Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Pastimes : Computer Learning -- Ignore unavailable to you. Want to Upgrade?

To: mr.mark who wrote (34661)	6/7/2003 8:31:50 AM
From: Rick Faurot	Read Replies (1) \| Respond to of 110614

Yes, NAV identified it as Backdoor.Lolok.B, told it me it couldn't repair the infected file, which it identified as C:\WINNT\iun6002.exe and offered to quarantine it, which I agreed to. NAV says to delete iun6002.exe and reinstall it. I suppose I'd have to install it from my W2000 upgrade disc but how to install just one file I don't know. What is odd to me is the Symantec site has instructions for Lolok that are quite specific but doesn't mention iun6002.exe. It does mention a bunch of other areas where Lolok writes changes such as in mIRC and in registry. It advised uninstalling mIRC, which I did. But it says to look for a bogus file called Helpus and remove that only I didn't encounter Helpus and it doesn't show up on a search. I have yet to examine Registry to see if the virus file they mention is there. So I am basically unsure whether the Symantec instructions for Lolok also apply to Lolok.B. The page Dennis posted for Lolok.B says no additional information, but NAV was definite about the problem Lolok.B had caused. My hunch is I got this virus yesterday and since I haven't rebooted before detecting it it hasn't had a chance to migrate to other locations in my system, but I don't know that for sure. Thanks for the help. I'll post what I find.