Computer/Internet Issues & TroubleshootingAnyone with questions about the terribly complex world of computers or the internet should try here. We will also try and help with troubleshooting any technical problems you may have with the forums.
well after seven years i finally get a virus (trojan) on my pc, but i'm having a big problem eradicating it! My anti viral software successfully cleans all the infected files except one which cannot be accessed as it is constantly "in use by windows" it cannot be deleted for the same reason. I've researched the virus in trend micros online virus encyclopaedia and followed their instructions referring to deleting it in the registry, but the files they say should be deleted are not there, or are under a different name. I hope i don't need to get the HD cleaned down and everything reinstalled. Any help/suggestions/ideas appreciated.
Whats the spec of your machine? I will assume Windows.
Try rebooting your PC and loading it in safe mode (do this by pressing F8 when it boots up near the start). Then run the antivirus program. Doing this may stop the virus from running when you load up.
Secondly, when in Windows, press Ctrl+Alt+Del and have a look at the list of things running to see if anything suspicious is in there.
Failing this, and bearing in mind that you have tried the removal advice from the relevant website, a fresh install of Windows is a better solution.
Please download 'Hijack This!' from here, unzip, and place it in it’s own folder, (not in the temp folder, or on the desktop) doubleclick HijackThis.exe, and hit "Scan". When the scan is finished, click "Save Log", and copy and paste it in a reply.
This will give us a rundown of what’s going on in your PC. One of us here will be glad to analyse it for you. Don’t fix anything yourself yet, as a lot of the stuff on that list will be harmless or required.
reboot your computer in safe mode, and then run your AV prog, the trojan wont have loaded so will be able to be removed. Also shut down System restore (this will clear out anything saved in the restore area,) then restart it again. you should be better now.
Press control/alt/delete at the same time then select processes in the task manager. Find the name that cannot be deleted, click it and then click 'end process'. You should then be able to delete the file with your virus program.
Last night I had a similar situation where 2 viruses decided to very kindly make their home on my computer. One was a Trojan Horse and the other was Bloodhound.Exploit.6.
Both files were detected by my up to date Norton Anti-Virus, however the log file states that access to both files was denied and therefore the repair failed. Since then I performed a scan with both NAV and Trand HouseCall-both found no viruses. I have also ran HijackThis and there was one dodgy looking entry, so I fixed that. I have also deleted my Temporary Internet Files folder because this is where the Trojan Horse was located.
I still have that niggling feeling though that there is something still lurking in the background. Surely Norton Internet Security should have prevented those things in the first place? My security settings seemed to have changed though since installing Windows XP SP2.
Is there anything else I can do to double check my system?! Also any ideas on how to further increase the security on my PC would be greatly appreciated!
From the log file in NAV, you could get the names and locations of the Malware Files. Then, in Windows Explorer (make sure you have Explorer set to show Hidden and System Files) look to see if the files are still on your computer.
One other program that you could use along with a fully updated NAV and HouseCall is:
Can you reboot (in case you normally leave the machine on) and then post up the HJT log (disable smilies before posting). I'll have a look through it for you. If you can remember the name of the file you deleted, it would help. It may of course show up again anyway.
Tried the "safe mode" thing, but on start up with CTRL or F8 held i end up in BIOS setup menu and not Windows startup menu and it says nothing about safe mode in any of the options! I'm not a computer guru so any simple language would be much appreciated! this is driving me nuts
How can I be 100% sure a virus has been fixed?!
One was a Trojan Horse and the other was Bloodhound.Exploit.6.
Surely Norton Internet Security should have prevented those things in the first place? My security settings seemed to have changed though since installing Windows XP SP2. 
Linear Mode
