Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: Saintaw on February 27, 2003, 02:12:13 PM
-
UMRG32.exe is infected by a trojan (so my AV software says: BKDR_BO2K.10). I can't delete the file, not stop the service (tried deleting the file & stopping the services, both were denied to me, eventhough I am logged as admin).
How can I get rid of it ?
-
try booting to safe mode and deleting the file.
-
Boot to a command line and copy a clean version from your install directory.
-
How did you manage to get back orifice to your computer?
Tsk tsk..
http://www.hackfix.org/bofix/fix2k.shtml
-
It is not actually mine (I'm running XP) but my neighbours...I have no clue on how he managed to get that one, as he is as computer savy as my inlaw ;) (j/k Michel!) I'll try the above fixes when I get back home this evening, thanks :)
-
In this case you can mount his HD on your computer
-
What antivirus program do you have? NAV can remove it. If you can't get rid of something from inside windows w/ NAV, you just boot from the NAV (or NIS or NSW(which comes w/ NAV)) CD and run the virus removal tool. Since your OS isn't running, there are no files in use.
-
Tried deleting it from a dos box?
SKurj
-
If his drive is FAT32 you can boot from a floppy and replace the file. If not, you can boot from his Win2K CD and run install in repair mode.
-
Yeah or he can do it the easy way as described on the instructions on the net LOL.
-
It's been done, thanks :)
-
It's always a good idea to keep an eye on the process list also. I found out once that a server of a friend of mine was compromised.. Someone was using it to share warez on the net :)
How did I find it out? I browsed the task list and saw processes running that shouldn't be there. I then opened google and saw those processes were related to irc and hacking.. :)