Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hello, I'm new and I have a problem


  • Please log in to reply
8 replies to this topic

#1 ssellet

ssellet

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:22 AM

Posted 30 January 2005 - 05:17 PM

Hello everyone,

I'm not sure if this is the place to start, but I was referred here so I'm giving it a shot. I was just given a used computer, (bought from a used computer store) as a late Birthday/Christmas present about 1 month ago. About 2 weeks ago, I installed the 15 day Norton Antivirus free trial. Two nights ago (1 or 2 days before the trial ran out) I was running Adaware when a Norton message came up informing me I had a Trojan Horse virus! Alarmed would understate how I felt. Anyway, I finished running adaware, ran Spybot S&D then ran Norton system scan, quarantined it, clicked fix, got message cannot fix, then tried to send it to semantic, as recommended, but got message that it was unable to be sent.

Since NAV couldn't fix it, I'm not exactly rushing to purchase it because I understand some horses can disable the antivirus currently installed (correct?) I thought I would run McAfee trial, but didn't find a trial from them. Even after I quarantined it, I noticed my computer is running even slower (than my dialup connection usually does). I'm trying to avoid taking this baby back to the store (for the umpteenth time because I've had other problems that were finally rectified, although an "ATAPI cd boot fail message" continues to appear and has from day one. They said it's normal. (!?!) Perhpas more on that later) The main question I have is: Is there a way I can be certain of ridding this from my system, (deleting it? - haven't done that yet) and tracking it's progress or activities to it's root?

I'm glad you're here and I look forward to hearing from you.

Take care,
ssellet

BC AdBot (Login to Remove)

 


#2 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:06:22 AM

Posted 30 January 2005 - 05:25 PM

I'm with you ssellet 'bout not rushing to buy NAV.
I've used SystemWorks, etc. also.
Just not lately.
No reason to with better freeware available to use, ah did I say FREELY?

An excellent free program is AVG, if you need an option.
This program can be set to automatically scan & either auto-update or
you may choose to do that yourself.
Virus definition updates with this program occur frequently, which is very good.

Uninstall Norton at Add/Remove programs.
Seek out the program files to confirm they are gone.
Delete 'em if they aren't

I've had those ATAPI CD-Burn errors, too.

What windows version/updates do you have?

(more on the atapi errors, later)

Welcome to bleepingcomputer.com


:thumbsup:
patiently patrolling, plenty of persisant pests n' problems ...

#3 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:09:22 AM

Posted 30 January 2005 - 05:30 PM

Hi ssellet and welcome to BC

The short answer is that all hope is lost. There is nothing you can do to reclaim your computing life so just go and throw your self off a cliff or something. :thumbsup:

Having said that, not to worry we'll fix you up.

Go to a forum that deals with your OS and lets take it from there.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#4 ssellet

ssellet
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:22 AM

Posted 30 January 2005 - 05:53 PM

Hi Phawgg. Thanks for your quick reply. Acknowledged on the NAV, awa AVG and Systemworks info. I guess I'll be trying AVG. Um, I don't think I know how to auto update (sounds pretty basic though). Should I still uninstall NAV even though it has an X over the icon on the task bar? Major ?: How do I seek out "the" program files and are "the" program files "the" infected ones? OS is Windows ME. I went to a cram course comp school quite some time ago. Never ended up using a lot of it, I guess that would be the more technical end of it actually. You lose what you don't use.

Now, I was just going to grab the report info from NAV, and copy and paste it in here, in case it would help, but I can't access that now. :thumbsup: (why no picure?) Anyway, I just remember it saying something about temporary internet files and rare. :|

#5 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:09:22 AM

Posted 30 January 2005 - 05:59 PM

Delete your Temporary Interet files. Or as pwhagg would say ......................

I don't know, pwhagg this is too ethereal for me.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#6 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:06:22 AM

Posted 30 January 2005 - 06:09 PM

Step one is this one:

Set your PC to: show hidden files.
First link is XP...Second should cover it.
Additional information here.

Also, make sure the contents of your C:\ are not hidden

My Computer -->Local drive (C:) hard drive double-clicked should take you
to that HD. If "the contents of this drive are hidden" look for a way to "show them".

(I used win98 & nowwinXP, so I'm not certain of winME exact step-by-step)

Basically, show all your files and search around, making NO deletions as of yet.

I'll post again, shortly

I don't know, pwhagg this is too ethereal for me.

I am?:thumbsup:

Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product.

from wikipedia, Heck I had to look it up.

Edited by phawgg, 30 January 2005 - 06:21 PM.

patiently patrolling, plenty of persisant pests n' problems ...

#7 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:06:22 AM

Posted 30 January 2005 - 06:39 PM

I noticed my computer is running even slower (than my dialup connection usually does). I'm trying to avoid taking this baby back to the store


For this reason I also think we should not ignore the possibility of malware.
Problems can develop involving hijacks or other spyware issues quickly.

It wouldn't hurt to read How to post a HJT log and follow the suggestions contained.
patiently patrolling, plenty of persisant pests n' problems ...

#8 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:09:22 AM

Posted 30 January 2005 - 07:06 PM

Everybody wants to do HiJack This

Yadda Yaddda Yadda.
Who posted this thread. Is that important?

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#9 ssellet

ssellet
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:22 AM

Posted 30 January 2005 - 11:14 PM

Ok Phawgg, my duh on auto update. In fact, running noticable faster since I ran adaware, spybot s&d and spyblaster a little while ago. Deleted temp int files and program files (automatically selected), NAV uninstall, and followed procedure to unhide files. I located the file info from NAV on the trojan. If it would help, I can post it here. Thank you! Will review HJT.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users