Know your Malware: Sdbot.add Removal
Sdbot.add is a dangerous widely spread worm that propagates mostly through unprotected network shares found on a local network. Once executed, the parasite drops a rootkit that allows the remote intruder to break into the infected system. Sdbot.add also runs a backdoor controlled through the IRC network. This backdoor gives the attacker unauthorized remote access to a compromised computer and allows to control it. Sdbot.add secretly runs on every Windows startup.
Related files: lockx.exe, xz.bat, msdirectx.sys
• Allows remote user connection
• Connects itself to the internet
• Hides from the user
• Stays resident in background Remove Sdbot.add, removal instructions
Back to: PC Security, privacy news