Backdoor Trojan MS.DLL
Posted 19 July 2004 - 07:01 PM
Posted 19 July 2004 - 08:13 PM
Posted 19 July 2004 - 08:30 PM
Nip could you run that threw a little dumbd down for me
I'll try <G>.
Well, I got rid of the .dll and here's how I did it. Replace "logojfk.dll" with the .dll you're trying to kill, and the commands referenced must be executed at the prompt of the directory in which the file exists, in my case C:\Windows\System32. The commands were run in a command window (Select "Start", "Run" then type "cmd" and hit "Enter"). This procedure requires a limited use of the DOS prompt, so if you're not a little DOS savvy you may want to find help. It also assumes you know how to restart your PC in "Normal" mode and "Safe" mode.
1) In Normal boot mode I did the command "cacls logojfk.dll /P Administrator:F", (with a space before the /P), and selected "Y" at the next prompt. I then tried to run "del logojfk.dll" but got "Access Denied"
2) I restarted in Safe mode and did exactly the same as above with the same results, but instead of "Access Denied" it said "File not found".
3) I restarted in Normal mode, and did the "cacls" command as above, but then ran the command "dir L*.dll" and lo and behold it displayed the .dll in question, logojfk.dll (along with all .dll's beginning with the letter "L"). I ran the command "attrib logojfk.dll" to see if I needed to reset any file attributes, but the archive bit was the only one on. Next I ran "del logojfk.dll" and successfully deleted the file. At this point I no longer got the virus warning, so I ran HJT and it still showed the .dll on the last line of the log file. SO, I checked the box, let HJT fix it, and the next log showed to be clean. Hope this helps somebody, this is a pesky bugger!
As usual, no gaurantees, no-money down, your mileage may vary, etc.
Posted 19 July 2004 - 08:35 PM
Posted 19 July 2004 - 08:54 PM
Posted 19 July 2004 - 09:09 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users