Remove HAXDOOR VIRUS | ERROR CODE: 0x0000008e
How to Remove HAXDOOR VIRUS | ERROR CODE: 0x0000008e
Tech Advise:1
Please follow the below steps to Fix the problem.
Caution : Incorrect Registry Editing can cause serious problems. Please be careful while editing registry or contact our supoprt team to fix it remotley
Tech Advise 2
Delete drct16 & draw32
↣ Click Start Menu >> Click Run & type regedit & then click OK.
↣ Locate the following registry subkey:
↣ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
↣ Locate & delete the registry sub key which refers to “drct16” or “draw32”.
↣ For example, you may see entries that are similar to the following:
↣ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\drct16
↣ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\draw32
Step 2
↣ When the computer restarts, click Start, click Run, type regedit, and then click OK.
↣ Locate and delete the following registry subkeys and any entries that may be present under each subkey. If any registry subkeys from Browse To The following Registry Sub Key and delete them
↣ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16
↣ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdnt32
↣ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow
↣ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\memlow
↣ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16
↣ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdnt32
↣ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow
↣ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\memlow
↣ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ENUM\ROOT\LEGACY_VDMT16
↣ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ENUM\ROOT\LEGACY_VDNT32
↣ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ENUM\ROOT\LEGACY_WINLOW
↣ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ENUM\ROOT\LEGACY_MEMLOW
↣ Locate and delete any entries that contain the Mszx23.exe file name under the following registry subkeys:
↣ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
↣ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
↣ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
↣ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
↣ Quit Registry Editor.
Step 3
↣ Update Your Antiviurs program and then run a full scan
CAUSE:
↣ This problem may occur if the computer is infected with a variant of the HaxDoor virus.
↣ A hidden process is created by “The HaxDoor virus” The virus can also restore the files if deleted
↣ The virus creates hidden files and its sub keys in the registry. Generally by the name Mszx23.exe,Vdmt16.sys or Vdnt32.sysl.
The following malware has been identified by antivirus vendors.
↣ Collapse this tableExpand this table
↣ Symantec: Backdoor.Haxdoor.D
↣ Trend Micro: BKDR_HAXDOOR.BC, BKDR_HAXDOOR.BN, BKDR_HAXDOOR.BA, BKDR_HAXDOOR.AL
↣ PandaLabs: HAXDOOR.AW
↣ F-Secure: Backdoor.Win32.Haxdoor, Backdoor.Win32.Haxdoor.al
↣ Sophos: Troj/Haxdoor-AF, Troj/Haxdoor-CN, Troj/Haxdoor-AE
↣ Kaspersky Lab: Backdoor.Win32.Haxdoor.bg
↣ McAfee: BackDoor-BAC