Sign in with
Sign up | Sign in
Your question

Trojan Horse

Tags:
  • Trojan
  • Antivirus
  • Software
  • Windows
Last response: in Windows 2000/NT
Share
Anonymous
September 27, 2004 8:18:36 PM

Archived from groups: microsoft.public.win2000.security (More info?)

My AVG antivirus software has detected a "trojan horse
IRC/BackDoor.SdBot.51.0" located in
C:\WINNT|system32|dllmanger.exe
It can detect it but will not quarantine or heal it.
My antivirus software is up to date. It keeps identifying
the virus and throwing up warnings that i can't cancel
short of disabling the avg program.
Anyone advise?

Thanks

More about : trojan horse

Anonymous
September 28, 2004 5:58:40 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Try emailing AVG for specific info on how to remove it. Many times a special
tool is needed. You might also try the free Sysclean from Trend Micro as
shown in the links below. Download Sysclean and the pattern file into the
same folder to execute from. It is a detection and removal tool for many
common malwares. --- Steve

http://www.trendmicro.com/download/dcs.asp
http://www.trendmicro.com/download/pattern.asp
http://www.microsoft.com/athome/security/protect/defaul... -- Microsoft
Security basics.


"Tim R" <anonymous@discussions.microsoft.com> wrote in message
news:03cd01c4a4e8$50bbcf30$a601280a@phx.gbl...
> My AVG antivirus software has detected a "trojan horse
> IRC/BackDoor.SdBot.51.0" located in
> C:\WINNT|system32|dllmanger.exe
> It can detect it but will not quarantine or heal it.
> My antivirus software is up to date. It keeps identifying
> the virus and throwing up warnings that i can't cancel
> short of disabling the avg program.
> Anyone advise?
>
> Thanks
>
>
September 28, 2004 6:33:01 PM

Archived from groups: microsoft.public.win2000.security (More info?)

An "IRC" trojan does exactly what it says on the tin, uses an IRC client to
connect to an IRC server where it can receive commands. AVG may not be able
to quarantine or heal the file if the IRC client is currently running.

Try restarting your machine in safe mode and make sure that dllmanager.exe
is not running, kill it if it is. Run a full virus scan again and see if
that makes a difference.

If that doesn't help look on the Grisoft site for a specific removal tool
for SdBot. If there's not one there then try Google.

AndyMac.


"Tim R" <anonymous@discussions.microsoft.com> wrote in message
news:03cd01c4a4e8$50bbcf30$a601280a@phx.gbl...
> My AVG antivirus software has detected a "trojan horse
> IRC/BackDoor.SdBot.51.0" located in
> C:\WINNT|system32|dllmanger.exe
> It can detect it but will not quarantine or heal it.
> My antivirus software is up to date. It keeps identifying
> the virus and throwing up warnings that i can't cancel
> short of disabling the avg program.
> Anyone advise?
>
> Thanks
>
>
!