Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

After A System Restore


  • Please log in to reply
4 replies to this topic

#1 Damdest Thing

Damdest Thing

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 24 February 2006 - 12:40 PM

After a Sytem Restore on my Sony Vaios desktop with XP Home, I installed Norton Internet Security 2006. after following ALL of the instructions to set up Nortons firewall, I began to get tons of Symantec screens alerting me that I was sending emails out with the heading "Happy New Year" and "Hi" among others. I shut down the connection, and deleted all the messages.

I then checked to see if I had firewall, Norton said I did, but Windows firewall had an error message. I ripped Norton out, and rebooted, checked windows, and there was still an error message on windows firewall.

Any idea what is causing this? my kids like to use AOL AIM, which I removed.

Ray

BC AdBot (Login to Remove)

 


#2 loukas30

loukas30

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 24 February 2006 - 02:26 PM

When people use AOL AIM a media runner gets installed on your computer donwload Hijackthis and post your log here then i will determine what your problem is.

#3 franktiii

franktiii

  • Members
  • 309 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 24 February 2006 - 03:06 PM

I would reinstall the Norton, it is not the best security package, but its firewall monitors outgoing traffic. The Windows firewall was probably complaining about being shut down.

You should only have one av program and one firewall program.

I would recommend running the Hijack This Log and letting the HJT this team review what is going on in your system, it does sound like you have a virus or spyware program sending something out from your computer.

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:09:15 PM

Posted 24 February 2006 - 08:39 PM

Hi Damdest Thing

Instructions for receiving help in cleaning your computer can be found here
Preparation Guide For Use Before Posting A Hijackthis Log.

Post your log then in the HJT forum.
Please be patient and wait for a review by a qualified member of the HJT Team.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#5 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:08:15 PM

Posted 25 February 2006 - 01:03 AM

Norton bundles, while having a decent firewall are notorious resource hogs.

Zonealarm SE freeware will do a more than adaquate job as it protects against incoming and outgoing threats, and one of the freeware AV programs such as AVG will do a good job without hogging system resourses.

You obviously have a trojan sending contaminated emails to everyone in your address book, and even worse, your computer may have been turned into a zombie. If you have a telephone line connected to the computer I would disconnect it immediately as you may also have phone homes that will dial 900 numbers and run your phone bill up to unbelievable amounts (and yes, you will be legally responsible for the bills)

Notify everyone in your address book that you have a trojan infection and not to open attachments sent from your computer.

When you reinstalled Windows did you immediately update to SP1 and/or SP2 (whatever's applicable)? If you did not, even the puny Windows firewall was not on by default until SP2 was installed, and your unpatched system was susceptable to myriads of exploits that the security patches in the MS Critical updates fixed.

Unfortunately, until you completely clean the infections you cannot just download SP2 as you will have numerous system problems if you do.

Since you just reloaded the op system the best way to clean it may well be to reformat it again and do another fresh install.

Once you do it, and before you connect to the internet, enable the puny Windows Firewall and if you have Norton on a disk install it. Update the latest virus definitions immediately upon connecting to the internet, then go to Windows Updates and set it to download and install all updates automatically making sure you get the Microsoft Critical Updates immediately, then download ZoneAlarm SE or one of the several other freeware two way firewalls that are available, enable it and then disable XP's firewall.

You should also download, install and update a variety of anti-malware aps starting with AdAware SE Personal (the freeware version is sufficient), Spybot Search and Destroy (enabling Teatimer which provides real time protection against unwanted registry changes and hijackers, and don't forget to "immunize" your computer after you update Spybot), and the new anti-malware ap from Microsoft - Windows Defender which also provides realtime protection.

Anti-malware freeware (You can run as many of these as you wish. Generally there is no conflict between these and you should always run several)

Ad-Aware SE Personal is a free version and it can be downloaded from their Mirror Sites in the Download section at Lavasoft websites.

http://www.lavasoft.com/

Click on Adaware SE Personal in “Products” on the left side of the page

Or

http://www.lavasoft.de/software/adaware/

or

http://www.download.com/3405-8022-5153545....ubj=dl&tag=top5

or

http://fileforum.betanews.com/detail/Adawa...nal/965718306/1

Spybot S&D: http://www.safer-networking.org/en/index.html
Be sure to enable “Teatimer” which gives you realtime protection.


Microsoft Windows Defender
http://www.microsoft.com/athome/security/s...re/default.mspx
This also provides realtime protection.

SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html

Microsoft Malicious Software Removal Tool (Win XP and Win 2000):
http://www.microsoft.com/security/malwareremove/default.mspx

AČ - Free from http://www.majorgeeks.com/download4281.html . Run it, click Search for Updates, then click Scan.

Some web based scanners to put in your "favorites" should you need them:

Web based online Antivirus and anti-malware scans: (these can be run regardless of whatever else you are using. You must use Internet Explorer to run these or download the Active X addon in Firefox.)

Kaspersky Anti-Virus Web Scanner
http://www.kaspersky.com/service?chapter=161739400#betatest


Panda Activescan
http://www.pandasoftware.com/activescan/co...n_principal.htm

Trend Micro antivirus European Edition (supports Mozilla based browsers)
http://uk.trendmicro-europe.com/consumer/h...call_launch.php

Etrust Anti-virus web scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx.

online trojan scans here -
http://scan.sygatetech.com/pretrojanscan.html


Windows Security Trojanscan
http://windowsecurity.com/trojanscan
See instructions for it here:
http://www.windowsecurity.com/trojanscan/trojanscan.asp

Edited by Enthusiast, 25 February 2006 - 01:16 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users