[ Home  |  FAQ-Related Q&As  |  General Q&As  |  Answered Questions ]

    Search the Q&A Archives

I have trojan horse IRC, and backdoor SdBot from c:\WINDOWS...

<< Back to: Computer Virus FAQ for New Users

Question by Elica
Submitted on 5/16/2004
Related FAQ: Computer Virus FAQ for New Users
Rating: Rate this question: Vote
I have trojan horse IRC, and backdoor SdBot
from c:\WINDOWS\system 32\ms.exe

and i cannot get rid off with GRISOFT AVG ANTI-VIRUS FREE VERSION because they said i can't remove that file. What should i do? how to get rid of them? Please tell me.

Is that MS.EXE is neccessary for window to use?
Can i delete MS.EXE to get rid of virus?


Answer by Duey
Submitted on 6/14/2004
Rating:  Rate this answer: Vote
Elicia, Go to http://vil.nai.com/stinger
and download it. install it and select scan now, Stinger should delete this Trojan,
Duey

 

Answer by Hush
Submitted on 7/11/2004
Rating:  Rate this answer: Vote
MS.exe is not a standard windows file.  You are likely to find that the reason your AV program is refusing to remove the file is because it is in use.  The first thing to do is check to ensure it is not running to do this do the following:

Windows 95/98/ME -
Hold down the keys "CTRL ALT DEL" together once and let go.  Click on the processes tab.  Click on the heading 'Name' to organize the list alphabetically.  Locate MS.EXE, click on it, and then click on the End Process button.

Windows NT/2000/XP -
Hold down the keys "CTRL SHIFT ESC (escape)" together once and let go.  Click on the processes tab.  Click on the heading 'Name' to organize the list alphabetically.  Locate MS.EXE, click on it, and then click on the End Process button.

Following this, run a full virus scan.  If the system is still not able to remove the file restart the computer in safe mode:

Windows 95/98 -
Click 'Start' then 'Shut Down' and select 'Restart Computer In Safe Mode'

Windows ME/2000/XP
Restart the computer as normal, clicking the F8 just after the POST screen, then select Safe Mode from the list which appears.

Windows NT -
Use the same procedure as 2000, however the option is called VGA Mode.

Run the virus scan in safe mode and it should now remove the problem file.

 

Answer by andy
Submitted on 9/13/2004
Rating: Not yet rated Rate this answer: Vote
sorry started in safe mode, but can not run my AVG antivirus to remove, in safe mode. clicked on taskbar etc, but no response. pls help.
may I ask smthng. more? my PC begun to restart from time to time itself. is this caused by a.m. trojan, too, or any other virus does this? my PC seems clean, xcpt. of a.m. trojan, scanned by AVG. thank 4 any answers to arctur@chello.sk THANK A LOT!!!

 

Answer by panda
Submitted on 9/14/2004
Rating: Not yet rated Rate this answer: Vote
I got the same problem but is crsss.exe file
If i emove the file do this will affeect the windows

 

Answer by mehdi
Submitted on 12/28/2004
Rating: Not yet rated Rate this answer: Vote
i cannot antiviruse find until delete virus
Trojans.

 

Answer by Andrea Mesa morales
Submitted on 1/27/2005
Rating: Not yet rated Rate this answer: Vote
Contra virus

 

Answer by Nice
Submitted on 6/13/2005
Rating: Not yet rated Rate this answer: Vote
well if either of those two ideas don't work it may be necessary to scrub the hard drive and completely reformat the computer. its not a difficult procedure but you may need a guide book to ensure its done correctly. make sure that you save everything needed to a portable disc and that you reinstall ever element of the computer that you delete during the reformatting.

 

Answer by bobby
Submitted on 6/20/2005
Rating: Not yet rated Rate this answer: Vote
can u give those viruses to me so i can send them to someone?

 

Answer by Sam
Submitted on 10/15/2005
Rating: Not yet rated Rate this answer: Vote
I cant get rid of the Backdoor.Sdbot virus....What should I do!!!!???

