BackDoor.Generic3.FOG and BackDoor.SdBot.asr

Discussion in 'ewido anti-spyware forum' started by cathj, Aug 26, 2006.

Thread Status:
Not open for further replies.
  1. cathj

    cathj Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    2
    Hi
    Ewido and AVG anti virus software have between them detected 2 Trojan BackDoors:
    SdBot.asr and Generic3.FOG
    Although each programme tells me it has qurantined the trojans after each scan they still show up with every new scan.
    Generic3.FOG seems to always be in WINNT\system32\wscript.exe
    SdBot.asr moves around. It wqs in kernel32.dll, most recently in this:
    system32\_delete_on_reboot_k_e_r_n_e_l_3_2_._i_m_e

    I'm not sure if this request for help constitutes a HiJack This request or whether you can offer help. I hope so.
    Thanks
     
    cathj, Aug 26, 2006
    #1
  2. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    24,107
    Location:
    UK
    Have you run both scans in safe mode?
     
    stapp, Aug 26, 2006
    #2
  3. cathj

    cathj Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    2
    Yes, both of them.
     
    cathj, Aug 26, 2006
    #3
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    164,145
    Location:
    Texas
    ronjor, Aug 26, 2006
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...