Friday, April 27, 2007

Infected by Trojan Again...


This is BFGhost, it's a Remote Administration Tool and it's dangerous. If you haven´t been administrating your computer remotely and find it on your computer, somebody has been using it to control your machine and could be spying on you. If that's the case you should take counter-measures immediately.

You can either download SpySweeper (which is the safest option if you're not a power user).

OR

Follow the following instructions for manual removal:

1. Kill the following processes in the Task Manager:
bfghost.exe, editmm.exe, conime.exe

2. Unregister service.dll in Windows\system\

How? Start - Run - copy and paste:

REGSVR32 /u C:\Windows\System\service.dll

Press Enter and REBOOT.

3. Remove the following files
bfghost.exe, editmm.exe, read it.txt.
conime.exe in Windows\
regsys.vxd, service.dll in Windows\system\

*Note: You're only in trouble if the mentioned combination (with bfghost.exe, editmm.exe) is present on your computer.

(Source: Kaspersky Lab Forum)

P.S. Thanks to one of my readers, Mike for giving me an idea on how to clean this thing up. Also, thanks to the member of Project101 and Babyfiona for the useful guidelines ^^v

2 comments:

  1. Gee that's a bummer! I HATE Trojan! Pathetic irritating nonsense that disturb your only source to the internet world!

    Well glad you've taken it away! Last time when i have the SVGhost, it was IRRITATING!

    Never gotten BFGhost though but NEVER want to!

    ReplyDelete
  2. Nastasshea: *sob sob* i'm still struggling here... fighting against da trojan >.<" tryin' 2 remove 'em. My result is...

    22468 files scanned, 573 file(s) infected on your disk drives.

    No viruses were detected in memory.

    ReplyDelete

Dear readers,

Thanks for all your lovely comments and continual visits.
Hope I'll see you again soon! (✿◠‿◠)

xoxo,
Christina

Related Posts Plugin for WordPress, Blogger...