Page 1 of 1
					
				Virus help.
				Posted: 2004-12-23 12:49am
				by fgalkin
				Ok, I have Norton Antivirus and it is sounding every alarm it has. Apparently, my computer has the PWS.Hooker.Trojan, but Norton cannot remove  (or quarinatine) the fucker. I tried to delete the infected file (C:/Windows/system32/APIHook.dll) manually, but windows tells me it cannot do that as the file is in use. I tried deleting it while running in safe mode, but that didn't work either. 
I also got AVG antivirus to get a second opinion, but it does not detect the virus. So, is this a false alarm, and if it isn't, what do I do to kill it?
Have a very nice day.
-fgalkin
			 
			
					
				
				Posted: 2004-12-23 01:13am
				by darthdavid
				I think that's an essential file so it's good that you didn't manage to delete it. What I'd do is try pointing AVG directly at the file while in safe mode and seeing if it can detect anything that way. If it can't, I'd research the file. If it turns out to be legit and important you can find an un-infected version of the file off the net, boot up a knoppix live cd, delete the offending file, replace it with a clean file and presto, you're all set. Oh and remember this above all else
In soviet russia you infect virus!!!
			 
			
					
				
				Posted: 2004-12-23 01:20am
				by CDS
				First of all, this trojan is a keylogger trojan. 
DO NOT TYPE IN ANY SENSITIVE INFORMATION SUCH AS PASSWORDS UNTIL THE VIRUS IS REMOVED - if at all possible, disconnect your computer from the internet.
Removal instructions, alongside information on the virus can be found 
over at symantic's website
Once you have sucessfully removed the virus, 
It is vital that you change all of your passwords 
			
					
				
				Posted: 2004-12-23 01:24am
				by fgalkin
				Never mind, Norton got it this time.
Have a very nice day.
-fgalkin
			 
			
					
				
				Posted: 2004-12-23 02:45am
				by CDS
				Don't forget.. change passwords. Now. Go on. Do it!
Why are you still reading this?
GO!
			 
			
					
				
				Posted: 2004-12-23 02:57am
				by fgalkin
				CDS wrote:Don't forget.. change passwords. Now. Go on. Do it!
Why are you still reading this?
GO!
Most of my passwords are stored in Mozilla, so I don't have to enter them. I've changed the ones that I do type in.
Have a very nice day.
-fgalkin