E
Ekonomski fakultet
on Windows Xp Professional...
file infected is c:\windows\system32\aupdate.exe
I don't have floppy disk.
file infected is c:\windows\system32\aupdate.exe
I don't have floppy disk.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
G
Gabriele Neukam
On that special day, Ekonomski fakultet, ([email protected]) said...
Not good. One possibility is: Burn a bootable CD-Rom, add an anti-trojan
program, and use it for cleaning. If you need a (clean) boot disk, you
can try www.bootdisk.com, where you can download one.
But the name "WebDL-K" makes it look like this trojan is a downloader,
this means it will fetch one more program from internet and install it,
perhaps another trojan, and this trojan then can introduce some more
"friends".
Once it has itself installed, your PC will forever suffer from the
trojan. If you remove one, another will be there. It is like cockroaches
in the kitchen.
Better burn the house. Backup your data files (and NO programs), then
format the hard disk. Reinstall Windows on a completely pure hard disk.
Everything else is unsafe.
Think of Valve. Their computer was infected with a keylogger. The
keylogger sent passwords to "someone". The "someone" then logged into
the server of Valve, with the stolen password, and stole the complete
source code of Half Life 2. After the password had been reveiled, it was
too late to remove the keylogger, the harm had already been done.
A downloader can download and install many things, including a
keylogger. So, after the new Windows installation, you *must* change all
passwords.
Gabriele Neukam
(e-mail address removed)
on Windows Xp Professional...
file infected is c:\windows\system32\aupdate.exe
I don't have floppy disk.
Not good. One possibility is: Burn a bootable CD-Rom, add an anti-trojan
program, and use it for cleaning. If you need a (clean) boot disk, you
can try www.bootdisk.com, where you can download one.
But the name "WebDL-K" makes it look like this trojan is a downloader,
this means it will fetch one more program from internet and install it,
perhaps another trojan, and this trojan then can introduce some more
"friends".
Once it has itself installed, your PC will forever suffer from the
trojan. If you remove one, another will be there. It is like cockroaches
in the kitchen.
Better burn the house. Backup your data files (and NO programs), then
format the hard disk. Reinstall Windows on a completely pure hard disk.
Everything else is unsafe.
Think of Valve. Their computer was infected with a keylogger. The
keylogger sent passwords to "someone". The "someone" then logged into
the server of Valve, with the stolen password, and stole the complete
source code of Half Life 2. After the password had been reveiled, it was
too late to remove the keylogger, the harm had already been done.
A downloader can download and install many things, including a
keylogger. So, after the new Windows installation, you *must* change all
passwords.
Gabriele Neukam
(e-mail address removed)
R
Rodriguez
I think I solved my problem.
I downloaded SAV32CLI from Sophos web page, and burned it on CD.
After that, I started WinXP in Safe mode, run sav32cli from cd...
and Trojan was removed. Program deleted aupdate.exe with trojan.
After that I restart windows, run Sophos antivirus with newest update, and
there is no trojan anymore on my disk.
And there is also no aupdate.exe
I don't know if I need this file or it is created with trojan...
I downloaded SAV32CLI from Sophos web page, and burned it on CD.
After that, I started WinXP in Safe mode, run sav32cli from cd...
and Trojan was removed. Program deleted aupdate.exe with trojan.
After that I restart windows, run Sophos antivirus with newest update, and
there is no trojan anymore on my disk.
And there is also no aupdate.exe
I don't know if I need this file or it is created with trojan...