

Ask HN: How to kill the Trojan horse PSW.Agent.ABTK - newsdog

This little gem has installed itself as a dll called msbixnl.dll (It's apparently random in each installation) and linked to every executable on my XP box.<p>If I remove it with AVG I get an avalanche of complaints.<p>My XP box is unusable. I need to kill this thing without nuking my system.<p>Any ideas?
======
noonespecial
fdisk it from linux, Its the only way to be sure. :)

Seriously though, the only way to fix stuff like that is to get outside the
system. Boot with a livecd like knoppix and run a virus scanner on the
infected partition.

There's usually no way for an infected system to "heal thyself" without an
uninfected reference point to work from. If you have to boot into the
compromised OS to try to fix it, the malware gets the first move.

------
profquail
Try Malwarebytes Anti-Malware. One of my friends got a nasty little piece of
Malware on his computer last year, and that was the only thing I found that
could get it off.

<http://www.malwarebytes.org/mbam.php>

~~~
newsdog
love to, except I cannot bring up ff ie8 or chrome - they all kak.

------
newsdog
I've got an idea.

I'll kill msboxnl.dll - it's just living in the system32 dir - and REPLACE it
with some harmless dll!

Anyone got any ideas on what harmless dll to use?

