Root of Backdoor.Win32.SDBot?

[Jack&Jill]

Posted on new or undetected, but did not get any response after 5 days. Basically I need help for permanent removal of winzip quick pick.exe which always appear on my startup and winzip_tmp.exe on my C drive and windows folder, and prevention. SS&D could not detect them, but they appear to be the root of rundll16.exe and scanregw.exe which SS&D classified as Backdoor.Win32.SDBot.

The first two files keep reappearing...:sad:

How do they spread and what are the consequences of not removing them?

Thanks and appreciate some help.

 

[tashi]

Hello.

Please see the stickied procedure for this forum: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

Start a new topic providing the HJT log, I have closed this one as helpers look for threads without a response.

Best regards.