willowoak: (stealing the sun)
( Jul. 6th, 2006 10:36 am)
Well, I think I've managed to vanquish (at least temporarily) that particular trojan. At least, the AV that first found it isn't finding it NOW. :)

Thanks to [livejournal.com profile] evilbunny for the links. Sadly, neither was completely helpful...but they did point me in a couple of useful directions. Particularly the bleepingcomputer site. I used the autoruns.exe in Safe Mode and unchecked all instances of the .dll file. But I still couldn't delete the bugger.

Then I got the idea (from another AV program) of changing the file's extension name. So, the file is no longer on autorun AND the extension is changed. Once I rebooted the computer, it was simple enough to find and delete the file.

We'll see if the bastard script manages to replicate itself. But for now, no virus.

Go me!
willowoak: (Default)
( Jul. 6th, 2006 01:15 pm)
For reminding me about the whole backup situation. I have an external HD and back up my data regularly. I didn't *think* I'd backed it up after getting hacked, but decided to check the HD and make sure, so that when I back up...and if I can locate OS disks to re-format...I can be sure that the infection is gone.

Again with the re-start in Safe Mode. And yes, no evil .dll file on the external drive. And I did track down and remove the last little bit of the infection on the internal HD. The file was gone, but the autorun script wouldn't delete before. Now I've removed it.

So many things to remember.
.

Profile

willowoak: (Default)
willowoak

Page Summary

Powered by Dreamwidth Studios

Style Credit

Expand Cut Tags

No cut tags