Hello and can ypu help?

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

BleepingComputer.com > Security > AntiVirus, Firewall and Privacy Products and Protection Methods

Hello and can ypu help?, Hakdoor problem

Options

drog1998 View Member Profile	Mar 4 2005, 02:42 PM Post #1
New Member Group: Members Posts: 1 Joined: 4-March 05 Member No.: 13,559	Hi all, handy site - just hope it can help me and i might be able to help others at some point. Im having trouble following these steps below form this post on this forum: http://www.bleepingcomputer.com/forums/ind...showtopic=10501 QUOTE To remove this infection you must remove the following registry keys: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winlow HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\winlow HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdmt16 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\vdmt16 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\drct16 Ok I can do this bit no problem but the paragraph below i dont understand how to do. How do i remove permissions then add permission and then take ownership? And what is sc delete? is that a registry command? These keeps need to be removed first but you must remove all permissions to the keys, then add everyone to it with full permission and then take ownership to delete them: QUOTE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VDMT16 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINLOW This can be accomplished easily in Windows XP by running: sc delete winlow sc delete VDMT16 and then delete the Winlogon Notify key. Id be grateful for any help, apologies if i'm being a newb.

Grinler View Member Profile	Mar 6 2005, 10:42 PM Post #2
Bleep Bleep! Group: Admin Posts: 29,873 Joined: 24-January 04 From: USA Member No.: 3	Are you using XP? If so then just click on start, then run, and type: sc delete winlow and press the ok button. Then click on start, run, and type: sc delete VDMT16 and press the ok button. -------------------- Lawrence

« Next Oldest · AntiVirus, Firewall and Privacy Products and Protection Methods · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 9th January 2009 - 04:33 AM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Malware Removal Guides