Re: How would I have manually removed Trojan-Downloader.Win32.ConHook.bd

From: <ToddAndMargo@xxxxxxxxxxx>



The Conhook a Trojan (aka; Klone Trojan), it is *NOT A VIRUS* and it protects its
Winlogon/Notify Key.

Boot into the "Recovery Console". Login as Administrator.

Delete; c:\windows\system32\INFcms.dll

Reboot into Normal Mode.

Delete the Registry key...
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\INFcms
|
| Now that, I did not think of. Very sneaky. Thank you.
|

YW :-)

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


.

Relevant Pages

  • Re: recovery console problems
    ... >> I recently installed recovery console on my Dell XP Pro ... >> console because it insists on administrator password. ... as blank out the Administrator password so anyone could login. ... The permissions in the registry only let an account in the ...
    (microsoft.public.windowsxp.general)
  • RE: Unable to login to clear pagefile.sys problem
    ... >W2k Sp4 and when I login as Administrator I get a message ... >creating a pagefile then retrying back in my computer. ... Boot into the Recovery Console and replace the SYSTEM hive with the ...
    (microsoft.public.win2000.general)
  • problem recovery console administrator password
    ... I know the password administrator for my windows 2000 professionnel, ... I login with the administrator count normaly. ... I want to do some thing by login with recovery console but i can'nt login ...
    (microsoft.public.win2000.security)
Quantcast