Backdoor.SDBot
Backdoor.SDBot Description
Backdoor.SDBot is a Trojan virus. Once installed on your machine Backdoor.SDBot will allow remote attackers to control your computer through the IRC network. Backdoor.SDBot also includes a self-updating feature and opens up a huge security hole on your system. Backdoor.SDBot is a serious threat to your private and financial information.
Aliases
W32/Cryp_PESpin.U!tr [Fortinet]Trojan.Win32.Generic.12863C73 [Rising]TR/Dldr.Banload.ins [AntiVir]Packer.PESpin!IK [Emsisoft]Gen:Packer.PESpin.A.Bu0aaud@4lmG [BitDefender]Win32.TRDldr.Banload [eSafe]Generic.evx!u [McAfee]BackDoor.Generic15.BRNV [AVG]Backdoor.Iroffer.tn [VBA32]Win32.Hack.Iroffer.tn.(kcloud) [Kingsoft]
More aliases (480)
Backdoor.SDBot Automatic Detection Tool (Recommended)
Is your PC infected with Backdoor.SDBot? To safely & quickly detect Backdoor.SDBot, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Backdoor.SDBot
What happens if Backdoor.SDBot does not let you open SpyHunter or blocks the Internet?
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 malware.exe, scost.exe 607 2 ~4.exe 527 3 mslsrv.exe 314 4 scost.exe 169 5 lpdriver.sys 162 6 %USERPROFILE%\ My Documents\ nero6605_key.exe 162 7 %WINDIR%\ windows7addon.exe 155 8 %WINDIR%\ system32\ wsnhost.exe 155 9 %PROGRAMFILES%\ Total Commander Podarok Edition\ Programm\ Instruments\ instruments.exe 16 10 %COMMONPROGRAMFILES%\ systems\ SysWindows.exe 12
More files
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\{Value}Software\Microsoft\Windows\CurrentVersion\RunOnce, value: wincfgSOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, value: Microsoft UpdateSOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, value: Windows ExplorerHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}Microsoft UpdatewincfgWindows Explorer - The following CLSID's were detected:
HKEY..\..\{CLSID Path} {625B529F-9E03-4475-9F3D-33F9B7B410F2}
Posted: February 27, 2007 | By SpywareRemove
MoreThreat Level: 8/10
(No Ratings Yet)
Loading ...Rate this article:
Detection Count: 227
Information and instruction published is really useful to me. Good