E-Gold Trojan - gdiwxp.dll & gdiw2k.sys
Aiyoh
I think I got that Trojan from an AutoSurf Site!
SYMPTOMS TO WATCH OUT FOR!!!
When you login to your E-Gold Account
You enter ID, Password & Turing as per normal.
SUDDENLY you are presented with another
legitimate e-GOLD TURING PAGE.
(as if you entered wrong turing number)
DO NOT ENTER AGAIN!!!
Entering the TURING will somehow change ALL your
security settings to least effective.
I entered the Turing and my settings changed
**************************************
YAY! Found a Solution.
**************************************
Steps:
1 - Boot your PC up in SAFE MODE
2 - Do a search for these 2 files
gdiwxp.dll
gdiw2k.sys
If your system has these 2 files - 99.99% INFECTED!!
(Note - Other GDI files are legitimate - do not delete them)
3 - Delete or rename the above 2 files.
4 - Search your Registry for instances of "gdiwxp" AND "gdiw2k"
DELETE all instances of the above 2 files.
Note - "Legacy-gdiw2k" is a legitimate registry - DO NOT DELETE
"gdiw2k" is NOT legitimate - DELETE IT.
5 - Reboot PC - DONE
Hope this Helps
Cheers
Kvn
I think I got that Trojan from an AutoSurf Site!
SYMPTOMS TO WATCH OUT FOR!!!
When you login to your E-Gold Account
You enter ID, Password & Turing as per normal.
SUDDENLY you are presented with another
legitimate e-GOLD TURING PAGE.
(as if you entered wrong turing number)
DO NOT ENTER AGAIN!!!
Entering the TURING will somehow change ALL your
security settings to least effective.
I entered the Turing and my settings changed
**************************************
YAY! Found a Solution.
**************************************
Steps:
1 - Boot your PC up in SAFE MODE
2 - Do a search for these 2 files
gdiwxp.dll
gdiw2k.sys
If your system has these 2 files - 99.99% INFECTED!!
(Note - Other GDI files are legitimate - do not delete them)
3 - Delete or rename the above 2 files.
4 - Search your Registry for instances of "gdiwxp" AND "gdiw2k"
DELETE all instances of the above 2 files.
Note - "Legacy-gdiw2k" is a legitimate registry - DO NOT DELETE
"gdiw2k" is NOT legitimate - DELETE IT.
5 - Reboot PC - DONE
Hope this Helps
Cheers
Kvn
posted by kor69 | 10:08 AM
2 Comments:
Hello fellow BLOGGER!!! Great blog!!!
If you’ve got time.…… Check out my site… You can even pick up great FREE ebooks with master resale rights worth $197.00 absolutely FREE, to give away or sell to your customers!!! ?
P.S. I’m adding heaps of new books in a few weeks!!!
I have a make ebook site. It pretty much covers make ebook info. :-)
Great Info! Thanks
Post a Comment
<< Home