View Full Version : Trojan wont go away.

21-04-2005, 10:48 PM

I am running windows xp pro and I somehow got this trojan: Trojan horse collected.5.L.

It leaves msdirectx.sys in my documents and settings each time I boot up (I delete it each time). Avg won't update and msconfig and regedit wont start either. I think I saw (when I could) systeminfos.exe in startup in msconfig and in task manager (which also doesn't go) running services.exe.

It now won't launch test center for AVG Free so maybe it is getting worse. I think I had another virus but I can't check what the name of it was.

Kerio pops up asking for something to connect to my computer..

Sigh, time for a macintosh.

Any help please?


21-04-2005, 11:04 PM
You've run all your spyware removers?
How about Hijackthis?

22-04-2005, 12:12 AM
I downloaded it. But, would you believe, it didn't open!? :O. Sigh. I had a look at Kerio and systeminfos is connecting to some place; so that doesn't look too good.

22-04-2005, 12:44 AM
This is a very nasty worm by all accounts. Have you tried googling for it? This reference may help. http://discussions.virtualdr.com/printthread.php?t=186281

You may have more luck trying to delete its files in safe mode.

Best of luck.

22-04-2005, 12:45 AM
Try Stinger, it may help:


22-04-2005, 12:57 AM
Maybe one of these will help:


22-04-2005, 07:26 AM
YOU could also get a little prog called 'move on boot' and 'restrict app' the first deletes files before they get up an running during the boot process and the second is very useful cause you use it to stop files from running......

22-04-2005, 09:43 AM
music man i think you found your own solution to your problem "sigh time for mac".

22-04-2005, 11:33 AM

Hijack this won't open. Thanks for your replies. It looks like quite a long task to delete this trojan. I don't fancy having someone browsing my computer with me... I suppose I should do an online scan on my dialup though I don't like to think how long it will take.

These companies must make a fortune by having the internet so insecure for windows users.

22-04-2005, 12:04 PM
These companies must make a fortune by having the internet so insecure for windows users.

I'll re-phrase that.

"These companies must make a fortune by having Windows so insecure for internet users"

Remember the internet is just like streets and motorways, some houses you visit are of questionable nature, like the internet some web sites are also. You wouldn't leave your house unlocked and not alarmed these days, don't leave your "windows" open and insecure.

22-04-2005, 04:00 PM
Try starting in safemode and running Antivirus scan and hijackthis. Also, if you have a little knowledge to be dangerous :D , then utilse this startup analyser from A2 (http://www.hijackfree.com/en/)

22-04-2005, 06:54 PM
Well I fixed it I think. For other people this is how I did it.

I ran the computer through safe mode and logged in as Adminstrator. I then went into the Windows folder and into system32. I found systeminfos (not systeminfo) and deleted it.

I then went to Documents and Settings for Administrator and deleted msdirectx.sys.

I rebooted and AVG and the other things worked.

I also deleted any systeminfos things in Kerio.