Virus information

Discussion in 'NOD32 version 2 Forum' started by arrowsmithmidwest, Nov 10, 2004.

Thread Status:
Not open for further replies.
  1. arrowsmithmidwest

    arrowsmithmidwest Registered Member

    Joined:
    May 12, 2004
    Posts:
    165
    Location:
    Midwest
    Hi all,

    I have two viruses which i need to know some more information about, i can't find much though, i have read about the sdbot.AFN in the archives in this site.


    SDBOT.AFN
    and
    Rbot.YZ

    anyone got any links to sites where info on these viruses that nod has picked up?
    Or has anyone had any experience with these viruses before.

    cheers
     
  2. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    What files are NOD32 alarming on that it says are infected with these?
     
  3. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    SDBOT.AFN try:

    Also known as:
    W32.Randex.gen (Symantec), Backdoor/SDBot, IRC/SdBot.AFN (Eset), Backdoor.SdBot.jg (Kaspersky), W32/Sdbot.worm.gen.h (McAfee)

    Gerard
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Rbot.YZ look here here are the different variations
     

    Attached Files:

  5. arrowsmithmidwest

    arrowsmithmidwest Registered Member

    Joined:
    May 12, 2004
    Posts:
    165
    Location:
    Midwest
    thanks for the quick repsonse, the files infected are:

    msconfg.exe - sdbot.afn

    atiphexx.exe - rbot.yz
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    I would run a scan with Nod32 in Safe Mode, if you find there are problems with System Files affected, then after this you can place your Windows CD in the drive, click start > run, type in CMD, type in "sfc /scannow".

    SFC (System File Checker, a part of Windows File Protection) will replace any changed/damaged system files with a clean copy. SFC may not solve every problem, but it's a good start that anyone can do...

    Hope this helps...

    Cheers :D
     
    Last edited: Nov 10, 2004
  7. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
  8. arrowsmithmidwest

    arrowsmithmidwest Registered Member

    Joined:
    May 12, 2004
    Posts:
    165
    Location:
    Midwest

    Where abouts did you get that information Gerard?
     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
  10. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    What are the locations of these files? Upload these 2 files to Jotti's site HERE for a second opinion.
     
  11. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Win32.Rbot.H

     
  12. arrowsmithmidwest

    arrowsmithmidwest Registered Member

    Joined:
    May 12, 2004
    Posts:
    165
    Location:
    Midwest
    i have removed both viruses now, computer is virus free, now i just have a problem with the OS, i will run the sfc and if not better i may try a win repair.
     
  13. Tweakie

    Tweakie Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    90
    Location:
    E.U.
Thread Status:
Not open for further replies.