ItVirus Removal

Toggle sidebar Toggle sidebar
E

effee

Golden Member
Sep 4, 2004
1,797
0
0
Does anyone know how to remove this? Or is there a removal tool? I know what the virus does, but Kapersky cant remove it for some reason. everytime i hit delete, it comes back. Is there a removal tool for this? It is essential that I remove this, as it is causing svchost to use 99% cpu resources
 
O

OLtimrNewbie

Member
Jun 21, 2003
129
0
0
I'm not sure which version of RBOT you have in your system. I will paste a page from Trend Micro's Virus Encyclopedia and if you can go to Trend micro's "housecall" and/or site you may find the info to remove the specific version you have. Try running HOUSECALL. It's a freebie and may actually remove it for you.





Virus Encyclopedia Search Results



<< Search Again

1 - 7 of 7 records match your query

WORM_RBOT.EC
Aliases: W32/Sdbot.worm, Win32.rbot.gen*2, Backdoor.Win32.RBot.189440, W32.Spybot.Worm, Win32:SdBot-194-B, Worm/Rbot.210944
This worm takes advantage of the Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability present on Windows systems, which allows an attacker to gain full access and exe...

WORM_SPYBOT.ET
Aliases: W32.Spybot.Worm, W32/Sdbot.worm.gen.k, backdoor.win32.rbot.gen, W32/Rbot-KS, Backdoor.Rbot.KS
This memory resident worm propagates via network shares. It uses an extensive list of user names and passwords to access other systems. Once it gains access onto a machine, it drops a copy of itsel...

WORM_RBOT.PW
Aliases: W32/Sdbot.worm.gen.w, backdoor.win32.rbot.gen, W32/Gaobot.AMO.worm
This memory-resident worm propagates via network shares. It uses a list of user names and passwords to access other systems. On rare occasions, this worm drops a copy of itself as the file BLING.EX...

WORM_SDBOT.AAR
Aliases: W32.Spybot.Worm, W32/Sdbot.worm.gen.h, backdoor.win32.rbot.gen, W32/Spybot.AUA
This worm propagates via network shares. It attempts to drop copies of itself to default shared folders and uses a list of user names and passwords to access shares with restrictive access rights. ...

WORM_RBOT.VJ
Aliases: W32.Spybot.Worm, W32/Sdbot.worm.gen.t, !!!, FSG, backdoor.win32.rbot.gen, Backdoor/SDBot.Server.Variant, IRC/BackDoor.SdBot.66.AM
This worm spreads via network shares. It attempts to access systems with weak passwords and drop a copy of itself on successfully accessed machines. It uses a hardcoded list of weak passwords to ...

WORM_RBOT.UY
Aliases: backdoor.win32.rbot.gen, Win32.HLLW.MyBot.based
This worm spreads via network shares. It attempts to access systems with weak passwords and drop a copy of itself on successfully accessed machines. It uses a hardcoded list of weak passwords to ...

WORM_RBOT.VB
Aliases: backdoor.win32.rbot.gen
This worm spreads via network shares using predefined lists of user names and passwords. It then searches for and lists down certain shared folders, where it drops a copy of itself using the gath...








Search for backdoor.win32.rbot.gen in all Trend Micro pages
Search for backdoor.win32.rbot.gen in our Knowledge Base


You can get to Trend Micro's site through 'Google" and some of these "RBOT's" can be stopped by keeping your Microsoft Critical patches up to date. eg: there's a patch to protect and fix the RPC loophole.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom