Possible virus?
Discussion
Anyone come across a file nkiao.sys?
AV came up with a couple of problems, so into safe mode, got rid of one or two of the usual trojans from my c:\temp folder and that seemed about it.
The programme (Avira free) then told me it couldn't open the above mentioned file (which only appeared this evening) so I tried renaming it to *.tmp but it wouldn't let me. It also has decided not to let me update Malwarebytes, so I'm assuming it's this which is causing my problems?
This is all on my main machine, which I need running tomorrow morning.
Just hoping someone can help me delete/rename it as I'm really not in the mood for running a full backup at this time of night.
Thanks.
AV came up with a couple of problems, so into safe mode, got rid of one or two of the usual trojans from my c:\temp folder and that seemed about it.
The programme (Avira free) then told me it couldn't open the above mentioned file (which only appeared this evening) so I tried renaming it to *.tmp but it wouldn't let me. It also has decided not to let me update Malwarebytes, so I'm assuming it's this which is causing my problems?
This is all on my main machine, which I need running tomorrow morning.
Just hoping someone can help me delete/rename it as I'm really not in the mood for running a full backup at this time of night.
Thanks.
Hirens boot CD has a number of malware removers
http://www.hirensbootcd.net/
http://www.hirensbootcd.net/download/Hirens.BootCD...
http://www.hirensbootcd.net/
http://www.hirensbootcd.net/download/Hirens.BootCD...
By the post about a security suite taking over your PC are you on about these "Internet Security 2010" viruses that pretend to scan your pc and find lots of viruses then not let you use them until you pay a fee to them? These are absolute barstewards to get rid of.
I do it manually as the ones I have seen have always stopped you installing other anti-virus programs or even visiting the download sites in your browser!
I do it manually as the ones I have seen have always stopped you installing other anti-virus programs or even visiting the download sites in your browser!
- Boot into safe mode
- One here click on start, run, then type msconfig and press enter. (if on Vista just click start and type msconfig)
- A window will pop up, go to the start-up tab and then untick anything that looks suspicious or that resembles the name of the security suite that starts up (so say its called internet security 2010, untick anything that is called this or IS2010 etc)
- Do the same for the services tab to stop the service that is hijacking your computer and stopping your normal anti-virus from running.
- Next click apply and then close MsConfig, you will be prompted to restart.
- Allow the computer to restart and, fingers crossed, you will boot up normally with no hijacking of your computer.
- Lastly, run your anti-virus which *should* now be able to remove the files, if not, boot back into safe mode and remove them yourself or search on google for the name of the virus and most will have a removal tool for download. (just scan the file first!)
Edited by ymwoods on Thursday 12th August 06:43
For these nasties sometimes you need a bit of help.
Try a post on the Malwarebytes or BleepingComputer forums. They have guys on there that will personally guide you through the process of manually getting rid of whatever it is.
One of them helped me earlier in the year, took a couple of days of me following instructions - only a couple of hours of real time most of which was scanning and posting log results onto the thread.
Try a post on the Malwarebytes or BleepingComputer forums. They have guys on there that will personally guide you through the process of manually getting rid of whatever it is.
One of them helped me earlier in the year, took a couple of days of me following instructions - only a couple of hours of real time most of which was scanning and posting log results onto the thread.
Firstly, thanks for all the replies.
Yes, it was one of those *anti-virus* programmes. No idea where it came from, but certainly know where it's gone.
I had a couple of attempts to remove it in safe mode, but as soon as I booted back to Windows it came back again.
To be honest, life's too short to start getting rid of things one by one, so I just formatted, ran a back up and we're up and running again.
All I can suggest is to keep constant back ups of your system.
This machine gets a full back up every Wed (internal drive) and Friday (external in another building)
Also all documents are backed up to FTP every night (with File Fort), and to lappy (via SyncToy) every day after finishing.
Paranoid? <Churchill dog>Oh Yes.</Churchill dog>
Both the bottom ones are free software. I use Acronis for the main backups, though Recuva <sp> will do the same and is also a freebie.
All links are in the useful freeware apps sticky at the top of this page, apart from Synctoy which is a gift from Microsoft.
Hope that this will maybe help others to avoid the same problems?
Cheers.
Yes, it was one of those *anti-virus* programmes. No idea where it came from, but certainly know where it's gone.
I had a couple of attempts to remove it in safe mode, but as soon as I booted back to Windows it came back again.
To be honest, life's too short to start getting rid of things one by one, so I just formatted, ran a back up and we're up and running again.
All I can suggest is to keep constant back ups of your system.
This machine gets a full back up every Wed (internal drive) and Friday (external in another building)
Also all documents are backed up to FTP every night (with File Fort), and to lappy (via SyncToy) every day after finishing.
Paranoid? <Churchill dog>Oh Yes.</Churchill dog>
Both the bottom ones are free software. I use Acronis for the main backups, though Recuva <sp> will do the same and is also a freebie.
All links are in the useful freeware apps sticky at the top of this page, apart from Synctoy which is a gift from Microsoft.
Hope that this will maybe help others to avoid the same problems?
Cheers.
had the same problem.
Wasn't antimalware doctor was it?
I couldn't get on any AV sites, and malwarebytes wouldn't update, neither would defender.
In the end used rkill and then updated malwarebytes. That sorted it.
Mcafee never found anything before, during or after which is a bit worrying
Wasn't antimalware doctor was it?
I couldn't get on any AV sites, and malwarebytes wouldn't update, neither would defender.
In the end used rkill and then updated malwarebytes. That sorted it.
Mcafee never found anything before, during or after which is a bit worrying
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff