BackDoor.Generic3.FOG and BackDoor.SdBot.asr

Discussion in 'ewido anti-spyware forum' started by cathj, Aug 26, 2006.

Thread Status:
Not open for further replies.
  1. cathj

    cathj Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    2
    Hi
    Ewido and AVG anti virus software have between them detected 2 Trojan BackDoors:
    SdBot.asr and Generic3.FOG
    Although each programme tells me it has qurantined the trojans after each scan they still show up with every new scan.
    Generic3.FOG seems to always be in WINNT\system32\wscript.exe
    SdBot.asr moves around. It wqs in kernel32.dll, most recently in this:
    system32\_delete_on_reboot_k_e_r_n_e_l_3_2_._i_m_e

    I'm not sure if this request for help constitutes a HiJack This request or whether you can offer help. I hope so.
    Thanks
     
  2. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,267
    Location:
    England
    Have you run both scans in safe mode?
     
  3. cathj

    cathj Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    2
    Yes, both of them.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,719
    Location:
    Texas
Thread Status:
Not open for further replies.