Trojan Horse

T

Tim R

My AVG antivirus software has detected a "trojan horse
IRC/BackDoor.SdBot.51.0" located in
C:\WINNT|system32|dllmanger.exe
It can detect it but will not quarantine or heal it.
My antivirus software is up to date. It keeps identifying
the virus and throwing up warnings that i can't cancel
short of disabling the avg program.
Anyone advise?

Thanks
 
S

Steven L Umbach

Try emailing AVG for specific info on how to remove it. Many times a special
tool is needed. You might also try the free Sysclean from Trend Micro as
shown in the links below. Download Sysclean and the pattern file into the
same folder to execute from. It is a detection and removal tool for many
common malwares. --- Steve

http://www.trendmicro.com/download/dcs.asp
http://www.trendmicro.com/download/pattern.asp
http://www.microsoft.com/athome/security/protect/default.aspx -- Microsoft
Security basics.
 
A

AndyMac

An "IRC" trojan does exactly what it says on the tin, uses an IRC client to
connect to an IRC server where it can receive commands. AVG may not be able
to quarantine or heal the file if the IRC client is currently running.

Try restarting your machine in safe mode and make sure that dllmanager.exe
is not running, kill it if it is. Run a full virus scan again and see if
that makes a difference.

If that doesn't help look on the Grisoft site for a specific removal tool
for SdBot. If there's not one there then try Google.

AndyMac.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top