| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 51643 | 2004-11-26 03:24:00 | Damned TROJAN! | Kansas (6448) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 296546 | 2004-11-26 03:24:00 | HELP! HELP! HELP! I keep getting pop ups to say that Norton Antivirus has detected and deleted viruses. Reoccuring even after I've turned system restore off and then scanned for viruses and then reactivated system restore. After doing this yesterday, and using the computer - I just received another pop up. This is what it says: NORTON ANTIVIRUS HAS DETECTED AND DELETED A VIRUS Object Name: C:\WINDOWS\system32\.pif Virus Name: Download.Trojan Action Taken: The file was automatically deleted. Can anyone please help me with 'straight forward' advice? Thanks :) |
Kansas (6448) | ||
| 296547 | 2004-11-26 03:36:00 | run spybot with the latest def file. also post your hijackthis log, by running hijackthis software. it will scan your system for all stuff u are running .. I believe u maybe infected with a virus that regenerates itself after each reboot or after each time you go back on the net.... |
nomad (3693) | ||
| 296548 | 2004-11-26 04:05:00 | Actually it is a trojan , not a virus. First you need to cleanout your temp internet files and temp folder. The easiest way to do this is use Ccleaner (http://www.ccleaner.com/) Next is to ensure your definitions for Nortons are up to date. Restart into safemode , then run Nortons again. You can also get a second-opinion by using an online AntiVirus sacn/clean from Trend online (housecall.antivirus.com) |
Pheonix (280) | ||
| 296549 | 2004-11-26 04:19:00 | There is an exe that respawns it,Norton fails to delete the .exe. You need to shut down the service/remove it from startup,clean up the files manually and then do a system scan. Luckily when it respawns (which it will probally do as soon as you start tracking it) it randomly renames itself. Good luck. |
metla (154) | ||
| 296550 | 2004-11-26 04:25:00 | Hence the advice to startup in safemode. The trojan will not start, and then Nortons will kill it. | Pheonix (280) | ||
| 296551 | 2004-11-28 07:36:00 | Thanks . I feel though that I have exhausted all efforts . I have done the whole system restore, scans and starting in safe mode, and finally just completed all the recommended steps in Norton help and support to get rid of a 'worm' Korgo . I was not able to find anything in the start up, and failed to delete a worm that was being detected by Norton, but failing to delete . I have all the filenames of everything that was in the threat alerts log, but have had no luck . Possibly a lost cause, going to take this to a technician as a last resort, as I'm lost! Preparing my own 'eulogy' as my sister is coming for her computer tomorrow - Oh! There goes that pop up warning again :( Farewell Cruel World |
Kansas (6448) | ||
| 296552 | 2004-11-28 07:45:00 | Did u try trojan remover for the last post u posted about the other trojan/worm I replied to?? | Spacemannz (808) | ||
| 296553 | 2004-11-28 08:16:00 | I just very recently had a hell of a tussle with a variant of this thing. Metla is bang on but depending on the variant it can be an extremely clever adversary and I have to admit I lost the fight and I consider myself a pretty advanced user nowadays having saved literally dozens of PCs from virii, worms and trojans. Sounds to me like you are in the same position I eventually found myself in and realistically it is going to be far cheaper and easier to just give up trying, save what you need, reformat (including the MBR just in case) and reinstall clean. |
John Grieve (367) | ||
| 296554 | 2004-11-28 08:43:00 | Thanks for your post Spacemannz . . . just went through the process of downloading and scanning with your recommended Trojan remover . It detected nothing . Thanks anyway :) |
Kansas (6448) | ||
| 296555 | 2004-11-28 08:46:00 | Thanks for your post John :) Could you explain in more detail what you mean....just so that I'm perfectly clear on the instruction. How do I clean and reinstall etc... Thanks :) |
Kansas (6448) | ||
| 1 2 3 | |||||