Hi everyone,

(This seems like a very helpful forum for computer help! So thanks in advance! I hope I'm posting this in the right forum! I've read up on IRC-Sdbot and deleting Mcafee, but that might not work in my case:)

I just recently managed to download an update for all things Mcafee, and when I restarted, Mcafee VirusScan found an IRC-Sdbot on system32.exe - I tried deleting it and got a delete error. Much later I restarted again, and it had spread to other (unecessary like winamp.exe) files. I tried deleting them and there was a delete error on those, but managed to delete those with the W32/Sdbot.worm.g. I restarted after restoring (Mcafee VirusScan suggestion)and now my laptop won't load any other program past the Mcafee splash screen.

I'm not quite sure what to do at this point... It really sounds like I've botched my laptop!

Why don't you boot into safe mode, that way it will, install only the neccassary programs that are required to boot. This will allow you to scan for a virus while it is disabled. Also, the system32.exe sounds like a reuired system file, thats probably why it won't let you delete it. I can't tell you exactly how to get to safe mode, I am not familliar with ME, but it is one of the F keys (probably F8) Then select boot into safe mode.

thats good advice,

There are two ways to do Windows 98/Me Safe Mode:
· Use the Ctrl key.
As the computer restarts, press and hold down the Ctrl key until the startup menu appears. (although on some F8 does work)
· Use the System Configuration Utility.
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/1999101916343139

system32.exe is not a system file, so try
using this removal tool in safe mode
Stinger v1.9.4 tool
from http://vil.nai.com/vil/averttools.asp

and follow up with one of the online AV scans
RAV
Housecall
Activescan
There will be some other files to delete, so as soon as you can follow the forum guidelines and run Spybot and HijackThis and post a log. Post a reply with the safe mode results.

hth
iceblue

thank you so much ian and iceblue for your rapid reply!

unfortunately safe mode does the same thing in normal mode...
loads up to a point and nothing else loads... get a pretty background, mouse moves but nothing else :(

go slowly and carefully through this for ME….
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.sysxxx.html

Essentially this runs through doing this; in Safe Mode
1. Reversing the change that the Trojan made to the registry.
2. Reversing the change that the Trojan made to the System.ini file.
3. delete the file System32.exe
{always back up the registry first} http://24.3.7.210/customer_support/registry_tips/registryME.htm
and hopefully get back online to do the follow up.

Sounds like you got a nasty virus. I am taking a guess by saying, you have used the PC for quite awhile, started having problems, then installed a AntiVirus. This is a bad idea. Next time, install the AV first so this never happens again. Lol, I am sure by now you are extremly frustrated with this PC. Why not save all the data you use onto a disk. Format and reinstall the OS, then install AV immeadiatly update it, then run it, then copy the saved files to the harddrive to a specific folder, scan that folder immediatly and that should fix it. I think this will be much faster than tring to catch several viruses that have had enough time to run ramped. Just save all important information to a disk. And do as I said. Let me know if you need more help, oh btw, I think you should download these programs (all free) after you format and reinstall. They will help you so that you never have a problem like this again.

AdAware
AntiVirus (AVG,McAffee, or Norton)
Firewall (Zone Alarm is free)
SpyBot Search and Destroy

These will provide an extra measure of protection against these problems. After you install an antivirus it will auto check files, so it will usually stop a virus before it attacks your PC.
P.S. If you do format, I imagine you threw away the device driver CD's like so many people do. Make sure you have all of them BEFORE you format. It is also a good idea to print a snapshot of your system hardware drivers before format. To do so, goto start settings, control panel, system, device manager, then hardware manager, then open all the +'s. Click the print screen key on keyboard, goto paint program and goto edit paste. Print this out, you may need it if you lose your drivers. Makes it alot easy to find them down the road. You will need a driver CD for ATLEAST the following:
video card
network card
sound (optional)
This is the bare minimum, you probably also have a printer, scanner, or others, make sure you have those CD's to. Preparation is much smarter than hastly formating. Let me know if you need more help.