By Sophacles
Jun 21, 2006
  1. Same problem as jon2367

    I'm having the exact same problems as Jon. The machines have updated virus definitions and I have tried the safe mode solution. Norton alternates between w32.rontokbro@mm and w32.rontokbro.b@mm and deletes the payload quickly, however it continues to drop its load unless I disconnect the machine from the network. I am a net admin (as it appears Jon is) and I am looking for a way to trace the source. Any ideas? I have all the guest accounts turned off so I'm not sure what account is being used to create the files. Any takers on a solution?
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

    Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

    Now run your antivirus programme again and delete whatever it finds.

    Reboot into normal mode and turn system restore back on.

    Then, go HERE and follow the instructions exactly.

    Post a fresh HJT log into this thread, only after doing the above.

    Regards Howard :wave: :wave:
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...