Trojan Horse collected.5.l

[Guest_Pete_*]

I have been round the block trying to get rid of that Trojan collected.5.l. I gave up and tried to run the recovery disk on my laptop. The boot up option is to read the CD ROM but it just bypasses it. I tried accessing it while running within windows and it just spits the disk out.. I don't have an 'a' drive just a CD ROM. I am out of warranty so the shop is not interested. Please any ideas how to format my hard drive and will this cure the virus? Thanks anybody for help.

[Majika]

Post a copy of your registry here so I can take a look at it (Not the whole registry) http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/blink.gif\' class=\'bbc_emoticon\' alt=\':blink:\' />

Just:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Also if there isnt to many files do a search of the system32 folder for *.bat and either post them here or try and display the results on some webspace so I can take a better look at ya situation

If you just need to format your Laptop's HDD just boot into safemode by pressing F8 during bootup (at the WindowsXP logo) and then select option "bootup with command prompt only".

And you will be able to carryout a format from there
Format C:\ If I was you I would format my HDD Twice inorder to remove any traces from you hdd. I have heard of cases where data such as mallicious code was still accessable after users done a format.


Another surgestion would be to network to a second PC Pref. an old [censored]ty one. and then Telnet to your laptop (or use a better tool Called PSExec) you can get this form Sysinternals.Com

These guy's rock.  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/cool.gif\' class=\'bbc_emoticon\' alt=\'B)\' /> They design command line tools that are just one step above the rest.

Good info can be found on their website for how to use PSexec or failing that do a quick search on google. There is [censored]loads of info on PSexec.

You can also try:

Windows It Pro  This is another great resource for PSExec.

Basicly PSExec can help you get arround problems just like yours by letting you run processes and services, install/uninstall all sorts of things from a remote PC (Admin$ Shares must be enabled first)

Sometimes though AVirus Companies flag PSExec as a mallicious tool so If you are running AVirus software disable it so it will not delete/quarintine PSExec. Its a very useful tool but, it can be used for some really naughty stuff, Honnestly. Try and post that info and we will take it from there.

If I can think of any other methods in the mean time I will post them back here.
Alternitvly goto my site and drop in the forum to catch me  ThE RoGuEUniT Kr3W'z FoRuMThE RoGuEUniT Kr3W'z WeBSiTe http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/cool.gif\' class=\'bbc_emoticon\' alt=\'B)\' />