I've tried everything from downloading multiple anti-virus/spyware/malware programs, going into the registry, and deleting it from the Task Manager, but whwnever I try anything it says "Object is critical to system function, Access denied". Please help...
1st- Do this 2nd- W32/Sdbot-HX is a worm which attempts to spread to remote network shares. It also contains backdoor Trojan functionality, allowing unauthorised remote access to the infected computer via IRC channels while running in the background as a service process. W32/Sdbot-HX copies itself to the Windows system folder as DLL6DSYS.EXE and creates entries in the registry at the following locations to run itself on system startup: HKLM\Software\Microsoft\Windows\CurrentVersion\Run HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices HKCU\Software\Microsoft\Windows\CurrentVersion\Run W32/Sdbot-HX spreads to network shares with weak passwords as a result of the backdoor Trojan element receiving the appropriate command from a remote user, copying itself to the file PAYLOAD.DAT on the local machine at the same time. Also: Check your administrator passwords and review network security. You will also need to edit the following registry entries, if they are present. Please read the warning about editing the registry. At the taskbar, click Start|Run. Type 'Regedit' and press Return. The registry editor opens. Before you edit the registry, you should make a backup. On the 'Registry' menu, click 'Export Registry File'. In the 'Export range' panel, click 'All', then save your registry as Backup. Locate the HKEY_LOCAL_MACHINE entries: HKLM\Software\Microsoft\Windows\CurrentVersion\Run HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices and remove any reference to any file you deleted. Each user has a registry area named HKEY_USERS\[code number indicating user]\. For each user locate the entry: HKU\[code number]\Software\Microsoft\Windows\ CurrentVersion\Run\ and remove any reference to any file you deleted. Close the registry editor. Just a few things I found using google.
You got hit with a botnet. You should try to reformat if you could. Another thing to try is booting it in safemode and then running the scans. Get nod32 or just find the file and manually remove it in safemode. Then run the scan in windows.
Why does everyone say format? Theres always another way. Use a registry scanner if you dont want to risk doing it yourself, but do the registry thing is safe mode
Usually viruses will do modify your registry in ways that you don't even relize. And most if any will not catch it. The viruses that are made better will attach themselves to your explorer.exe file or embed it in some dll file. The only way to get rid of it that way is to know which file it is in or Reformat. Considering there is no real way to know exactly everthing the virus has done, it is probably easier and safer in the long run.
