Pete7874
2007-01-03, 22:33
My dad's PC (Win XP Prof SP2) seems to be infected with Backdoor.Win32.SdBot.gen, although it is only reported by Spybot S&D, and not Ewido/AVS Anti-Spyware nor Microsoft Malicious Software Removal Tool. However, I do believe there is something going on - something is always preventing Windows Firewall from starting after a reboot/restart.
This is what Spybot finds and reports as 'fixed':
http://i34.photobucket.com/albums/d102/escape2music/misc/backdoor2.png
However, it doesn't actually gets fixed. The next time I scan with Spybot, the same problems reappear. I tried switching off System Restore before the removal - no help. Also, when scanning with Spybot in Safe Mode, those problems do not get detected. They only show up in normal Windows mode.
Why can't Spybot get rid of this permanently? Is there a fix for this? Can I just try to manually remove the two registry keys that are listed in the Spybot window I linked above?
I also tried this:
http://www.spywaredb.com/remove-backdoor-win32-sdbot-gen/
But none of the processes, files, and registry entries listed in those instructions are on the computer to begin with.
Thanks.
Pete
This is what Spybot finds and reports as 'fixed':
http://i34.photobucket.com/albums/d102/escape2music/misc/backdoor2.png
However, it doesn't actually gets fixed. The next time I scan with Spybot, the same problems reappear. I tried switching off System Restore before the removal - no help. Also, when scanning with Spybot in Safe Mode, those problems do not get detected. They only show up in normal Windows mode.
Why can't Spybot get rid of this permanently? Is there a fix for this? Can I just try to manually remove the two registry keys that are listed in the Spybot window I linked above?
I also tried this:
http://www.spywaredb.com/remove-backdoor-win32-sdbot-gen/
But none of the processes, files, and registry entries listed in those instructions are on the computer to begin with.
Thanks.
Pete