cannot remove
Adam Pavelec
apavelec@benefit-services.com
Mon Apr 21 22:07:00 2003
On Monday, April 21, 2003 4:11 PM [GMT-0500=EST], jackrho@piasanet.com
<jackrho@piasanet.com> wrote:
> I have no idea where this program came from I did not knowingly
> install it
> and everytime I boot it is there. There is no trace of it in the start
> menu,The windows explorer does not show any program folders for it and
> Search finds no trace of it.
> I went into regedit and found two copies under HKEY_LOCAL
> MACHINE\SOFTWARE\ORL and under HKEY_USERS\SOFTWARE\ORL I delete both
> of
> these and reboot and it is right back. I'm not a certified Microsoft
> technician and I'm lost. HELP if you can PLEASE!!!
From:
http://www.f-secure.com/v-descs/deloader.shtml
Deloder is a network worm infecting Windows machines which have set a weak
password to the "Administrator" account. It also installs remote access tool
VNC, opening the computer to the world.