C: \System Volume Information\_restore{5AEDC462-42BB-B59E-CC161DCC86C3}\PR31\A0004709.exe

Trojan Horse IRC/BackDoor.SdBot.45.AZ


Anybody have an idea what that is? I am using anti virus from grisoft and it tells me that the above mentioned virus is on my pc, but when you run virus scan, it comes up clean. Even tried the online scan from trendmicro. Clean too.
AdAware comes up with nothing new either.....

How good is the XP SP2 Firewall? Good enough to use on its own?

Cheers

Can't help you with the possible Trojan, sorry.

XP's firewall restricts inbound traffic, BUT doesn't stop unauthorised outbound traffic. So if your malware IS a Trojan and starts sending your personal stuff out, like passwords, keystrokes, etc, then XP's firewall will let it.

ZoneAlarm, Outpost and others protect in both directions, so your best bet is to disable XP's firewall and use a good alternative.

AA

I had that a few days ago.I dont know what it is or does but ran Grisoft anti virus and it was corralled in avg vault to keep it from harming other stuff.
AVG still sends messages that its there but new scan fails to find it. to get rid go to accessories and disable restore system points and then reactivate and set up new restore point.
thgis should get rid of the b*gger!!!!

Just after rebuilding FRED (effing ridiculous electronic device) after a HD crash I got zapped by a trojan.
Trojan Horse IRC/Backdoor.SdBot.47.J

It looks like I have finally got rid of the rotten thing after a lot of work.
Now have reinstalled and updated my antivirus software, firewalls, popup killers and cookie munchers.

Once again, this has made me appreciate Apple OS X Panther!

Funny thing, I installed yet another Antivirus and a new firewall. Suddenly I dont get the virus warning anymore.....Is it still there? I get the feeling that its a hoax and that AVG wants me to buy their completet packet. 3 different antiviruses dont find anything and report the system clean.....??!
Incidentally, this was all after I installed my new hard disc! Virtually same day!

BackDoor.SdBot Symantec

Hi 126,7,

As Robontweb has said, that particular virus is safely tucked away in a restore point. By it's very nature a restore point is locked away from any program, in case you need to restore to a previous point in time. The only way to kill off the virus is to switch off System Restore, run your AV and then create a new restore point.

See here for info on how to do this.

Cheers

Liam

126,7,

I am with Liam, you need to switch off System Restore in order to be able to remove the Trojan.

Take Care,

Richard

Tks for the help everyone. I couldn't get rid of it even by switching the system restore off. So I undertook the good old format.

126,7,

A format is not a bad thing. At least your system is clean and fast.

Take Care,

Richard