Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Hi
I'm new to trojans, viruses, etc. but seem to have multiple Downloader.Nex.B trojans on my system, infecting numerous files in C:\WINDOWS\system32\.
These were detected by Norton and AVG, neither of which can let me heal the files or move them to a vault (I've got the latest versions). AVG gives me the option to delete the files but I'm a bit wary of doing this.
I tried following the instructions for removal on the Trend Micro PC-cillin website but everytime I install the software, my PC crashes. I've also tried using the Homecall online scanning service, but again my PC just freezes up. In fact, mostly anything I try to run crashes - so frustrating!
I'm not sure whether this could be related, but I'm also having problems with the internet, as although I can connect, sometimes for a period of about an hour, I can't actually display any sites using IE5. It happens to be working now but I don't know how long for.
I don't have any System Restore points to go back to and don't really fancy wiping the hard drive as I have tonnes of files on my PC.
Any suggestions would be much appreciated.
Thanks
Try starting by turning system restore off and restarting the computer. During the restart enter the asfe mode(usually by tapping the F8 key during the boot sequence), select administrator and run your Norton scan and see if it can clean, delete, or rename the infected files. Make sure that only one antivirus program is actively running. There is no need for two, and Symantec recommends that only one is installed to prevent conflicts.
0 
These 2 links might help you
How to reinstall or repair Internet Explorer and Outlook Express in Windows XP
I would try these also:
Spybot S&DMake sure to up-date it before using it.
1-Check for problems
2-Fix Problems
3-Immunize
Good LuckTITANIC VIRUS
Your whole computer goes down
0
Thanks for your advice.
I disabled system restore and rebooted in safe mode. I ran AVG instead of Norton, as I had to uninstall this when I downloaded Trend PC-cillin.
AVG found 19 trojans and deleted 18 of them, leaving the original trojan on the system. I was unable to move it to the vault and so I clicked 'heal' which prompted me to restart. I restarted in normal mode but the original trojan has created an additional 5 infected files. Any ideas how I remove the original infected file?
Thanks again
0
Thanks for your advice.
I disabled system restore and rebooted in safe mode. I ran AVG instead of Norton, as I had to uninstall this when I downloaded Trend PC-cillin.
AVG found 19 trojans and deleted 18 of them, leaving the original trojan on the system. I was unable to move it to the vault and so I clicked 'heal' which prompted me to restart. I restarted in normal mode but the original trojan has created an additional 5 infected files. Any ideas how I remove the original infected file?
Thanks again
0
Enter the safe mode again and run AVG. I do not use AVG, but this time select rename, if AVG provides that option. If the trojan problem persists, try a free trial of Kaspersky, as it deals with trojans/worms/virus packets very effectively. If for some reason Kaspersky does not solve your problem, then give TDS3 a try.
0
Unfortunately, neither of those programs will successfully be installed on my PC. The installation seems to be okay until it gets to the last bit 'creating shortcuts' and shows the file name ending in .ink. The dialogue box then freezes. I wonder if one of the required system files has been deleted??
0
It looks like the trojan is attcking any new antivirus program instalation. Was AVG able to isolate the trojan again while the system was in the safe mode?
0
Perhaps you can isloate it and turn it off by using the task manager by using CTRL+SHIFT+ESC, then click the Processes tab. In the list of running programs, locate the malware file or files detected earlier. Do you have Adaware and Spybot. Have you ran their scans while in the safe mode? Otherwise try using the Task Manager by CTRL+SHIFT+ESC, then click the Processes tab. In the list of running programs, locate the trojan file or files detected earlier. Select one of the detected files, then press either the End Task or the End Process button. Do the same for all detected malware files in the list of running processes. To check if the malware process has been terminated, close Task Manager, and then open it again. Close the Task Manager and restart the computer and enter the safe mode and use AVG, I would hope that the file can be renamed, if not I would use AVG to delete it.
0
Thanks
They sound like good ideas but unfortunately before I had a chance to try them my system crashed and had to turn off my the power switch.Now when I boot up my desktop appears with no taskbar or icons and the only wat to restart is by pressing the power switch.
When i reboot again using f8 i can either use the select boot device screen or choose from continue with system restart or delete restoration data and proceed to systm boot menu. I'm unsure which option to choose to minimise the risk of losing hard drive data. I think that possibly because i moved infected system files to AVG virus fault the system has now become unstable.
HELPPPPPPPP!!
Louise
0
I would select the last choice(delete restoration data and proceed to system boot). Keep using the F8 key and enter the safe mode, select Administrator and run AVG. Does AVG allow you to rename the file?
0
Loise, it should not, but just in case. From your posts, I am assuming that you have another computer. If you have some important data that you have not backed up and cannot afford to loose, there are a couple of options. You could use a really good antivirus program like Kaspersky that is installed on the second computer. You should only have one antivirus program installed on your computer. Then make sure there are no infections on the working computer by running a antivirus scan. Then, I would turn off the infected computer, unplug the computer, touch the matal frame of the computer(to prevent a static discharge) and remove the harddrive. Change the jumper in the back of the drive to slave and install the power and ide cables to it. Then I would scan the slave drive with Kaspersky. If Kaspersky can get everthing clean, you can remove the drive, reset the jumper and reinstall it to the original computer. If Kaspersky cannot solve the problem, I would then back up all the data to cd's. Then I would format the hard drive and install XP as a fresh Installation. If you elect to back up the data be sure to scan the cd's using an antivirus program before you download the data in your newly installed operating system.
0
I only have one computer - I've just gone to a relative's house to use their laptop internet connection to post this message as I can't get onto my PC at all.
I tried installing the Kaspersky software yesterday before the system completely shut down but as I've found I can't install any new software and now the system won't reboot properly, I'm a little bit stuck.
So do you think the best thing would be to:
- Choose "Delete restoration data and proceed to boot system menu"
OR
- Select the CD-RW drive from the "Select Boot Device" menu and boot from the Sony Vaio CD that came with the PC (not sure if this option deletes the hard drive)?
Sorry - I'm not too hot on this stuff!!!
Thanks
Louise
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
