Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible sdbot jed worm?


  • Please log in to reply
1 reply to this topic

#1 urbanspice

urbanspice

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 01 October 2010 - 12:00 PM

  • computer started acting weird yesterday; it shut off by itself, showed a screen saying it was "updating" software.
  • After that it started freezing, being really slow, especially the internet.
  • I use A2 squared and decided to run a check, found out it had somehow been turned off for about 10 days.
  • Tried running a scan several times, it always froze on a file in hkey local machines - z2 r2pc server (i think)
  • I did an online scan with panda that informed me I had sdbot.jed worm and that is was disinfectable
  • In safe mode, I ran an non up-to-date norton that found nothing. I also tried a2 squared. In quick scan, just some minor stuff. In deep scan, I gave up, it took about 8 hours just to go 2%. It wasn't freezing, just being really slow.
  • I just finished running symantec online virus check and nothing was found
  • booted my computer up in regular mode, got a pop-up window from A2 squared about c:\windows\explorer.exe seeming to be acting maliciously, i didn't block it or quarantine, just restarted in safe mode. (As I tried shutting it down, new "updates" tried to install but I pushed the power button to stop it.) Also, in regular mode, the internet was still insanely slow, absolutely nothing loaded. -- chrome or ie
  • As of now, I am doing another panda scan. It's at 35% on on suspicious file is detected, fifteen files infected.
So, I think I have something, but just not sure because I am getting conflicting reports. Plus my computer is acting strange.

BC AdBot (Login to Remove)

 


#2 urbanspice

urbanspice
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 01 October 2010 - 02:29 PM

this is what panda tells me is the problem:

06419169 Bck/Sdbot.JED.worm Virus/Trojan No 1 No No c:\windows\downloaded installations\{90f42154-37ba-4079-85a2-7b2db7ea6a01}\movie magic screenwriter 6.msi[unk_0107][netpub.exe]


Also, I am scanning with AVG (using the command line scanner) and so far, it says it has found a virus:
c:\windows\syswow64\dllhost.exe <1680> Virus found win32/PEPatch

Is this a virus or not? I'm getting conflicting results from different scanners.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users