ahoier at gmail
Apr 6, 2007, 6:22 AM
Post #2 of 2
I would try running the Windows Live OneCare scanner in "Safe Mode
with Networking" :) Goto msconfig, Boot.ini tab, toggle on "SAFEBOOT"
and then click the "NETWORK" radio button. Hit OK, and when prompted
to restart, restart ;)
You should boot up into Safe Mode with Networking...if you are put to
the XP Login screen, chose either your user account, or
Administrator...it may take Admin privs to remove the trojan...but
since you're in safe mode your user account should work fine to remove
from there? Open IE and run the Full Service One Care scan and let it
do it's thing.
Hope this helps...Im not too fluent in Knoppix...but the past
infection I had, this safe mode method worked for me.
Does ClamAV detect the trojan? If not, be sure to submit it to get it
added to the definitions ;)
On 4/6/07, C V <cjv1001 [at] gmail> wrote:
> I found a trojan virus on my windows notebook using Windows live one care. I
> proceeded to run this virus scanner 3 more times before I received a clean
> It is my understanding that a trojan can dump its payload (so to speak) so
> as to cause further problems at a later time. So, I thought I could use
> clamav on a flash drive and boot up the windows notebook using Knoppix
> distribution of Linux so as to isolate drive c:(which is bootable for win
> xp) in order to make sure no further instances trojan or its reminants would
> remain (I understand the best solution is to wipe drive c: and restore the
> hard drive; however, I am trying to avoid this tedious procedure).
> Do you think this would be a workable solution and if so, what procedure(s)
> should I follow to accomplish this task. I have some experience with
> computers but a step by step approach would be appreciated. If you have
> other suggestions, please include them.
> Thanks, Chris