Win32.Sdbot
Aliases of Win32.Sdbot (AKA):
| [Kaspersky] | Backdoor.Win32.SdBot.gen, Backdoor.IRCBot.gen, TrojanSpy.Win32.SilentLog.a, TrojanSpy.Win32.Sincom.i |
| [Eset] | IRC/SdBot.PI trojan, IRC/SdBot.LA trojan, IRC/SdBot.KO trojan, Win32/Lolol.J worm |
| [Panda] | Trojan Horse, Trj/PSW.Sincom |
| [CA] | Win32.Slinbot.A, Backdoor/SDBot.Server.Variant, Win32.Sdbot.22016, Backdoor/SdBot.Server, Win32.Sdbot.26144, Win32/Logger.A!Trojan, Win32.SilentLog, Win32/Sincom!PWS!DLL!Trojan, Win32.Sincom, Win32/Sincom!PWS!Trojan |
How to Remove Win32.Sdbot from Your Computer^
You can effectively remove Win32.Sdbot from your computer with Exterminate It!.
After installing the program, run a scan to display a list of the files associated with Win32.Sdbot in the Scan Result screen and remove these files. For information about running scans and removing malware files, see the Exterminate It! Help.
Win32.Sdbot Categorized as:^
Trojan
A trojan is a program that is disguised as legitimate software but is designed to carry out some harmful actions on the infected computer.
Unlike viruses and worms, trojans don’t replicate but they can be just as destructive.
These days trojans are very common. Trojans are divided into a number different categories based on their function or type of damage.
Be Aware of the Following Trojan Threats:
Worm
Worms are generally considered to be a subset of viruses, but have key differences. Unlike a virus, a worm is a computer program that replicates, but does not infect other files. Instead, a worm installs itself on a computer and then looks for a way to spread to other computers.
From a user’s perspective, there are noticeable differences. The longer a virus goes undetected, the more files it will infect on the victim computer. By contrast, there is just a single instance of the worm code on the computer.
Like viruses, worms are often subdivided according to the methods they use to infect a system. E-mail worms are distributed as attachments to e-mail messages. IM worms are attached to messages sent with instant messaging programs (such as IRC or ICQ). P2P (peer-to-peer) worms use file-sharing networks to spread. Network worms spread directly over the LAN (Local Area Network) or across the Internet, often exploiting a specific vulnerability.
Be Aware of the Following Worm Threats:
Backdoor
Of all trojans, backdoor trojans pose the greatest danger to users’ PCs because they give their authors remote control over infected computers. They are downloaded, installed, and run silently, without the user’s consent or knowledge. Upon installation, backdoor trojans can be instructed to send, receive, execute and delete files, gather and transfer confidential data from the computer, log all activity on the computer, and perform other harmful activities.
Be Aware of the Following Backdoor Threats:
Breach.Pro, SlyDude, Pokier, Toledorz, Backdoor.Litmus.C!Server.
DoS
A DoS (Denial of Service) attack is designed to disrupt or stop the normal running of a Web site, server, or other network resource. Hackers or malware writers resort to various ways to achieve this. A DoS attack can commonly result in a server being flooded with more network traffic than it is capable of processing. This hinders or prevents the server’s normal operation and sometimes causes its complete failure.
Unlike a DoS attack, a DDoS attack employs multiple PCs. The hacker or malware writer normally uses one infected computer - “master” - to centrally coordinate the attack across other, so-called “zombie”, computers. Typically, the malware writer gains control of both master and zombie computers by exploiting a weakness in an application or the operating system on those computers, in order to install a trojan or other malicious code.
How Did My PC Get Infected with Win32.Sdbot?^
The following are the most likely reasons why your computer got infected with Win32.Sdbot:
- Your operating system and Web browser's security settings are too lax.
- You are not following safe Internet surfing and PC practices.
Downloading and Installing Freeware or Shareware
Small-charge or free software applications may come bundled with spyware, adware, or programs like Win32.Sdbot. Sometimes adware is attached to free software to enable the developers to cover the overhead involved in created the software. Spyware frequently piggybacks on free software into your computer to damage it and steal valuable private information.
Using Peer-to-Peer Software
The use of peer-to-peer (P2P) programs or other applications using a shared network exposes your system to the risk of unwittingly downloading infected files, including malicious programs like Win32.Sdbot.
Visiting Questionable Web Sites
When you visit sites with dubious or objectionable content, trojans-including Win32.Sdbot, spyware and adware, may well be automatically downloaded and installed onto your computer.
Detecting Win32.Sdbot^
The following symptoms signal that your computer is very likely to be infected with Win32.Sdbot:
PC is working very slowly
Win32.Sdbot can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with Win32.Sdbot.
New desktop shortcuts have appeared or the home page has changed
Win32.Sdbot can tamper with your Internet settings or redirect your default home page to unwanted web sites. Win32.Sdbot may even add new shortcuts to your PC desktop.
Annoying popups keep appearing on your PC
Win32.Sdbot may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.
E-mails that you didn't write are being sent from your mailbox
Win32.Sdbot may gain complete control of your mailbox to generate and send e-mail with virus attachments, e-mail hoaxes, spam and other types of unsolicited e-mail to other people.
Dear Jean,
Thank you for your follow-up. I did indeed use the Submit State feature last night and this morning, your team sent me instructions to run an 'update' and then re-run Exterminate It! on the PC. I just finished that process and the new update wiped it out. I ran my regular anti-spy/anti-virus to double-check and it wasn't able to detect it either. I appreciate the support from both you and your team.