backdoor.sdbot

anyone tell me how to get rid of this virus please, :cry:

Hi,

what WIN do you have ?
Where exactly was the infected File found (full pathname and filename) ?

test the file with OnlineScanners e.g. from TrendMicro & Kaspersky to get a more specific name

-remove the Virus/Malware and it’s system modifications according to VirusInfos from Avast, VGREP (see below), TrendMicro or Kaspersky;

general removal procedure:

  • kill respective Backdoor/Trojan process with task manager
  • search for the file/process names in the registry; remove the malware’s startup entries in the registry
  • delete the file (maybe only possible after a reboot)

-Secure your system (change passwords, secure shares, install patches/updates for WIN, IE etc…)
-scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro to check whether your PC is clean :wink:

P.S.: Links to Info and removal procedure on “Backdoor-sdbot”:

If found by Avast:
VGREP1

if found by Norton:
VGREP2

im running winXP(naughty version)
the file that seems to be infected is C\WINDOWS\SYSTEM32\system32.exe im not very clever with computers so your comments didnt realy mean a lot to me i am at the moment trying an online scan.thanks for trying to help me out.

Hi,
I forgot:
you need to temporarily disable AV-Resident Shields/Monitors to be able to scan the file online

was the virusname correct ?
Found by avast or Norton ?
AV is uptodate ?

2 more Links:

http://securityresponse.symantec.com/avcenter/venc/data/w32.kwbot.f.worm.html

http://securityresponse.symantec.com/avcenter/venc/data/backdoor.sdbot.html

online scan found 1 virus but didnt remove it,AVAST reported no virus, NORTON reported original,it only affects my computer when i go online

Hi,

it would be real helpful if you could give some more details :wink:

Onlineproblems:

reread Info an blaster/lovsan in your other posting :wink: