Trojan Horse
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.security (More info?)
My AVG antivirus software has detected a "trojan horse
IRC/BackDoor.SdBot.51.0" located in
C:\WINNT|system32|dllmanger.exe
It can detect it but will not quarantine or heal it.
My antivirus software is up to date. It keeps identifying
the virus and throwing up warnings that i can't cancel
short of disabling the avg program.
Anyone advise?
Thanks
My AVG antivirus software has detected a "trojan horse
IRC/BackDoor.SdBot.51.0" located in
C:\WINNT|system32|dllmanger.exe
It can detect it but will not quarantine or heal it.
My antivirus software is up to date. It keeps identifying
the virus and throwing up warnings that i can't cancel
short of disabling the avg program.
Anyone advise?
Thanks
More about : trojan horse
Archived from groups: microsoft.public.win2000.security (More info?)
Try emailing AVG for specific info on how to remove it. Many times a special
tool is needed. You might also try the free Sysclean from Trend Micro as
shown in the links below. Download Sysclean and the pattern file into the
same folder to execute from. It is a detection and removal tool for many
common malwares. --- Steve
http://www.trendmicro.com/download/dcs.asp
http://www.trendmicro.com/download/pattern.asp
http://www.microsoft.com/athome/security/protect/defaul... -- Microsoft
Security basics.
"Tim R" <anonymous@discussions.microsoft.com> wrote in message
news:03cd01c4a4e8$50bbcf30$a601280a@phx.gbl...
> My AVG antivirus software has detected a "trojan horse
> IRC/BackDoor.SdBot.51.0" located in
> C:\WINNT|system32|dllmanger.exe
> It can detect it but will not quarantine or heal it.
> My antivirus software is up to date. It keeps identifying
> the virus and throwing up warnings that i can't cancel
> short of disabling the avg program.
> Anyone advise?
>
> Thanks
>
>
Try emailing AVG for specific info on how to remove it. Many times a special
tool is needed. You might also try the free Sysclean from Trend Micro as
shown in the links below. Download Sysclean and the pattern file into the
same folder to execute from. It is a detection and removal tool for many
common malwares. --- Steve
http://www.trendmicro.com/download/dcs.asp
http://www.trendmicro.com/download/pattern.asp
http://www.microsoft.com/athome/security/protect/defaul... -- Microsoft
Security basics.
"Tim R" <anonymous@discussions.microsoft.com> wrote in message
news:03cd01c4a4e8$50bbcf30$a601280a@phx.gbl...
> My AVG antivirus software has detected a "trojan horse
> IRC/BackDoor.SdBot.51.0" located in
> C:\WINNT|system32|dllmanger.exe
> It can detect it but will not quarantine or heal it.
> My antivirus software is up to date. It keeps identifying
> the virus and throwing up warnings that i can't cancel
> short of disabling the avg program.
> Anyone advise?
>
> Thanks
>
>
Archived from groups: microsoft.public.win2000.security (More info?)
An "IRC" trojan does exactly what it says on the tin, uses an IRC client to
connect to an IRC server where it can receive commands. AVG may not be able
to quarantine or heal the file if the IRC client is currently running.
Try restarting your machine in safe mode and make sure that dllmanager.exe
is not running, kill it if it is. Run a full virus scan again and see if
that makes a difference.
If that doesn't help look on the Grisoft site for a specific removal tool
for SdBot. If there's not one there then try Google.
AndyMac.
"Tim R" <anonymous@discussions.microsoft.com> wrote in message
news:03cd01c4a4e8$50bbcf30$a601280a@phx.gbl...
> My AVG antivirus software has detected a "trojan horse
> IRC/BackDoor.SdBot.51.0" located in
> C:\WINNT|system32|dllmanger.exe
> It can detect it but will not quarantine or heal it.
> My antivirus software is up to date. It keeps identifying
> the virus and throwing up warnings that i can't cancel
> short of disabling the avg program.
> Anyone advise?
>
> Thanks
>
>
An "IRC" trojan does exactly what it says on the tin, uses an IRC client to
connect to an IRC server where it can receive commands. AVG may not be able
to quarantine or heal the file if the IRC client is currently running.
Try restarting your machine in safe mode and make sure that dllmanager.exe
is not running, kill it if it is. Run a full virus scan again and see if
that makes a difference.
If that doesn't help look on the Grisoft site for a specific removal tool
for SdBot. If there's not one there then try Google.
AndyMac.
"Tim R" <anonymous@discussions.microsoft.com> wrote in message
news:03cd01c4a4e8$50bbcf30$a601280a@phx.gbl...
> My AVG antivirus software has detected a "trojan horse
> IRC/BackDoor.SdBot.51.0" located in
> C:\WINNT|system32|dllmanger.exe
> It can detect it but will not quarantine or heal it.
> My antivirus software is up to date. It keeps identifying
> the virus and throwing up warnings that i can't cancel
> short of disabling the avg program.
> Anyone advise?
>
> Thanks
>
>
Related ressources:
- ForumTrojan Horse Infection Found... Please Help
- ForumTrojan horse problem
- ForumWhat is Trojan horse Generic 18 LQN?
- ForumNothing on Windows XP desktop showing trojan horse virus
- ForumWhat is Trojan horse Generic 18 BALF?
- ForumTrojan horse agent2 apth
- ForumTrojan Horse
- ForumCPU-Z Detected with Trojan horse ?
- ForumTrojan Horse Collected AF preoblem please help remove
- ForumNetbus Trojan horse
- ForumAMS491.data viewed as a trojan horse
- ForumTROJAN HORSE VIRUS INFECTED EMBEDDED OBJECT
- ForumTrojan horse in WindowsSystem32 file
- ForumTrojan Horse TR/Aximiles B
- Forumnetspy trojan horse
- ForumLSA Shell & Infected, embedded Trojan horse Dropper.Agent...
- ForumParallel and com ports not appearing in device manager
- ForumMy system may have a virus, worm, trojan
- ForumTrojan horse Downloader.Agent.2.F
- ForumSuspected trojan on my computer
- More resources
!
