01-26-2011, 11:25 AM | #11 | |
Nomadic Tribesman
Join Date: Nov 2008
Location: Brampton, Canada
Moto: '09 ER-6n
Posts: 11,150
|
Quote:
All in all, that's pretty bad. It's also damned tough to remove, once it has gotten to a certain state of infection. I generally use either a Windows PBE boot CD or something like BART PE, in order to boot into the system and start a manual cleaning, before I move on to the utilities that I've mentioned. That gives me about a 95% positive result, but I still occasionally have to reinstall Windows.
__________________
"Everything's better with pirates." - Lodge, "Dorkness Rising" http://www.morallyambiguous.net/ |
|
01-26-2011, 11:46 AM | #12 |
Trailer Queen
Join Date: Aug 2010
Location: Richmond, VA
Moto: 919
Posts: 17
|
I've removed 4 or 5 variants of this type of virus, some of which have been more embedded than others. 1 was really devious and took every skill and utility that I had to remove it.
From what I found on the web, this one consists of a single executable existing in the temp folder, and changes to the proxy settings in IE to block traffic. Removal should be fairly straightforward (kill running exe process or use other boot media; delete the executable from the machine, and correct the proxy settings via regedit or the IE menu itself) |
01-26-2011, 12:01 PM | #13 | |
Nomadic Tribesman
Join Date: Nov 2008
Location: Brampton, Canada
Moto: '09 ER-6n
Posts: 11,150
|
Quote:
__________________
"Everything's better with pirates." - Lodge, "Dorkness Rising" http://www.morallyambiguous.net/ |
|
Bookmarks |
|
|