Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Help please.....
I have picked up a Bakdoor Trojan, at least that is what Norton reports but it can't fix or quaranteen it. Norton reports the dll as Winbbip.dll and that file shows up in my WINNT/SYSTEM32 folder but I can't delete it.Does anyone know which process needs to be killed to let me delet this annoying piece of #@$%.
Oh yes, I have run CWS, Adaware, Spybot etc etc and nothing seems to pick this thing up. Have I got something new ?
u naver delete any trojan oor virus untill u endtask that from ur task manager, 1st end task that from task manager and then delete it from where its places. also telling u one thing that all trojan and viruses attacked ur system32 folder...
do these all, if still problum the write me an e mail i suggest u
Ahmed
Ahmed Mir
0 
Hi Frogy.
Try running a program called Trojan Hunter. This will find and remove the Trojan from your Computer. Have a nice day.
0
I too have the backdoor.trojan.agent.ba. I am running Win 2k Pro, I ran Norton and AVG 7.0, but they can't quarantine it nor remove it does anyone have any ideas?
jmoney
0
I have the same problem. I use Norton AntiVirus 2002 and I have tried to remove the Backdoor.Trojan using Symantecs removal instructions but it didnt fix/remove it. I also tried with Ad-Aware. My infected file is c:\windows\system32\KBDF.dll. I dont know which process to end so I can remove the file. When I scan for infected files (also in Safe Mode) Norton AntiVirus does not find any infected files. Please help me!!!
0
I have the same kind of problem.I have Windows XP and Norton antivirus+internet security firewall. Norton detects a virus in " C:\WINDOWS\SYSTEM32\sqleb.dll" as the Backdoor.Trojan. I have tried to get rid of it by using Symantec's advice. In safe mode Norton is disable and then the virus doesn't even show up in the directory so I can't try deleting it. In normal mode norton reports about the virus but in full scan Norton doesn't even find any virus. I have used Trojan Hunter also but it also does't find any virus. In normal mode the virus exists in the directory but I cant delete it even in the command prompt. It just says "access is denied". What should I do? How can I see what processes the virus is using so I could end those from the Task Manager?
0
Must temporarily rename a registry key to delete the virus. See http://securityresponse.symantec.com/avcenter/venc/data/backdoor.agent.b.html for the exact steps to resolve this. Virus scanners and spyware killers won't resolve it until the key is renamed, after which the use of antivirus and spyware checker will do the job.
0
Thanks for the advice. One part in the advice says:
Navigate to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
In the right pane, delete the value:"*<1-5 random characters>" = "RUNDLL32 %System%\(DLL filename).dll,StreamingDeviceSetup"
..and I don't find that streaming device setup file. Could it be "RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit" or " RUNDLL32EXE C:WINDOWS\System32\NvCpl.dll,NvStartup" Is it one of those that I have to delete?
0
Can someone help me with this backdoor trojan. symantec says it is in a file called sqlm.dll in my system32 folder. When i go to this folder this file isn't even there. Is there somewhere else it might be. A file search says that this file doesn't even exist on my computer. Am I missing something?
0
I have the same problem (actually 2 different files of Backdoor.Agent.B) there is nothing in the registry as Symantec says and there are no proccesses relating to it, I've run Norton antivirus, Adaware, Spybot, HijackThis, Panda Online Scan and nothing works with this POS! Norton only finds it but can't do anything.
In safe mode I try to directly scan the file by right clicking on it and selecting "Scan with Norton Antivirus" and I get a popup telling me I dont have permission to do so and Im logged in as the administrator, funny enough I CAN change their extension, but I cannot open them and they still won't erase!
Could they be running as a process? If anyone finds a solution please post it ASAP.
0
I have the same problem with the backdoor.trojan named resodbc.dll in C:\windows\system32. What can I do? Please help me?
0
Thanks for help. I used this advice you guys gave me: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.agent.b.html
I did that stuff and then I went on safe mode. Full scan didn't work out so I just navigated to that file where it existed and then clicked delete. It disappeared. I don't remember was my Norton disabled or enabled while I got rid of it.Anyway, Thanks!
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
