Trojan horse. Cant access hard drive. Computer lock ups

Prodigy146

Fully Optimized
Messages
1,751
Ok i never thought this would ever happen to me, but its probably cause i havent used windows xp in a while. ;)

Ever since i installed pg2 my computer now wont let me get into to C:, i can play games go on the internet and if i go to my documents and type C: and i can access the files. but when i double click the c: drive icon it gives a message: RECYCLER\S-9-2-88-100029689-100026696100018345-2959.com

And before i couldnt even access the internet but when i uninstalled pg2, google came right up (and yeah pg2 was not running and http was allowed anyway) Also if i do any hard drive intensive tasks (defragging, uninstalling) the computer locks up which i think is my fault for using a Seagate Momentus 5400.2 on my desktop :rolleyes: but it never locked up before

i had avast do boot up scans (it did find a trojan horse and it has been blocking a trojan file that is automatically being put into my temp folder without me even getting a prompt names.

The name of the trojan from my scan: NSIS:Fasec from codecsetup8493.exe
Name of file that avast is constantly blocking JS:packed-AD coming from http://stats-analytics.cn/sp/index.php\index

But even when avast deletes those files, it doesnt solve the problem. i think this is gonna get much worse, what can i do?
 
Well If you can get into your temp folder find the trojan and RENAME it with something eg.trojan and then the trojan should be blocked.
 
it never enters my temp folder anymore avast deletes it with a 7-pass system (it takes forever) but it keeps coming. and avast keeps deleting it but i've blacklisted the site in firefox now so idk
 
Name of file that avast is constantly blocking JS:packed-AD coming from http://stats-analytics.cn/sp/index.php\index
QUOTE]

I swear to God when I logged in to ComputerForums today (literally like 15 min ago), Avast flagged that same exact thing...I didn't take time to read it in detail but I know it was "stats-'somethign'" and I just hit "abort connection" on Avast and thought nothing of it since I figured it was just an advertisement or something...

What are the odds of that? Hmm...I wonder what's up with all that...
 
Strangely, this happened to me today... Not exactly the same thing, but it came from the same source: stats-analytics.cn/cp/index.php.

AVG popped up with that, saying that its found an exploit, and Firefox, until a restart, wouldn't display http://, it had deleted bookmarks, and history, etc, etc.

Don't know its at all related, but I got a bit worried.


But without hijacking this thread, which I don't want to do, what is this stats-analytics?
 
your not hijacking the thread at all man.. that virus from stats analytics is screwing up my computer. and i kinda remember going to cf when i got that message too

and the thing is i installed avast after i notced my computer was infected. who knows what got through to my computer

and like kage said does anyone know what stats analytics is?
 
Unfortunately, once I virus has had a chance to infect your computer there is no 100% guarantee that after it is removed that it didn't change settings in your computer for the worse. If I were you I would bite the bullet and do a fresh install =)
 
i also tried to do a windows file protection scan.

C:\>sfc /scannow
Windows File Protection could not initiate a scan of
protected system files.

The specific error code is 0x000006ba [The RPC server is
unavailable.]


EDIT: i looked into it and viruses often block the rpc from running, i checked my services and i was unable to start my rpc service. it was set to disabled and the box was grayed out so i couldnt change it. so maybe the virus did mess with my windows files


fackin windows wheres my kalway dvd xD
 
Back
Top Bottom