Re: Virus Win32.Golid.K trojan
From: orlando (orlando_at_Catskill.net)
Date: 02/18/05
- Next message: Colin Wilson: "Re: Downloader Stubby again"
- Previous message: Bigbruva: "New version (509) of Microsoft Antispyware Beta available"
- In reply to: David H. Lipman: "Re: Virus Win32.Golid.K trojan"
- Next in thread: David H. Lipman: "Re: Virus Win32.Golid.K trojan"
- Reply: David H. Lipman: "Re: Virus Win32.Golid.K trojan"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 18 Feb 2005 15:44:23 -0500
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:O5iqzefFFHA.3972@TK2MSFTNGP15.phx.gbl...
> 1) Download the following three items...
>
> Trend Sysclean Package
> http://www.trendmicro.com/download/dcs.asp
>
> Latest Trend signature files.
> http://www.trendmicro.com/download/pattern.asp
>
> Adaware SE (free personal version v1.05)
> http://www.lavasoftusa.com/
>
> Create a directory.
> On drive "C:\"
> (e.g., "c:\New Folder")
> or the desktop
> (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
>
> Download SYSCLEAN.COM and place it in that directory.
> Download the Trend Pattern File by obtaining the ZIP file.
> For example; lpt420.zip
>
> Extract the contents of the ZIP file and place the contents in the same
> directory as
> SYSCLEAN.COM.
>
> 2) Update Adaware with the latest definitions.
> 3) If you are using WinME or WinXP, disable System Restore
> http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
> 4) Reboot your PC into Safe Mode and shutdown as many applications as
> possible.
> 5) Using both the Trend Sysclean utility and Adaware, perform a Full
> Scan of your
> platform and clean/delete any infectors/parasites found.
> (a few cycles may be needed)
> 6) Restart your PC and perform a "final" Full Scan of your platform
> using both the
> Trend Sysclean utility and Adaware
> 7) If you are using WinME or WinXP,Re-enable System Restore and
> re-apply any
> System Restore preferences, (e.g. HD space to use suggested 400 ~
> 600MB),
> 8) Reboot your PC.
> 9) If you are using WinME or WinXP, create a new Restore point
>
> * * * Please report back your results * * *
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
>
>
>
>
> "orlando" <orlando@Catskill.net> wrote in message
> news:e5uS5NfFFHA.2232@TK2MSFTNGP14.phx.gbl...
> |
> | Can you hep me to get rid of this Trojan? It comes back again.
> |
> | :\WINDOWS\system32\drivers\erpogllz.sys is Win32.Golid trojan. Deleted.
> |
> | C:\WINDOWS\system32\mbtxyuek6.exe is Win32.Golid.K trojan.
> |
> | Help me to get rid of this Trojan - Golid or Golid.K
> |
> | C:\Documents and Settings\Peter\Local Settings\Temporary Internet
> | Files\Content.IE5\B3H3J5SS\s6[1].txt is Win32.Golid.K trojan. Deleted.
> |
> | This one changes every time:
> |
> | \6PXENEDC\
> |
> | \7WU5O1HU\
> |
> | \T733XXWE\
> |
> | \2HJCDCBQ\
> |
> | \W1UV0TU7\
> |
> | \B3H3J5SS\.........
> |
> | I found a folder
> |
> | C:\Literature\www.diacenter.org\permcoll\permcoll has 2 folders
> | 1-demaria\images[0.bytes,26.folders(imagesx26)]
> |
> | 2-flavin\images[0.bytes.26.folders(imagesx26)]
> |
> | I can't deleet, is untouchable, tried everything: HijackThis,
> | Killbox...nothing worked so far.
> |
> | I scanned with AdAware, Spybot, Microsoft AntiSpyware,Ez
> AntiVirus,Sysclean.
> |
> | Disabled System Restore, Safe mode... I think the solution is in the
> | registry, but I can't go there without some outside supervision.
> |
> |
>
>I had done all that before, it didn't work.
Thanks anyway.
- Next message: Colin Wilson: "Re: Downloader Stubby again"
- Previous message: Bigbruva: "New version (509) of Microsoft Antispyware Beta available"
- In reply to: David H. Lipman: "Re: Virus Win32.Golid.K trojan"
- Next in thread: David H. Lipman: "Re: Virus Win32.Golid.K trojan"
- Reply: David H. Lipman: "Re: Virus Win32.Golid.K trojan"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
