Re: Trojan Horse

• Previous message: Laura E. Hunter \(MVP\): "Re: W2000 PROF insallation"
• In reply to: Tim R: "Trojan Horse"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 28 Sep 2004 14:33:01 +0100

An "IRC" trojan does exactly what it says on the tin, uses an IRC client to
connect to an IRC server where it can receive commands. AVG may not be able
to quarantine or heal the file if the IRC client is currently running.

Try restarting your machine in safe mode and make sure that dllmanager.exe
is not running, kill it if it is. Run a full virus scan again and see if
that makes a difference.

If that doesn't help look on the Grisoft site for a specific removal tool
for SdBot. If there's not one there then try Google.

AndyMac.

"Tim R" <anonymous@discussions.microsoft.com> wrote in message
news:03cd01c4a4e8$50bbcf30$a601280a@phx.gbl...
> My AVG antivirus software has detected a "trojan horse
> IRC/BackDoor.SdBot.51.0" located in
> C:\WINNT|system32|dllmanger.exe
> It can detect it but will not quarantine or heal it.
> My antivirus software is up to date. It keeps identifying
> the virus and throwing up warnings that i can't cancel
> short of disabling the avg program.
> Anyone advise?
>
> Thanks
>
>

• Previous message: Laura E. Hunter \(MVP\): "Re: W2000 PROF insallation"
• In reply to: Tim R: "Trojan Horse"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]