I've read through a lot of the threads and have tried fixing the problem myself, but to no luck. A few days ago, I stupidly clicked on a link in an instant messenger window. I was still able to connect online after that, but now I can't. I'm using another computer right now. I ran a full system scan with AntiVir9x and it found some Trojan Horses, but it couldn't delete them. It said it would delete them at the next restart, but it didn't because I ran another full system scan and it found them again. I ran AdAware and Spyware Doctor and they didn't find anything. I tried running Spybot Search & Destroy, but it couldn't begin without Internet updates, which I can't get because I can't get online on my computer. I tried installing CWShredder, but I got an error stating it's not supported by my OS. I tried running RootkitRevealer, but I got an error and it won't open. When I restart my computer, it usually won't load Explorer. It will start and then stop before showing my desktop. If I press Control Alt Delete and then press Cancel, it will continue, though. If I press Control Alt Delete, my only options are End Task, Shut Down, and Cancel. There is no "Processes" tab or other tabs. The files "msdirectx.sys" and "xz.bat" appear in my C: folder. If I delete them, they reappear after I restart. I read that HijackThis doesn't find these files, so I don't know what to do about them. I'm going to download Firefox and stop using IE once I can get back online. I've attached my HijackThis log. Any help is greatly appreciated. Thanks.
Cannot connect online because of virus, rootkit, etc.
- Thread starter lnmagnee
- Start date
- Status
RoadKiller
Posts: 15 +0
Try to remove ur hard disk and put it in the computer ur using right now and make it a slave then try to scan the hard disk, maybe u can remove it now.if u still have no luck try to reformat it.
blue_dragon
Posts: 188 +0
Why doesnt Spybot not work without internet access?
If your Spyware Search and Destroy is completely out dated, you can try and download the latest version of the software on another computer, save it to a disc and then install it on your computer
Heres the second option:
Im not sure if Windows ME has safe mode but if it does you get into it by usually hitting delete or f8, once in safe mode try running all your software and see if it works
I am puzzled that Spybot doesnt work if have been able to use it in safe mode without interent access either
If your Spyware Search and Destroy is completely out dated, you can try and download the latest version of the software on another computer, save it to a disc and then install it on your computer
Heres the second option:
Im not sure if Windows ME has safe mode but if it does you get into it by usually hitting delete or f8, once in safe mode try running all your software and see if it works
I am puzzled that Spybot doesnt work if have been able to use it in safe mode without interent access either
snboarder113
Posts: 17 +0
good luck
i wouldn't suggest transfering the hard drive into the computer you are on now, it may infect that computer also, your best bet is to reformat (completely wipe ur hard drive) and start from scratch, b4 you do this make SURE you have all the right boot and driver disks and your operating system disc, once you "format" your disc drive everything will be lost, so if there are things you need to save i would suggest buying a USB flash drive and transfering them cautiously to your other computer making sure to scan the files you transfer, i believe in windows ME (not sure) you can open windows explorer, right click on "C" drive and select "Format" and that will be able to wipe ur disk from there, make sure you have all your backups though.
Good Luck!
or take your computer to a technician and pay alot, for instance Best Buy's Geek Squad does that type of thing.
i wouldn't suggest transfering the hard drive into the computer you are on now, it may infect that computer also, your best bet is to reformat (completely wipe ur hard drive) and start from scratch, b4 you do this make SURE you have all the right boot and driver disks and your operating system disc, once you "format" your disc drive everything will be lost, so if there are things you need to save i would suggest buying a USB flash drive and transfering them cautiously to your other computer making sure to scan the files you transfer, i believe in windows ME (not sure) you can open windows explorer, right click on "C" drive and select "Format" and that will be able to wipe ur disk from there, make sure you have all your backups though.
Good Luck!
or take your computer to a technician and pay alot, for instance Best Buy's Geek Squad does that type of thing.
Did you run HJT in safe mode? There are a few items I'm not sure about you might need to "fix". Do you know what programs these entries are for?:
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [fresxstyle] LOCKBAR.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [fresxstyle] LOCKBAR.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [gstdtw] C:\WINDOWS\SYSTEM\epelux.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot(this is prob Norton Symantic???)
O4 - HKLM\..\Run: [fresxstyle] LOCKBAR.EXE
Another thing you could try is uninstall IE and then reinstall it. Then set tools/internet options/connections/LAN settings: check auto detect.
There a many experts here hopefully someone will see this and respond with some real help.
PS: This is no smear from pervious post, just a smear of myself.
Cheers.
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [fresxstyle] LOCKBAR.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [fresxstyle] LOCKBAR.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [gstdtw] C:\WINDOWS\SYSTEM\epelux.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot(this is prob Norton Symantic???)
O4 - HKLM\..\Run: [fresxstyle] LOCKBAR.EXE
Another thing you could try is uninstall IE and then reinstall it. Then set tools/internet options/connections/LAN settings: check auto detect.
There a many experts here hopefully someone will see this and respond with some real help.
PS: This is no smear from pervious post, just a smear of myself.
Cheers.
I ran many anti-virus and anti-spyware programs and they didn't help. I searched for "xz.bat" on Google and found this article . I followed the directions and my computer seems fine now. The files "xz.bat" and "msdirectx.sys" are no longer where they were and that Lockbar program isn't running anymore.
- Status
Similar threads