 

Answer by Maibe
Submitted on 10/22/2005
Rating: Not yet rated Rate this answer: Vote
Another simple way to prevent it from loading when you can't delete it yet is to rename the file. Like sm.exe or sm.xee

 

Answer by purple_haze
Submitted on 12/10/2005
Rating: Not yet rated Rate this answer: Vote
MS.EXE is the runnin g process for a program called message spy, which logs all chat/IM conversations, you either installed it or someone else wants to know what ur saying online... i suggest u remove it with the above mentioned way.

 

Answer by hersh sodhi
Submitted on 6/10/2006
Rating: Not yet rated Rate this answer: Vote
Hi, i also have a Backdoor trojan win32.spl on my comp. i am so confused i need ur help to get rid of the virus.  i cant delete file..

 

Answer by tacliin1@hotmail.com
Submitted on 7/9/2006
Rating: Not yet rated Rate this answer: Vote
what is the matter?

 

Answer by bigmonster1987@yahoo.com
Submitted on 8/14/2006
Rating: Not yet rated Rate this answer: Vote
i know good c and c++,java programming but how to make virus through c.how can i access c directory form c prograam and apply delete command through c program.send any virus code written in c and c++.

 

Answer by dude_erik_same_virus
Submitted on 9/2/2006
Rating: Not yet rated Rate this answer: Vote
yah i got the virus to and same anti viral but full version just make the prog crash thenscan ur cp when u find  file try fix if it dosent work vault it if that dosent work delete if that wont work then i duno

 

Answer by Ted
Submitted on 10/1/2006
Rating: Not yet rated Rate this answer: Vote
Umm, I have a problem to, my ms0389601688.exe runs, and while it does, I get pop-ups, millions of them, HELP

 

Answer by Carl
Submitted on 10/9/2006
Rating: Not yet rated Rate this answer: Vote
Unlocker Assistant
A free Program lets you unlock and delete the most stuborn problems. (Google it, I dunno the dot com address)

 

Answer by fereshte
Submitted on 12/29/2006
Rating: Not yet rated Rate this answer: Vote
trojan horse irc

 

Answer by broncosrok
Submitted on 3/21/2007
Rating: Not yet rated Rate this answer: Vote
Ha ha you have a virus

 

Answer by Jenna
Submitted on 3/29/2007
Rating: Not yet rated Rate this answer: Vote
wow great answer "hush". i had trojen horse and i used dueys answer nd it worked thanx

 

Answer by Janus257
Submitted on 5/5/2007
Rating: Not yet rated Rate this answer: Vote
My AOL virus program says that it has found, and blocked the Kollah Trojan horse.  How do I look for it, and how do I make sure it's gone, not just blocked?

 

Answer by Akari Takai
Submitted on 5/14/2007
Rating: Not yet rated Rate this answer: Vote
MS.exe, from what I remember, is not a standard Windows file. If it ends up being one, you can always reinstall the OS or copy the file over from your OS install disk.

Rebooting the computer in safe mode might help, or safe mode with command prompt and deleting the file that way would be good.

 

Your answer will be published for anyone to see and rate.  Your answer will not be displayed immediately.  If you'd like to get expert points and benefit from positive ratings, please create a new account or login into an existing account below.


Your name or nickname:
If you'd like to create a new account or access your existing account, put in your password here:
Your answer:

FAQS.ORG reserves the right to edit your answer as to improve its clarity.  By submitting your answer you authorize FAQS.ORG to publish your answer on the WWW without any restrictions. You agree to hold harmless and indemnify FAQS.ORG against any claims, costs, or damages resulting from publishing your answer.

 

FAQS.ORG makes no guarantees as to the accuracy of the posts. Each post is the personal opinion of the poster. These posts are not intended to substitute for medical, tax, legal, investment, accounting, or other professional advice. FAQS.ORG does not endorse any opinion or any product or service mentioned mentioned in these posts.

 

<< Back to: Computer Virus FAQ for New Users

[ Home  |  FAQ-Related Q&As  |  General Q&As  |  Answered Questions ]
© 2008 FAQS.ORG. All rights reserved.