What is Win32:SdBOT-96-B [Trj]

[fdm2000]

I encountered the above virus or worm when downloading a file from a usenet group. Avast gave me the option of deleting or trying to clean - I chose delete. I ran a full scan with Avast and another free scan (Trend Micro) and two additional viruses were detected : Win32: SdBot-101[Trj] and Troj REVOP.A.

I chose to delete these also.

All of these viruses have C:\Windows\System32\xxxx.exe file names

Can someone tell me what these are - I don't seem to be able to find them in any of the virus knowledge bases.

I also wonder if simply selecting delete removes the infections?

Thanks for any assistance,

Frank

[whocares]

Hi,

you've got WIN XP ?

please give the exact names of the infected files.

1) REVOP: as this seems to have been detected by Trend, why not look there ?
CLickME!

2) as for Spybot:
try deleting it with avast or manually after booting into safeMode (F8-Boot), or follow general advice here:
http://forum.avast.com/index.php?board=4;action=display;threadid=4273

 

[fdm2000]

Thanks for responding, Whocares -

I do have WinXp he, The names of the infected files are:

C:\Windows\System32\svhost.exe  (Win32;SdBot-96-B [Trj]

C:\Windows\system32\system2.exe (Win32:SdBot-101[Trj]

C:Windows\system32\fffilto.exe (TROJ REVOP.A)

Avast detected the first Bot listed above and Trend detected the next two.

I gather from your comments that the first two are spybots - is the last one a trojan?

Frank

[whocares]

1) C:\Windows\System32\svhost.exe  (Win32;SdBot-96-B [Trj]
2) C:\Windows\system32\system2.exe (Win32:SdBot-101[Trj]
3) C:Windows\system32\fffilto.exe (TROJ REVOP.A)

Avast detected the first Bot listed above and Trend detected the next two.

Nope, 1) & 2) are avast's detections, and 3 is Trend's

- Revop is not THAT dangerous, but gets installed by/with some other nasties
- a spybot is also a trojan, please read the Links above

 

[fdm2000]

Much obliged for the assistance and patience, whocares.

Frank