'ello, I recently was infected with a trojan on my Windows XP computer. I ran Ad-Aware and during this scan popped up a niftly little "System must restart because DCOM server process launcher terminated unexpectedly" <-this gave me a 1:00 minute countdown until my computer restarted.
According to the Lavasoft website, "This is most probably caused by a malware known as KILL-AV (detected by Ad-Aware as Win32.Trojan.KillAV), which attempts to thwart Anti-Spyware and Anti-Virus programs by restarting the computer before a scan and removal is complete."
I followed their solution and cancelled the scan with approx 20 seconds left till shut down, continued with what was currently found by Ad-Aware (which I posted below), and quarentined/deleted it. Then my computer restarted automatically. When Windows loaded, I ran Ad-Aware again, this time it ran successfully and found some remaining Worm objects. Now feeling pretty okay about the situation, I found I could not connect online, and that the only way for me to connect was to continuously go into command and type "ipconfig /release" then "ipconfig /renew" <<this gave me about 1 minute worth of online time until I could browse no longer and it would tell me that it is unnable to connect. I am currently doing this repeatedly to be online and really hope to find an answer. I ran msconfig and looked at the startup processes, out of which i found "Ntos.exe" to be unusual in my mind. After googling the process, I was unable to delete the executable itself manually so I used FileAssassin to remove it. I'm assuming there are reminants left over of whatever it was I was hit with, but hopefully somebody out there can help me. I had an outdated Nortan Anti-Virus 2005, which I recently picked up '07, but am unable to install it on my computer simply because after I click "install" on the CD's autorun, it just does nothing (or appears that way).
Please tell me there's a way to fix this, If I am unable to remove any reminants of the virus/worm, then at least how can solve the problem of my connectivity (if they can be dealt with separately). It's annoying to continue releasing and renewing my IP.
(I have no idea what I'm looking at here so help me out please):
According to the Lavasoft website, "This is most probably caused by a malware known as KILL-AV (detected by Ad-Aware as Win32.Trojan.KillAV), which attempts to thwart Anti-Spyware and Anti-Virus programs by restarting the computer before a scan and removal is complete."
I followed their solution and cancelled the scan with approx 20 seconds left till shut down, continued with what was currently found by Ad-Aware (which I posted below), and quarentined/deleted it. Then my computer restarted automatically. When Windows loaded, I ran Ad-Aware again, this time it ran successfully and found some remaining Worm objects. Now feeling pretty okay about the situation, I found I could not connect online, and that the only way for me to connect was to continuously go into command and type "ipconfig /release" then "ipconfig /renew" <<this gave me about 1 minute worth of online time until I could browse no longer and it would tell me that it is unnable to connect. I am currently doing this repeatedly to be online and really hope to find an answer. I ran msconfig and looked at the startup processes, out of which i found "Ntos.exe" to be unusual in my mind. After googling the process, I was unable to delete the executable itself manually so I used FileAssassin to remove it. I'm assuming there are reminants left over of whatever it was I was hit with, but hopefully somebody out there can help me. I had an outdated Nortan Anti-Virus 2005, which I recently picked up '07, but am unable to install it on my computer simply because after I click "install" on the CD's autorun, it just does nothing (or appears that way).
Please tell me there's a way to fix this, If I am unable to remove any reminants of the virus/worm, then at least how can solve the problem of my connectivity (if they can be dealt with separately). It's annoying to continue releasing and renewing my IP.
(I have no idea what I'm looking at here so help me out please):