[jeff16tp]

Hi All,

I am a comparative newbie and need help

I run Win 98SE and have a trojan named as above and also comes up as D\Install.reboot.exe

I cannot install any programmes from D: drive for when I do, the blue screen comes up and I have to reboot. I can't therefore load Trojan Hunter or Hijack this.

I've been told I should delete some entries in the registry by hand but don't know how to do this.

Can anyone advise me please?

Thanks
Jeff
UK

[Advertisements]

Welcome to GTG.

Do a ctrl+alt+del. Do you see trojan.win32.reboot.exe listed there? If so, end it and then try to search for that file and delete it.

Install programs on your c: drive? Unless you can't for some reason? HijackThis should work also without needing you to install it even.

[greyknight17]

Welcome to GTG.

Do a ctrl+alt+del. Do you see trojan.win32.reboot.exe listed there? If so, end it and then try to search for that file and delete it.

Install programs on your c: drive? Unless you can't for some reason? HijackThis should work also without needing you to install it even.

[jeff16tp]

Thanks for your reply Grey Knight. Hope this info is ok.

I cannot load any programmes nor can I actually run any programmes because the system just goes to the fatal error screen then reboots.

In desperation I reformatted, then ran Panda Titanium virus scan and that reproted a 'boot sector virus Trj/reboot.exe

I have now reformatted again.

Meanwhile, using my xp pro computer I scanned the mainboard driver disk and it came up with this report that I'v pasted:

ntl Netguard Anti-virus
Scanning Report (26/02/2006 10:52:34)
Master Boot Records and Fixed Disk Boot Sectors
Scanned 1 Master Boot Record(s) for viruses.

Scanned 1 Boot Sector(s) for viruses.

Your Master Boot Record(s)/Boot Sector(s) are not infected.

Files
Drive D:\
D:\Utility\Recovery Genius\ENG\RECOVERYGENIUS\SIMCOM.DLL

File is infected with "W32/Lasta.A@bd" virus. The file could not be deleted.
Files scanned: 3827
Infected files: 1
Disinfected files: 0
Deleted files: 0
Files unable to scan: 0
Report Summary
Files scanned: 3827
Total infected files: 1
Total disinfected files: 0
Total deleted files: 0
Total files unable to scan: 0
Anti-virus engine status
Last update: 26/02/2006 10:43:16
Virus definition file: avsdk-20060560.msp
File generated by ntl Netguard Anti-virus

[greyknight17]

Yikes...haven't seen a boot sector virus for ages

Do you know what that recovery genius program is for?

That file might be legitimate though...can you find more information on it? Right click on that file (D:\Utility\Recovery Genius\ENG\RECOVERYGENIUS\SIMCOM.DLL) and go to Properties to find out the description and company name if any and see if you recognize it.

Back it up to a blank floppy just in case it's needed. Then we'll delete it...

Download KillBox http://www.greyknigh...spy/KillBox.exe. Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. Right click and copy the below lines. Go back to KillBox. Go to File->Paste from Clipboard and then hit the button with a red circle and white X. Confirm to delete and when asked if you want to reboot, say Yes:

D:\Utility\Recovery Genius\ENG\RECOVERYGENIUS\SIMCOM.DLL

If you get a PendingOperations message, just close it and restart your computer manually.

Restart...see if it's still found now.

[jeff16tp]

Grey Knight, you sir, are a true Knight Errant

Many thanks. I followed your instructions to the letter, used your 'Killbox' and it worked a treat.

The computer is up and running now and I've installed Hijack This and some other bits recommended on this site. Again, thanks mate.

Regards
Jeff
UK

[greyknight17]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.