Infected laptop? 8 steps run

By starshaped
Feb 18, 2010
  1. While I was using my laptop a couple of days ago, my anti-viral software (Kaspersky) flagged up that my laptop had been infected with the trojan backdoor.win32.sdbot.rhr. I then ran through the software's steps to get rid of the virus and everything seemed to be fine, except my computer rebooted itself without asking if I wanted to do so. When it reloaded up, it was a lot slower and I was unable to run Kaspersky, open up the task manager or use Chrome to access on anti-viral software websites. However, I was able to use IE and found your site.

    The following day I then went through the 8 steps guide (see attached logs), which went quite straight forward - there were only a couple of things found which were cleared. Everthing seems okay now, apart from my laptop still feeling slightly slowish, especially with Chrome, so I just want to check that there's nothing else there.

    Thanks for any help,

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Katy, you are running 3 antivirus programs:Multiple AV programs can actually make the system more vulnerable. they can also slow a system down:

    Please remove two of them.

    For Symantec/Norton use the Norton Removal Tool
    For AVG: AVG Removal: Note: You may have to reinstall AVG to uninstall it fully

    Remove this from the Trusted Zone: (O15 - Trusted Zone: http://*
    Control Panel> Internet Options> Security tab> Trusted Zone> Sites> delete *
    If I find any other entries for McAfee, I'll have you run that removal tool also.

    Please download ComboFix HERE:
    • With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
      Important! Save the renamed download to your desktop.
    • Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
    • Double click on the setup file on the desktop to run
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console. (Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)
    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.

    • 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
      2. ComboFix may reset a number of Internet Explorer's settings.
      3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security.
      4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

    Please understand that this forum is for virus and malware removal so we only consider 'slow' if it's related to malware. You might want to take a look at all the preloads that Dell sent out with your system.

    In addition to Combofix, Run Eset NOD32 Online AntiVirus Scanner HERE
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the Active X control to install
    • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    • Click Start
    • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    • Click Scan
    • Wait for the scan to finish
    • Re-enable your Antivirus software.
    • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

    Please attach Combofix report and Eset log to next reply.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...