urgent help needed - re a trojan horse

  deneka 18:15 02 Aug 2004

This has been happening 4-5 times a day for the last two days now. I keep getting a pop up saying that trojan horse has been detected on my pc & to run AVG to remove the virus. I've ran AVG & Norton Internet security.

The two infected files are :

c:\program files\windupdates\winka.exe


c:\program files\windupdates\winupdt.exe

No matter what i do i can't get rid of these files. I've tried moving to virus vault & healing and it says that access is denied, to make sure the disk is not full or write protected????

I have tried using add/remove program & it just says that the files cannot be removed & ive tried just putting them in recycle bin & i cant.

But as soon as i switch the pc off & back on, the warning comes up again.

Please..... any ideas?

  Fruit Bat /\0/\ 18:21 02 Aug 2004

Follow these steps:

1) Call up your task manager and identify the WinKA.exe and WinUpdt.exe processes. Be prepared to terminate them, but don't bother to do it yet.

2) Open the folder WindUpdate containing the three files, WinKA.exe, WinUpdt.exe, and Comm.dll.

3) Rename WinKA.exe and WinUpdt.exe to WinKA.txt and WinUpdt.txt

4) Using a text editor such as notepad, open WinKA.exe
Totally corrupt the file by typing random characters throughout the file. Just have fun with your keyboard. You can't save the file though yet, because its running.

5) Now you can terminate WinKA.exe in the Task Manager. Then click on the save button on Notepad so that WinKA.txt is corrupted.

6) And now you can delete or erase the file. Follow the same steps to rid yourself of WinUpdt.exe. And then Comm.dll can be erased without any trouble, as can the folder WindUpdate.

  Dorsai 18:30 02 Aug 2004

Would not Just terminating them, and then deleting them work? or am i missing somthing?

  deneka 18:31 02 Aug 2004

I wasn't sure what you mean't by task manager, but i went into c:\program files\windupdates & right clicked, clicked on rename & renamed as you said.

When i try to open the file it says :

Windows cannot access the specified device, path or file. You may not have the appropriate permissions to acess the item.

I don't understand this?????

  deneka 18:32 02 Aug 2004

how do i terminate them??

I dont understand all the technical talk :(

  Dorsai 18:42 02 Aug 2004

And that could well be what i am missing.

To Terminat them, press 'Ctrl' 'Alt' 'Del' all at the same time.

This will open the Task manager that Fruit Bat /\0/\ mentioned. What happens when you do this depends on which version of windows you have.

What Windows have you?

  deneka 18:45 02 Aug 2004

I have Windows XP professional.

I now know what fruit bat means by task manager thanks. I am not sure how to get the files into my task manager though.

But i just tried opening one of the files & it switched my pc off, when i rebooted, it said that the system had just recovered from a serious error and advised me to send an error report to microsoft.

I think this is a particualarly bad virus, because it keeps warning me all the time & i just can't get rid of it :(

I need step by step instructions please :D

  Fruit Bat /\0/\ 18:53 02 Aug 2004

Ctrl +alt+del

Taskmanger applications tab

select winKa

click End task

select winupdt

click end task


AVG should now beable to move to virus vault

  deneka 18:56 02 Aug 2004

fruit bat

when i go into task manager as described above, all thats there is multimedia launcher & pc advisor.... I don't understand how i can close the task when its not there in the first place.

I cannot open the folders or anything.

  Dorsai 18:57 02 Aug 2004

I have XP home, but hope things are mostly simular.

If you cant see the two programs you want to terminate, are you signed into windwos as a 'limited' user or an 'administrator'

  deneka 18:58 02 Aug 2004

i dont know. i'm the only one who uses the pc & i'm the one whos name xp and the pc was registered in.. so i guess administrator

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

OnePlus 6 review

Procreate's iPhone app offers new brushes, a larger canvas and better support for the iPhone 8/X

Best multi-room speakers for iPhone & Mac owners

Streaming : comment regarder le lancement de Xiaomi en France ?