Hello,

The computer was attacked by a virus. The Microsoft Malicious Software Removal tool discovered the following Viruses:

BACKDOOR:WIN32/Rbot!0c8a
BACKDOOR:WIN32/Rbot!d455
BACKDOOR:WIN32/Rbot.bv
BACKDOOR:WIN32/Sdbot!4982
BACKDOOR:WIN32/Sdbot!ff34

After running the Microsoft Malicious Software Removal Tool again they were all removed.

After restarting the computer and rerunning the MS Malicious Software Removal Tool again only the BACKCOOR:WIN32/Rbot!0c8a remained.

Now, we can only access the Microsoft Website and all other attempts at viewing other Websites results in the Page Cannot be Displayed screen.

Then we ran Norton (Symantec) Virus Scan and it yielded the following: W32.Spybot.Worm as the virus.

Can you kindly aid in helping us to remove the effects of this virus from this computer?

Thanks for your assistance.

Lucas

try

www.antivirus.com

download sysclean.com and lpt file for windows.
This will surely remove ur viruses.

Do it from safe mode.

After cleaning the system with this tool,upgrade ur current antivirus with updates

Chances are the virus is reinstalling itself and has embedded a trojan in your registry. This is often the case for hijackers and today's more agressive spy viruses. If this is the case, I know of no antivirus suite that will effectively remove these.
Detecting the virus and just as, if not more importantly, it's hidden subfiles takes a bit of time.
Here is what you should do - outside of taking it to a tech.
First, you didn't mention your connection, but I'm assuming it's likely DSL or some form of highspeed...
To get back on the internet, you will need to ENABLE/DISABLE THE CONNECTION: Go to the Control Panel, then open Network Connections. (If you're not in Classic view, open Network and Internet Connections, then Network Connections from there.) Under LAN and High-Speed Internet, there should be one or more items called Local Area Connection. If there are more than one, use the one in which the computer monitor icon is blue instead of gray. Right-click on the icon and choose Disable. Wait for a few seconds for the connection to disable complete, then right-click on it again
choose Enable. Once the connection is completely enabled, the IP address should have been successfully renewed.

Assuming were back in business, here is how to address that worm.

Step One
First, download antivir from www.free-av.com which is the best anti virus program out there and it's freeware. Be sure to disable any other antivirus programs you have running and do not remove Norton if you have it even in trial version or you'll regret it for the rest of your life.

Step Two
Secondly, download kill box, which is an awsome free file killer from http://www.softpedia.com/get/Security/Secure-cleaning/Pocket-Killbox.shtml
I hate Norton, ( it causes more problems than the viruses ) but if it provides you enough file path info, you can remove it the same way in step three.

Step Three
What you want to do is run antivir, this can take up to a couple of hours to do. Once this is done, let it run in your system tray. Every time the virus / worm tries to reinstall itself, the antivir window will pop up. Copy the file name for pasting into kill box and click on block with the Antivir window.

Step Four
In the killbox app, paste in the file and check the reboot file. Kill the file and it will pernamently erase the file upon rebooting your computer.

Step Five
Run a program such as registrypatrol.com against your reg to clean up any problems. You might actually need to do this first as you mentioned your browser is not working properly.

When in Doubt, ask the Nerd...

Thanks for all of your inputs. I will try them and get back.

Lucas

Hello,

I am not sure exactly what I did but the virus is now gone and I can access Websites.

Thanks for all of your assistance. I really appreciate it.

Lucas