Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Virus help please!*backdoor.bot*


Recommended Posts

Im new here so idk if i posted in the right thread but i have this virus it says backdoor.bot on IObit security 360 beta 2.2 and i hit remove and it says remove completed but i do a scan again and it keeps on appearing it says its in my registry and i tried deleting it threw the registry too and it wont go away any help guys?



I have windows xp if that helps

Link to comment
Share on other sites

AFAIK backdoor.bot is ram-resident and must be disabled with taskmgr.exe from Start|Run|taskmgr.exe -or- ctrl+shift+esc before trying to remove it. If it's in RAM, it will recreate itself later. Try killing the task, then delete it with IS360 (assuming backdoor.bot hasn't disabled task manager). Give it a shot, it can't hurt.

Best of luck,


Link to comment
Share on other sites

what would it be labled under task manager? cause i dont see any backdoor.bot in my taskmanager


Hello Diamond, please follow these steps: And remember do NOT delete anything.


Run Hijack Scan and save a log. Once a log file is saved to your desktop, please attach it to or paste it in this thread.


Link to comment
Share on other sites

Ok, thank you. Please remove the following by selecting them in Hijack Scan and clicking Delete and then run another scan with S360.

You must remove:

  • O4 - HKCU\..\Run: [MicrosoftUpdate] C:\Documents and Settings\Administrator\Application Data\taskeng.exe


You can remove the Ask Toolbar:

  • O23 - Service: ASKService - Unknown owner -C:\Program Files\AskBarDis\bar\bin\AskService.exe
  • O23 - Service: ASKUpgrade - Unknown owner -C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
  • O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  • O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
  • Use the unlock and delete to remove:

    C:\Program Files\AskBarDis\bar\bin\AskService.exe

    C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe


You may want to remove the AIM toolbar:

  • O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html

Link to comment
Share on other sites

Ok i deleted that and did the scan again and it showed up and i hit remove and then did another scan and its still there. gosh this virus is a pest (sorry for me being a pest)


Haha you're not being a pest don't worry. Please paste your scan log, which is found at "C:\Program Files\IObit\IObit Security 360\IObit Security 360 report.log".

Link to comment
Share on other sites

ok lol heres the log it says it says it removed it but its still there >_<

IObit Security 360


OS:Windows XP


Define Version:1103

Time:8/5/2009 12:01:50 AM



Tracking Cookies - Removed, Cookies, Cookie:administrator@ad.yieldmanager.com/, 7-1548

Backdoor.Bot - Removed, Registry Value, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Value=Taskman, 4-6120

Link to comment
Share on other sites

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE



Since you're using Avira now for your antivirus, please check Add/Remove Programs in Control Panel and remove Symantec's LiveUpdate.


If above entry is still there after uninstalling, you can simply remove it.


Might as well try the uninstaller from Symantec, also.

Link to comment
Share on other sites

umm ok i went to the add/remove programs and i dont see the Symantec's LiveUpdate?



Click here and download Norton's removal tool for whichever version of Norton's you have had on your machine before. After you've run it, reboot your computer, and if the entry

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

still exists, remove it.

Link to comment
Share on other sites

hi diamond


it is not wise to experiment all the time using your pc changing setting and so on


PCs do not malfunction if they are left alone (if you are using an extra old- pc its OK)


Now if u want to clear left overs and remove or simply disable useless services you can do it through CONTROL>ADMINISTRATING TOOLS>SERVICES........... OR U write msconfig in START SEARCH line /press enter.... where u can disable services


If u have ASC of IObit installed go ASC>Utilities>Administration Tools>Software Uninstaller>System Services........ It gives u the option to remove services



There is and other option to remove Useless-Left Folders in the Tree Structure in Windows Explorer

and to clear useless entries in REGISTRY (regedit in START SEARCH .....) given u are very-very-very carefull in what u are doing



Link to comment
Share on other sites



OK diamond Do Nothing


anything i wrote in previous post is supposed to be for advanced users


i am using PCs for more than 20 years and believe it or not i made no mistake using all these cause i had learned much before i use anything



Link to comment
Share on other sites

Hi diamond

The one advice you should be following is to use the Symantec removal tool.

This ought to solve the problem you described.


After that if you still have a problem, describe it and we will try to give you step by step description of what to do.








lol you guys are confusing me so what am i spose to be doing/using?
Link to comment
Share on other sites

hi Diamond


from you are attached reports it seems there is a servise for updating NORTON antivirus of SEMANTEC corp.


If u have a HEWLETT PACKARD (HP) pc , it comes with a preinstalled FREE TRIAL version (for a month i think) which the dealers sometimes remove and install a real free antiv like AVG,AVIRA,AVAST etc.


Or maybe u installed this NORTON antiv and after u removed it


u can browse in WINDOWS EXPLORER to see if there is folder with name SEMANTIC ....


AFTER uninstalling NORTON remains entries here and there and this applies and for other programs sometimes due to inadequate design of their uninstaller or for practical reasons


Usually these lefts are not a problem and i doubt if u can find more than 5% of all users worldwide with no left-overs like these.


Some Programs not very trusted maybe leave small programs behind in order to spy or other purposes (i don't believe SEMANTIC does)


Dnaburrito proposed u to download a Semantec Removal Tool which i personally don't prefer cause there is no garantee that this progam does not leave its own left-overs (i don't know)


Using msconfig and locating the service

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

u can disable it but u must be carefull (u can not remove it)


Finally i also advise u to follow Danburritos's suggestion and use NORTON REMOVAL TOOL



Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...