompt
even if you go to task manager and end the afb.exe command the next double click will start it again you have to start the system at command prompt to bypass the afb cycle.