Windows Live One Care will not delete Backdoor, I have no idea what it is but I can imagen that it is some sort of hack!
-
2007年12月13日 1:16I am pretty new to these forums and I have just signed a years subscription to Windows Live One Care which is the only Antivirus I know of that does its job without taking up too much CPU time which is a fantastic feat!
Just one thing though, every now and again I get a Live Care pop up that wants to clean a program saything that it has a backdoor on it, I clean it and then it says the program was either deleted or not and the backdoor messege keeps appearing nearly everyday and I clean it and it comes back.
I have also noticed some settings have been changed and that the light on base unit always flashes even when I am inactive on my PC. I have Windows Vista Home Premium SP1 and I have used One Care and AVG and a Free Scan from Mcaffes but none of them have found anything I have done all I can and don't know what to do can anyone help?
全部回复
-
2007年12月13日 13:40
hmmm any particular file name that keeps on coming you would like to share with us so that we can identify and pin point how you did acquired this malicious file. Also since you are using Live Onecare
To reach support group for Windows Live Onecare in direct assistance to removing this concern you have
http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2
And hmmm nice to know you are a RC user for Vista SP1 nice...
-
2007年12月13日 14:36Thanks for the Info I will do what you said next time it pops up, I guess I was in a too much of a hurry to delete what ever it was to write down the file info properly.
I downloaded SP1 yesterday and I was so pleased to notice that my speakers and Voip Headset was working properly so I am very happy with the service pack so far and for some reason my screen looks better too and everything just seems smoother, the only problem I am having at the moment is that Vista takes longer to start but I can live with that! -
2007年12月13日 15:03
Actually its would or probably is the infection that's causing the slow windows loading... anyways if you get the pop-ups please dont try or so close those prompts since some of them are triggered by the close button to initialize rather than vanish. Hope you have your UAC activated for secondary security measures. -
2007年12月13日 15:13
Yes I always have that turned on even though User Account Control can be annoying sometimes but I always make sure all securty messures are in place for when I use the internet and even when I am offline, at this moment I am trying to find the info about the possible Virus in Live One Care, does it keep info on possible threats that have been delt with?
And just with that I have copied and pasted the info I hope you need below thanks!
12/12/2007 23:09 Windows Live OneCare found potentially harmful or unwanted software on your computer
Threat Name: Backdoor:Win32/Sdbot.BC
Detection Date and Time: 12/12/2007 23:06
File Name: C:\Windows\System32\IEXPLORE.exe
Threat Severity: Severe
Threat Category: Backdoor
Virus and spyware monitoring found potentially unwanted software: (ANTIVIRUS_ONACCESS)
Threat Status: Removed
12/12/2007 22:42 Windows Live OneCare found potentially harmful or unwanted software on your computer
Threat Name: Backdoor:Win32/Sdbot.BC
Detection Date and Time: 12/12/2007 22:42
File Name: C:\Windows\System32\IEXPLORE.exe
Threat Severity: Severe
Threat Category: Backdoor
Virus and spyware monitoring found potentially unwanted software: (ANTIVIRUS_ONACCESS_INFECTED)
Threat Status: Detected
12/12/2007 21:05 Windows Live OneCare found potentially harmful or unwanted software on your computer
Threat Name: Backdoor:Win32/Sdbot.BC
Detection Date and Time: 12/12/2007 21:05
File Name: C:\Windows\System32\IEXPLORE.exe
Threat Severity: Severe
Threat Category: Backdoor
Virus and spyware monitoring found potentially unwanted software: (ANTIVIRUS_ONACCESS_INFECTED)
Threat Status: Detected -
2007年12月14日 16:08版主
I'll need to defer to Milo regarding the details of the above infection, but it would appear to me that Internet Explorer is being infected by this malware. When the message from OneCare happens, are you browsing a particular web site? The entries you've posted indicated that it has been removed, but if you revisit a site that loads the infection, OneCare would step in "on access" and block and clean the threat once again.
-steve
-
2007年12月14日 21:02
You are right about that stephen, to be exact the actual Internet explorer has been compromised already, he has of the moment has a file somewhere in C:\windows\system32\drivers or within his temp file controlling this file IEXPLORE.exe since to be exact there is no iexplore.exe in system32 for both windowsXP and Vista. This one is being used by a malicious file to proceed with whatever program it needs to add on in your system. As indicated that class cateogory for this one is a backdoor they dont come alone.
Please get a hold of WLOC support asap since they would be need to use a specialize tools to remove this thing.
