Win32:Codbot-J [Trj]--any help?

windows xp pro, version 2002, service pack 2

avast! version 4.6 home edition
vps file version 0526-4 (updated 7.01.05, 7:14 a.m.)

intel celeron processor 367 MHz, 192 MB of RAM

ZoneAlarm version:5.5.094.000
TrueVector version:5.5.094.000
Driver version:5.5.094.000

earthlink total access

hello,

when i woke up about an hour ago, and started to get online, avast! told me a trojan horse was found:

C:\WINDOWS\system32\dhcpclient.exe

Win32:Codbot-J [Trj]

Trojan Horse

0526-4, 07/01/2005

when i tried (as recommended) to move it to the chest, i was told this:

“the process cannot access the file because it is being used by another process”
"cannot process ‘c\windows\system32\dhcpclient.exe’ "

i have just noticed that my avast! ON-Access Scanner (7 provider(s) total), usually had 6 running, but now shows only 4 to be running…

can you help?

thanks in advance,

peace,

troy

p.s. perhaps it will help to let you know that my computer was on all night, with the phone cord plugged in, but not connected to the internet…

zonealarm firewall and avast! are set to enable upon startup, so they were running all night as well…

Hi imtroymcclure,

You have contracted a backdoor Trojan. Through a backdoor they can do with your machine as others with legit LAN’s. You can scan for other systems from your machine, get bot version info, quit, get system information, list and kill processes and threads, download files using HTTP, and start a socks proxy to hide the ip etc. of the attacker. You have to unplug from the internet and get in safe mode to do a boot up scan, also see what I wrote in this forum on scanning in system mode. Go also to this forum link: http://forum.avast.com/index.php?topic=14678.from1120255928;topicseen#msg124123
there they are battling the same backdoor.

greets,

polonus