PC VIRUS HELP! My laptop running XP has something nasty.
December 29, 2011 11:26 AM Subscribe
Does anybody have any ideas on a fix short of a re-installation of Windows?
AVG is giving me a warning stating:
File name: c:\WINDOWS\system32\drivers\mrxsmb.sys
Treat name: Trojan horseAgent3.BASN
A week ago my web browsers were running slow. I ran several scans in safe mode and regular mode.
Mcafee has found and deleted a few viruses. Malwarebytes has done the same. AVG continues to pull up the message above.
I uninstalled and reinstalled Firefox and Internet Explorer and deleted several restore point files with potential infections.
I can't find much info on the web except that c:\WINDOWS\system32\drivers\mrxsmb.sys is a critical file and cannot be removed. AVG has told me the same.
AVG is giving me a warning stating:
File name: c:\WINDOWS\system32\drivers\mrxsmb.sys
Treat name: Trojan horseAgent3.BASN
A week ago my web browsers were running slow. I ran several scans in safe mode and regular mode.
Mcafee has found and deleted a few viruses. Malwarebytes has done the same. AVG continues to pull up the message above.
I uninstalled and reinstalled Firefox and Internet Explorer and deleted several restore point files with potential infections.
I can't find much info on the web except that c:\WINDOWS\system32\drivers\mrxsmb.sys is a critical file and cannot be removed. AVG has told me the same.
Assuming you're logged in as administrator, and it is not a false-positive:
Start>Run>cmd
sfc /scannow
Do what it says. This might fix it.
If not go for the hail mary since it is a SMB component: deinstall "Client for Microsoft Networks" and try to (can't remember if it will still let you, if not no big deal) deinstall the "TCP/IP" protocol off of every one of your network adapters. Reboot when prompted, and reinstall them. And then reboot again.
If your computer is a member of an AD domain, you might need to re-join it with your AD account.
posted by Threeway Handshake at 11:33 AM on December 29, 2011
Start>Run>cmd
sfc /scannow
Do what it says. This might fix it.
If not go for the hail mary since it is a SMB component: deinstall "Client for Microsoft Networks" and try to (can't remember if it will still let you, if not no big deal) deinstall the "TCP/IP" protocol off of every one of your network adapters. Reboot when prompted, and reinstall them. And then reboot again.
If your computer is a member of an AD domain, you might need to re-join it with your AD account.
posted by Threeway Handshake at 11:33 AM on December 29, 2011
Did you consult this page?
http://www.file.net/process/mrxsmb.sys.html
Since you seem to have caught several bug I would strongly suggest to save your data and perform a radical voodoo session (reinstall everything).
Preferably also change passwords for your most sensitive sites / data.
posted by homodigitalis at 12:04 PM on December 29, 2011
http://www.file.net/process/mrxsmb.sys.html
Since you seem to have caught several bug I would strongly suggest to save your data and perform a radical voodoo session (reinstall everything).
Preferably also change passwords for your most sensitive sites / data.
posted by homodigitalis at 12:04 PM on December 29, 2011
Response by poster: I've been trying to this for so long I think I'm going to do the thing I am loathe to do. REINSTALL. Thanks for the advice.
posted by 4Lnqvv at 1:07 PM on December 29, 2011
posted by 4Lnqvv at 1:07 PM on December 29, 2011
There is excellent advice on fighting viruses and malware in the profiles of deezil...
That information is very good but, quite frankly, it'll take you hours to step through it all and even after that you'll have no idea if you are truly malware free. It'll probably take just as long and be more effective if you do a reinstall from scratch.
One day I'll update my own profile with a fast way to reinstall Windows from scratch.
posted by mr_silver at 2:39 AM on December 30, 2011
That information is very good but, quite frankly, it'll take you hours to step through it all and even after that you'll have no idea if you are truly malware free. It'll probably take just as long and be more effective if you do a reinstall from scratch.
One day I'll update my own profile with a fast way to reinstall Windows from scratch.
posted by mr_silver at 2:39 AM on December 30, 2011
Reinstalling Windows isn't usually the time consumer. Catching up on patches is more time intensive, and at least for me reinstalling all my apps is the big time sink.
posted by Chocolate Pickle at 7:41 PM on December 30, 2011
posted by Chocolate Pickle at 7:41 PM on December 30, 2011
Response by poster: Ain't that the truth Chocolate Pickle. Ain't that the truth.
I'm cloning the clean install this time around.
posted by 4Lnqvv at 10:27 PM on December 30, 2011
I'm cloning the clean install this time around.
posted by 4Lnqvv at 10:27 PM on December 30, 2011
This thread is closed to new comments.
posted by IanMorr at 11:33 AM on December 29, 2011