Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Virus - Need info identifying.

  • 28-12-2005 9:43pm
    #1
    Closed Accounts Posts: 20,759 ✭✭✭✭


    ƒ


Comments

  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    I believe it to be a trojan with a keylogger for finding Pop3 passwords. Did your AV software find it as being Trojan.Satiloler?

    If so, it overwrites certain legitimate Windows files and programs, such as ctfmon and userinit.

    dive into the registry and go to
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and see if anything strange has been added. If you want to post a screenshot of what your seeing, or PM me, I can tell you if the offending executable is there.

    Once you find it, delete the registry key, restart the computer, and then run a full AV scan, and something like SFC aswell to repair the damage.


  • Closed Accounts Posts: 20,759 ✭✭✭✭dlofnep


    syklops wrote:
    I believe it to be a trojan with a keylogger for finding Pop3 passwords. Did your AV software find it as being Trojan.Satiloler?

    If so, it overwrites certain legitimate Windows files and programs, such as ctfmon and userinit.

    dive into the registry and go to
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and see if anything strange has been added. If you want to post a screenshot of what your seeing, or PM me, I can tell you if the offending executable is there.

    Once you find it, delete the registry key, restart the computer, and then run a full AV scan, and something like SFC aswell to repair the damage.

    The anti-virus didn't give a name.. I got rid of it eventually. Thanks.


Advertisement