Re: BACKDOOR.SDBOOT - Virus

From: Br0wnbear (brownbearat_at_canadadotcom.com)
Date: 09/29/04

Next message: Lanwench [MVP - Exchange]: "Re: Help DNS cache poisoning"
Previous message: Mike H: "Re: Help me, W32.Spybot. Worm"
In reply to: Dan: "RE: BACKDOOR.SDBOOT - Virus"
Next in thread: Dan: "Re: BACKDOOR.SDBOOT - Virus"
Reply: Dan: "Re: BACKDOOR.SDBOOT - Virus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 29 Sep 2004 11:35:10 -0400

On Wed, 29 Sep 2004 06:46:30 -0700, "Dan"
<anonymous@discussions.microsoft.com> wrote:

>Thanks, I have tried this, but I cannot delete and bacup
>the registry?!?
>
>Thanks,
>
>Dan
>>-----Original Message-----
>>good info on it here, hope it helps.
>>http://securityresponse.symantec.com/avcenter/venc/data/ba
>ckdoor.sdbot.html
>>
>>"Dan" wrote:
>>
>>> Hi:
>>>
>>> Any idea how to get rid of this...the infected file is
>>> svcnxp32.exe. I cannot delete this file?
>>>
>>> Any help is appreciated.
>>>
>>> Thanks,
>>>
>>> Dan

Dan
Try start -> Run -> MSConfig -> Startup Folder

Disable the service that is running at Start up.
Restart the machine in safe mode.
You should be able to delete then.
hth
John Brown
Bears are always happy, we get to hibern8

Next message: Lanwench [MVP - Exchange]: "Re: Help DNS cache poisoning"
Previous message: Mike H: "Re: Help me, W32.Spybot. Worm"
In reply to: Dan: "RE: BACKDOOR.SDBOOT - Virus"
Next in thread: Dan: "Re: BACKDOOR.SDBOOT - Virus"
Reply: Dan: "Re: BACKDOOR.SDBOOT - Virus"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: 890830 MSRT keeps wanting to download
... If you already saved the update on the disk, run the computer in safe mode ... restart your computer, open the Windows Update site and run an update check. ... I have just had a prompt to download updates and guess what it ... The registry key, where versions of MSRT are stored, is probably ...
(microsoft.public.windowsupdate)
Cant login - Deleted winlogon references in registry
... registry. ... When I now restart my (XP Professional running a Toshiba ... I have tried safe mode, safe mode with command prompt etc, ...
(microsoft.public.windowsxp.security_admin)
Re: VBS.GAGGLE.D
... To restart the computer in Safe mode or end the malicious process ... instructions, read the document, "How to start the computer in Safe Mode." ... Symantec strongly recommends that you back up the registry ...
(microsoft.public.scripting.virus.discussion)
Re: explorer system32 folder at startup
... Presuming that you logged in as the Administrator in Safe Mode. ... If you're using the Starter program I mentioned, ... Registry => Current User and uncheck everything in there. ... Restart ...
(microsoft.public.windowsxp.help_and_support)
Re: Windows Start Menu
... Took my life in my hands and gave CCLeaner a go specifically the Registry Cleaner. ... I should mention I no longer try and use Trend Micro Housecalls - it has lousy communication screens and I found that it was telling me it was going through phases, but leaving it alone for some 30 minutes I got the message it was in a loop. ... So I switched to IE, which I don't normally use and there was a prompt to download Google Chrome, which I did. ... I tried Safe Mode but without selecting 'Safe Mode with Networking' I couldn't e-mail or browse. ...
(comp.lang.cobol)