virus - bkdr_robobot.ae + other spyware

  User-F2543C90-A375-4957-AC5715C260074746 23:43 03 Aug 2005
Locked

I run xp and thought my system protected by usual - AVG (I run this daily and it shows me as clear!)- Spybotsearch+destroy + spwareguard etc
BT openworld contacted me to say Id had a load of spam sent from my Ip address and on their advice I ran on line test from Trend Micro which then found the above
The instructions say I should terminate the prog. by opening task manager and ending process - but the message I get says the sytem wont let me do this
Has anyone else had this _ how can i get rid?
Should I buy Panda as I read that this might do trick but it will cost me
I have just run Panda on line test and the following are also there - but were not mentioned on the Trend Test - Panda did not come up with the same item Trend found!
Spyware:spyware/cydoor No disinfected C:\WINDOWS\SYSTEM32\cd_clint.dll
spyware/betterinet
Spyware:spyware/dyfuca No disinfected C:\WINDOWS\STWSI

any help wanted please

  DieSse 00:09 04 Aug 2005

Download the free trial (30days) of NOD32 click here and see how that does for you.

thanks for response but does their product cover this -it does not appear on their list of virus which are removed

  DieSse 00:35 04 Aug 2005

Most AV programs will remove many tens of thousands of virusese - they will never list them all.

See here for jusy the recent updates click here

  p;3 00:56 04 Aug 2005

aM wondering if it is worth your posting an HJT log on this specialist forum

click here; ;just an idea, and they can give your pc a good sweep to check for nasties in your log:)

although am rather curious to know why BT have apparently contacted you; is their mail genuine? and what e mail client do you use?

  p;3 01:01 04 Aug 2005

and you can find the HJT program here click here

if I have gotten that right!

  DieSse 01:51 04 Aug 2005

"The instructions say I should terminate the prog. by opening task manager and ending process"

Which process?

DieSse
csrss.exe is the one referred to - sorry I did not mention

  VoG II 23:27 04 Aug 2005

Netsky click here

Run Stinger click here

  DieSse 00:02 05 Aug 2005

I beleive those intructions to be incorrect - csrss.exe is a normal process. The Trend on-line scan itself doesn't throw it up as an error - so how can those instructions - the only one on the web - be right?

That's not to say the csrss.exe process can't be infected - but of itself it's not a problem.

Did you try NOD32? - it's a free trial.

  DieSse 00:03 05 Aug 2005

The Trend on-line scan itself doesn't throw it up as an error - I did try it, BTW.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Fujitsu Lifebook P727 laptop review

Microsoft Paint set to die after 32 years

Mac power user tips and hidden tricks

Comment désactiver la saisie intuitive et paramétrer votre clavier ?