|
|
#1
January 12th, 2006, 07:58 AM
|
|||
|
|||
W32/Sdbot.worm.gen.h ???
Hi - I have been getting a recurring worm, the W32/Sdbot.worm.gen.h, which is only detected by the Mcafee online scanner(of the several I use). It shows the infected file name as: E:\WINDOWS\system32\l074.exe But no matter what I do to find it(tracing the folders, search, safe mode, show hidden files, etc..) I come up empty. Can't seem to find it. Any ideas? Many thanks, Deca
|
|
#2
January 12th, 2006, 12:41 PM
|
||||
|
||||
Re: W32/Sdbot.worm.gen.h ???
Won't the McAfee scanner clear the things it finds? If not you could always try Avert Stinger and see if that does the trick:-
http://vil.nai.com/vil/stinger/ It seems odd that only McAfee is finding the file, have you tried KAV:- http://www.kaspersky.com/downloads/kws/kavwebscan.html KAV won't clean it either, but at least it should confirm whether or not you have a problem file. |
|
#3
January 12th, 2006, 02:30 PM
|
|||
|
|||
|
Re: W32/Sdbot.worm.gen.h ???
Hi TopperID, Thank u for ur time & response. The Kaspersky, Symantec, Bit Defender & Trend Micro Online scanners all showed no infections. Of course the goofy Mcafee scanner does not remove the infection...(Hmmm) & The Stinger came up empty as well. Well I guess I should just hope it's one of those benign bugs that don't really do much damage!
 Thanks again! D |
|
#4
January 12th, 2006, 02:56 PM
|
||||
|
||||
|
Re: W32/Sdbot.worm.gen.h ???
If McAfee is the only scanner fingering the file, and you have no symptoms, I would say it could be a false alarm.
There are ways of attempting to delete things when you have the file path but cannot access the file. One example being KillBox:- http://www.majorgeeks.com/download.php?det=4709 You just enter the file path and set it to delete on reboot. But I really don't know whether it would be appropriate to use such a tool when you are not even certain you have a bad file. I would be inclined to leave things be for the moment and see how it shapes up. Maybe if you try the McAfee scanner at a later date, after it has updated, it will stop finding this thing? Edit - a thought has just occured (yes it happens  ), did you set all those scanners you used to specifically scan your E Drive where this thing is said to reside? |
|
#5
January 12th, 2006, 04:43 PM
|
|||
|
|||
Re: W32/Sdbot.worm.gen.h ???
TopperID - U R DA MAN!!! This Killbox tool ripped that virus out by the roots!!!! I can not thank u enuf for knowing about that one! (Free to boot!) Oh yes - I did have the scanners set for the E drive when I did the scans...(v funny too
 ) All scans clean & green! Tx again, Deca |
|
#6
January 13th, 2006, 12:58 PM
|
||||
|
||||
|
Re: W32/Sdbot.worm.gen.h ???
Glad to hear you got rid of it. It's very frustrating the way these things can hide so you can't get at 'em - but l074.exe hardly sounds like a genuine system file, so good riddence...
In fact, having read this, it's probably just as well you did get rid of it:- http://www.bleepingcomputer.com/star...exe-13881.html |
|
#7
January 14th, 2006, 08:30 PM
|
||||
|
||||
|
Re: W32/Sdbot.worm.gen.h ???
you could of tried avast
|
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
